Algorithms for programmers 
ideas and source code 


This document is work in progress: read the “important remarks” near the beginning 


Jorg Arndt 
arndt@jjj.de 


Draft version’ of 2008-January-19 


‘The latest version and the accompanying software is online at http://www.jjj.de/fxt/ 


il 


[fxtbook draft of 2008-January-19] 


CONTENTS ill 


Contents 


Important remarks about this document xi 


I Low level algorithms 1 


3 
Td Livia sds Pe a glee bE ae ee ede Re ee doe Eee RM ee GS 3 
Bh i hh Has eS Bod ee wot ag igligtis ean a Se hae 8 
1.3. Operations on low bits or blocks of a word) ........... 0.0000 eee eee 9 
a a ee ee re ee eee ee ae ee 12 
1.5 Computing the index of a single set bit]... 2... 0.0.0... 0... 002.000.2000. 14 
1.6 Operations on high bits or blocks of a word)... ........ 0.0.0.0. .0 000004 16 
Pd Ga 4 bo BR ep rly te a: ak andoe fe: « 18 
1.8 Counting bits and blocks of aword| ... 2... 2.0.0.0... 000000000002 0004 19 
19° =- Bit set, lOOKUP) sexes ee ark ae eo a a ee ee ee ee aoe & 21 
1.10 Avoiding branches]: 2.2.4.4 4 e6¢e eb da LA aad eee eee Oe ES 22 
1.11 Bit-wise rotation of aword|)... 2... 2.2. ...0 2.00002 ee ee 26 
De ee eae ee ee ee oes oe a ee 27 
1.13 Reversing the bits of a word] ... 2... 2... 00.2.2 ee 30 
1.14 Bitewise ZID| 404 4cc.a:4.4.0c.hae eee eee ea PR GE AA e ee ODD Gee BEE 35 
1.15 Gray code and parity]... 2... ee 36 
1G BithSOQuency ||. fo 2844 wld dis eee Oe ea ee Sp a Se PG ee De Re aa ae & 42 
eee a mete oe a eee Ge oe ey Se eo ee Gee de 43 
1.18 Invertible transforms on words]... ......0..00 000 eee ee 45 
Seder 4h A haa ee A See nlanale =o oe Gaee ee S 51 
1:20: The. Z-Order|| ei eae he kk eG bY DSR eee eRe ee eee eee 53 
use ty ees DB ha Ge aye eee ae en a ay Gee 54 
1.22 2-adic inverse and square root]... 2... 55 
baie SIRT A Sik Gh Gage wt Beatie oh oft ede pinned et’ oh Wot. oe we & chvta te. 56 
1.24 A sparse signed binary representation}... 2... 0... ee ee 59 
Me go 8 4A Seed we STs ara! ee eat 61 
1.26 Generating bit subsets of a given word) .........0.0 0... 000000000. 2 eee 63 
sO Garde oat ct chnT Dg hiat ahaa. oe a, eo, eyihe 64 
SA Go a OS ae RR a Rela eae tiers: & 69 
1:29. Fibonacct words) o « :: 2. oo se eke eo Oa ee ee a ee 71 
ene Seo he ee ee eh I ee a reer ee ee eae 74 
Ce ee OO 77 
Oe Ree, eat es a a Rae geste es Pee ee 81 
1.33 CPU instructions often missed]... . 2... ee 84 

85 
2.1 The revbin permutation)... 2... 2... 2 85 


[fxtbook draft of 2008-January-19] 


iv CONTENTS 


2.2. The radix permutation} .. 2... 2... 89 
2.3 In-place matrix transposition}... . 2... 2. ee 89 
Pete Soe Seed ed ek dee! | 91 
eAa ca eer een ek ay Oe Bak ade ai ee yentgdighara arate. wack See a 93 
2.6 The reversed zip permutation)... 2... 2... 95 
2.7 “Vhe-XOR permutation) .2202 wk eae eee ee ee ee we ee 96 
2.8 ‘The Gray code permutation) .. 2... 0... 97 
2.9 ‘The reversed Gray code permutation) .. 2... 20... 2.2 ee ee 101 
oid aed bb Pe ORS ake he 102 
bootie dae eee ee ee eee BOGS 104 
3 Sorting and searching 115 
Sol. DOING) a oe A ee eS ee eh eee BERRA ES ERR 2 oe RY 115 
3.2. ~-Binaty search|: 2.2.4 444 dda whey he ee See eNO be re eee bbe Sau x 117 
3:3. Index Sorting]. 2). acd 444A Yea Oe ee eRe eee R SESE EE PEE we He 118 
3A. POMbEr SOLtING) eg BO a OS Be te A ee RE 120 
be odo Oe BeBe eth eed teak, gle oe a 121 
3.6 Determination of unique elements| .. 2... 2... ee 124 
PG bGeRdt eee Hbeo alee maw a we GOES 125 
3.8 Determination of equivalence classes}... 2... 2 0 ee 127 
3.9 Determination of monotonicity and convexity *|............. 000000000 131 
JO. Heapsort|| 8 < 4% een bh bbe eew beoee dead tA Reese Rae eae wee 134 
3.11 Counting sort and radix sort]... 2... 134 
rece es ee Ge ee ee eee ee 137 
141 
At (Stack (LIBRO). © 6 Sha kokeoe ee ee eR ee ek eR ae awe eae 141 
kc lul tect Uva Gao Beek. ok hh os oe Dla ch oe Sei: a aTglg lees nie. @. dee ok & Bo 143 
4:3 °--Queve.(FIFO)) 26. oo ht eee LP ee eee SERED E EH Rae eee eee SG 144 
4.4 Deque (double-ended queue)| ... 2... 2 ee 146 
4.5 Heap and priority queue]... . 2... ee 148 
4.60. -Bit-array| wae be ee ee ee ea a A eee ee atetet a anee Sie a 152 
4.7___Finite-state machines} .. 2... 2... ee 154 
4.8 Emulation of coroutines}... 2... ee 156 


II Combinatorial generation 159 


5 Conventions and considerations 161 
(ides W  bae ee aa a a we eo ee Ge 161 
5.2. Ranking, unranking, and counting)... 2... . ee 162 
ene bb bbe oe ae we cae dee Be 162 
hhh oe te ale Se ae AK, Ae OE he carr ae atiatiar 4a ae Seon 162 
AP eek he a ie tities Ge ae oe noose tg 164 

165 
6.1 Lexicographic and co-lexicographic order]... 2... 2... ee 166 
6.2 Order by prefix shifts (cool-lex)} . 2... 2... ee 169 
6.3. Minimal-change order}... 2... ee ee 170 
Coren er wrest ec ere: 172 
6.5 Two-close orderings via endo/enup moves}... 2... 0. 175 
6.6 Recursive generation of certain orderings]... 1... 0... ee ee 179 

183 


[fxtbook draft of 2008-January-19] 


CONTENTS 


7.1 Co-lexicographic order]... 2... 
Beceem trode 
woe 2 Peek Bee eee eee eek dd ded dg 
Supa e th hh A 4 ERE SSS S Be elelele Gee. eae eed 


8 Subsets 
8.1 ~Lexicographic order] . 2. cae eee a eee eee EEE RE EYE Se ee de ee eee a 


8.2 Minimal-change order]... 2... 1 ee 


8.3 Ordering with De Bruijn sequences} .. 1... 2... 0... 
8.4 Shifts-order for subsets}... . 2 


8.5 k-subsets where k lies ina given range]... 2... ee 


9.1 Counting order 
9.2: Gray code Order] on aia Ba aR ER ER Se RO 
0.3 ~ -gslex Ordel] 2 ye Gage wk ka ew ee PRES Oe dees we ae ae eee & 
9:4 —end6:Order) i do, Ae a eae eR RRR EEE Ee A Bae eee Re S 
9.5 Gray code for endo order 


10 Permutations 


10.1 Lexicographic order]... 2... 
10.2 Co-lexicographic order}... 2... 2. ee 
10.3 Factorial representations of permutations]... .......0 0.0000 ee eee ee ee 


10.4 An order from reversing prefixes]... 0... ee 
10.5 Minimal-change order (Heap’s algorithm) 
10.7 Strong minimal-change order (Trotter’s algorithm) 
10.9 Orders where the smallest element always moves right]... ..............0... 
te dee GON Bie ee eo ead BA a oem ba done wae eS 
bey GNENEE G ae Bo at BAe BB Bee ee ee th ee es 
Ra ROME At eRe ats Oh ere Ga ay oy Sh eee ene es aa aa ant whe cn geaee 
Fa teh he eH cn tee Hee 
Sickle els Yes De. hy he, Ge gh OPP He oa we ah he eB 
em aed, Aah Gee eee eaedcsicsr a at ase ee 


11 Subsets and permutations of a multiset 
11.1 Subsets of a multiset] .. 2... 2... ee 
11.2 Permutations of a multiset 


12 Gray codes for strings with restrictions 


12.1 Fibonacci words]... 2... 
12.2 Generalized Fibonacci words]... . 2... 
poh ag -b-B th a a BY a wok oo ed ded ES ewe Ob es 
12.4 Generalized Pell words] .. 2... 2 ee 
sigan We Ge 8 SF done ue nts Gale AE Ane geen as ae ae oo 
ods Grae & Red dads eee bodes GS ba dye a 
gh AG A we Se OES Attys ce ans it a ae ae chee 


12.8 Binary strings without substrings 1x1 
12.9 Binary strings without substrings lxyl 


13 Parenthesis strings 
13.1 Co-lexicographic order}... 2... 2 
13.2. Gray code via restricted growth strings)... 2... 2. eee 


[fxtbook draft of 2008-January-19] 


vi CONTENTS 
13.3 ‘The number of parenthesis strings: Catalan numbers| .................000. 306 
13.4 Increment-1 RGS and k-ary trees]... 2. 0. 0 ee 307 

14 Integer partitions 311 
14.1 Recursive solution of a generalized problem)... ............ 0.2.00 0 000. 311 
14,2. ‘Tterative‘algorithm). cs. 3402 Gk ho Se PAGS BB we ee ae ae eS ee 313 
14.3. Partitions into m.parts| «2... bee eR ee eee ee 315 
14.4 The number of integer partitions]... 2... ee 316 

15 Set partitions 319 
15.1 ‘The number of set partitions: Stirling set numbers and Bell numbers| ........... 320 
15.2 Generation in minimal-change order}... 2... 321 

16 A string substitution engine 331 

17 Necklaces and Lyndon words 335 
17.1 Generating all necklaces]... 2... 2... ee ee 336 
17.2. ‘The number of binary necklaces]... 2... ee ee 343 
17.3 ‘The number of binary necklaces with fixed content}... ..............2.000. 344 

18 Hadamard and conference matrices 347 
18.1 Hadamard matrices via LFSR| .. 2... 2. ee 347 
18.2 Hadamard matrices via conference matrices}... 2... ee 349 
18.3 Conference matrices via finite fields}... 2... ee 351 

19 Searching paths in directed graphs 355 
19.1 Representation of digraphs]... 2... ...0..0. 00002 ee ee 356 
19.2. ‘Searching fill paths] 004 bee ee eee ee de eee EEA ee eee i eg 357 
19.3. Conditional search]... 2 2. ee 362 
19.4 Edge sorting and lucky paths}... 2... 2 2 ee 366 
19.5 Gray codes for Lyndon words}... 2... 2... 0 ee 367 


III Fast orthogonal transforms 373 


375 
be eines oe Me ak nie @ ee Gg eG ey eee ee 375 
20.2. Summary of definitions of Fourier transforms *}.................200.000. 376 
Pe VY GEE EE eee eee ee SEES 378 
ayaa BS eee ii a 383 
Batata Se fa 8 a sty a, ae 2 SOR eee Saar ee 385 
pa deat At ae) Aine Deh By ee eet eee ge ee eee a 392 
ee eee ee ee 395 
20.8 Inverse FFT for free]. 2... 397 
20.9 Real valued Fourier transforms]... . 2... 00.0... ee 398 
20.10 Multidimensional Fourier transforms}... 2... 0... 404 
20.11 The matrix Fourier algorithm (MFA)| .. 2... ..0.0.0 0200.0... 0000000000004 406 

409 
bo Ge ged’ gl Ace Ae YS Dor pace ers ws lee Doe ee ke eG EA bed 409 
bcidg Ge eg hace BS Oe ee es a OS Bee ae ee 414 
i tra Gide Ge Bibi da Gerth Gage adres Gaeta & 417 
peek dehe mt gat Gene feted ere ree eee ee eee ms es 419 
21.5 The ztransform (ZT)|. 2.2.0.2 666) 44 hthbaoo we hee ee ea ddan Fees 422 
igh hater Be ee Waar Be Ae, SS Bes ah, a Ra Be hee ship: po DD AE fh whe ae Mah, ht 426 


[fxtbook draft of 2008-January-19] 


CONTENTS 


22 The Walsh transform and its relatives 
22.1 ‘The Walsh transform: Walsh-Kronecker basis]... .....0.0.0.0..0. 0000000 eae 


22.2 Ejigenvectors of the Walsh transform *]........0.00.00 0000 eee ee 


22.3 The Kronecker product 
22.4 _A variant of the Walsh transform * 


22.5 Higher radix Walsh transforms}... 2.2... 0. 
22.6 Localized Walsh transforms]... 2... 


22.7 Dyadic (XOR) convolution 


22.9 Sequency ordered Walsh transforms}... .. 2.2.0... 000 ee 


22.10 Slant transform 


22.11 Arithmetic transform]... 2... 
22.12 Reed-Muller transform] .. 2... 


22.13 The OR-convolution, and the AND-convolution| .................200004 


23 The Haar transform 
23.1 ‘The ‘standard’ Haar transform]... . 0... ee 
23.2 In-place Haar transform]... .. 2... 2... ee 


23.3 Non-normalized Haar transforms|..... 2... ee 
eh a ceke Wy & ye A oe a GE RR RAG oe eis A eS 
MAORI heed ds Ge BB, oa ee ho tna he eet See ae ke Ee 
23.6 Relations between Walsh and Haar transforms] ................0.00000. 


23.7 Nonstandard splitting schemes *). 2... 0. 0 ee 


MaehaLee eas eee eteheeeeenaea eee. 
bplodun hd on 548404 4s 0es SS 
Aug ed dak o Gna A Oe aide Magadan 
Ss RAW Gh abana dee aceite 4 
Cheb awh ds Hee PE eae cee A 
VOVCR Tet eer CeCe Teer Terre tere se 
Eee ee eke aS de Oe ome eee aie 
Pere ee ee ra a ne ee ae 


24.9 Localized FHT algorithms] ...... 2.2... 0.2.00... 0000000002 ee ee 
24.10 ‘Two-dimensional FHTs|.. 2... 2. 


24.11 Discrete cosine transform (DCT) by HT 
24.12 Discrete sine transform (DST) by DCT 
ee ee eee ee 


25 Number theoretic transforms (NTTs) 
25.1 Prime moduli for N'T"T's 


25.2. Implementation of NT'Ts} .. 2... .0.0..0000 0 2 ee ee 
20.3 Convolution with NTTs]. 2... ee 


26 Fast wavelet transforms 


26.1 Wavelet filters 
26.2. Implementation 


26.3 Moment conditions|] ... 2... 


IV_ Fast arithmetic 
27 Fast multiplication and exponentiation 


[fxtbook draft of 2008-January-19] 


vii 


429 
429 
432 
433 
436 
437 
440 
445 
447 
448 
454 
455 
459 
462 


465 
465 
467 
469 
A471 
473 
475 
478 


483 
483 
484 
489 
490 
491 
492 
493 
496 
497 
499 
500 
501 
502 
504 


507 
507 
509 
514 


515 
515 
517 
518 

521 


523 


viii CONTENTS 


27.1 Asymptotics of algorithms] ... 2... 20... 2, ee 523 
27.2 Splitting schemes for multiplication} .... 2... 2... ee ee 524 


27.3 Fast multiplication via FFT] .. 2... 2... ee 532 


27.4 Radix/precision considerations with FFT multiplication). .................. 534 
27.0 ‘The sum-of-digits test). 2... 0. ee 536 


27.6 Binary exponentiation]... 2... 0. ee ee 537 


541 
28.1 Division, square root and cube root]... 2... 0. 541 
28.2 Root extraction for rationals]... 2... ee 544 
28.3 Divisionless iterations for the inverse a-th root]. .........0......02.000080. 546 
oe foals ee ee eee foe & 549 
28.5 Some applications of the matrix square root] .... 2... ee 550 
Baas ainda, ek Ok te Gostr oe: ut Gh 4 ede  e oe  ee aes Cae ey 555 
28.7 Products for the a-th root] .. 2... 5508 


28.8 Divisionless iterations for polynomial roots 


29 Iterations for the inversion of a function 563 
29.1 Iterations and their rate of convergence 
29.2_Schroder’s formula}. . 2... 


Dae eee GP SSE A Dae ae ae ete gael 8 566 
rai ete: tS GA Ge dp Pe ee a ee a ee ae 568 
29.5. More iterations): : 2 2s) bad tie we ea ee ee eee eee eae ae ee Os 569 
a a ee ee ere 571 
30 The arithmetic-geometric mean (AGM) 573 
J Lhe AGM rs bk Paw ane Reed be be eRe Ree Phe Bee gd 573 

ob seictack. Wore Sen eet ei P Dearth, feetate nt eere Or aig Ane ae 575 
5s Be tetera eee 9 578 


30.4 ‘Computation OF 7)... 4-448 F wR Be wa ne had BA RR A ee ee ee ee 582 


30.5 Arctangent relations for 7 *| 2.2... ee 590 
31 Logarithm and exponential function 597 
Olek HOSA h MN ig dae aga a ee ee ee Oa A ek SA a RE a SY Se wee ek eee 597 
31.2. Exponential function} .. 2... 2. ee 603 
31.3 Logarithm and exponential function of power series]... 2... 2... 0 ee ee 606 
31.4 Simultaneous computation of logarithms of small primes} .................. 608 
32 Numerical evaluation of power series 611 
32.1 The binary splitting algorithm for rational series}... 2... 0.20002... 0 0.20000. 611 
32.2 Rectangular schemes for evaluation of power series}... 2... ....-.00 0. ee eee 617 
32.3 The magic sumalt algorithm for alternating series]... 2... 2... ee ee, 621 
33 Computing the elementary functions with limited resources 625 
33.1 Shift-and-add algorithms for log,(z) and b7|.. 2.0.0.0... 0.00.00 0. 000000048 625 
33.2. CORDIC algorithms]... 2... 2.2.0... 00.2. 00.2 00 2 ee ee, 630 
34 Recurrences and Chebyshev polynomials 635 
4,1 Recurrences) cou ee ea a ee ke Ee He SR Oe Y 635 


34.2. Chebyshev polynomials]... . 2... 2... ee 645 


655 
ae nooee aes 655 
ss tnave Gee G Glee ee Pe ee ee an Ge 663 
35.3 Continued fractions}... 6. 680 


[fxtbook draft of 2008-January-19] 


CONTENTS ix 


691 
36.1 A variation of the iteration for the inverse]... ........0.000 2... eee ee eee 691 
36.2__An iteration related to the Thue constant]... ........0.0 00.0000 0000080] 695 
ao eer re 696 
Bete i Be ee A ery ney toca ve eat, te a aoe 698 
36.5 An iteration related to the period-doubling sequence]... ..............000- 700 
bh died eee ar, ahaek at aon ee ene usw aw Je Sa Oe 704 
Seven ee tan es at Ree, eth, Andee Aes A a OE 704 
Luks ao a: FL a ee doe aes 706 
36.9 A function that encodes the Hilbert curve]... 2... 0. ee 712 
Sica toe hy A Ge eee ae tng Sadist siete. Ge a arse eee 715 
36.11 An iteration related to the Fibonacci numbers] ............. 0.000000 004% 718 
36.12 Iterations related to the Pell numbers|.............0.0 0.0.00 0000s 722 


V_ Algorithms for finite fields 729 


37 Modular arithmetic and some number theory 731 
Seth eee dao bhed sds oa me bess 731 
ete at Antestuak. obi de yerictosasaie att’ 2s She, ake wha oe tee 735 
37.3 ‘The sieve of Hratosthenes}... 2... ee 738 
37.4 ‘The order of an element]... . 2.2... 2.2... 739 
32.0. Prime modulus: the feld ZjpG—=N,= GUO) 444 44 4ddeg aaa ae ae we we GOOEY 741 
37.6 Composite modulus: the ring Z/mZ]. 2... ee 741 
37.7 The Chinese Remainder Theorem (CRT)}.........0.0.0. 00000000000 00048 747 

LT yce bok oy wee Sane es ee ES ee ee Goo 749 
ote a ee & AE Bie ee ee 751 
Ge sag ves Hr er Pe GGG a gee Oe ecaeae: ee a 753 
3/01 Proving primality| “10508 bao Bo we a EA OA DE a ee eS ee ee ee ee 759 
ar) Complex module GEG) i... 64 ebook od ede E Oe Soe ee wes EES 770 
Su ee, GNU of a. Oyo oak Stes Pe, eee eee ee Gece: & 778 


37.14 Multigradés. *] oo a ee ERE EE PRE OE Eee eae eke © « 781 


bp eto Gea eee bobs nnn coon 782 
bh aa oh es Ce A 787 
793 
PE ee eee er ree ee 793 
Ee hGb.8 Be eee 799 
os MAREE ae aeseoceee: eas 805 
Oho af L oaienitaten a ee oe aes 808 
(Loe atdtw eee eee aay ¥ 823 
(seep eee aneaaaa deste: 824 
ped fe eo eA ea ee baer 826 


ya een eee 838 
39.5 Auto correlation of m-sequences| .. 2... 2... 839 
39.6 Feedback carry shift register (FCSR)| 2... 2... ee ee 840 
39.7 Linear hybrid cellular automata (LHCA)| .. 2... 0.020.000 0. 0.000.000 200084 842 
39.8 Additive linear hybrid cellular automata} ..........0..020.02. 200200002 eee 847 


[fxtbook draft of 2008-January-19] 


x CONTENTS 


40 Binary finite fields: GF(2") 851 
DG Bee bee eee Ee Baws eee eee eee 851 
ays gh ee ee cece ee eee 857 
epeereerererrrerees 859 


40.4 Solving quadratic equations]... 2... 861 


(6 44 te te ORG Ee Oe eae ea te Gee 8 863 
eB ee ee Oe ee ee ee ae eee 865 
Sodhen Wickman 662+ 873 
40.8 Optimal normal bases (ONB)|.. 2... ..0 0.000.000 2 ee 875 
a ee ee ae ee ee ee 877 


A Machine used for benchmarking 883 
B The pseudo language Sprache 885 
C The pari/gp language 887 


Bibliography 895 
911 


[fxtbook draft of 2008-January-19] 


Important remarks 
about this document 


This is a draft of a book about selected algorithms. The audience in mind are programmers who are 
interested in the treated algorithms and actually want to create and understand working and reasonably 
optimized code. 


The style varies somewhat which I do not consider bad per se: While some topics (as fast Fourier 
transforms) need a clear and explicit introduction others (like the bit wizardry chapter) seem to be best 
presented by basically showing the code with just a few comments. 


The pseudo language Sprache is used when I see a clear advantage to do so, mainly when the corresponding 
C++ does not appear to be self explanatory. Larger pieces of code are presented in C++. C programmers 
do not need to be shocked by the ‘++’ as only a rather minimal set of the C++ features is used. Some 
of the code, especially in part 3 (Arithmetical algorithms), is given in the pari/gp language as the use of 
other languages would likely bury the idea in technicalities. 


A printable version of this book will always stay online for free download. The referenced sources are 
online as part of FXT (fast transforms and low level routines [19]) and hfloat (high precision floating 
point algorithms [20}). 


The reader is welcome to criticize and suggest improvements. Please name the draft version (date) with 


your feedback! | This version is of 2008-January-19. | Note that you can copy and paste from the 
PDF and DVI versions. Thanks go to thos] who helped to improve this document so far! 


In case you want to cite this document, please avoid referencing individual chapters or sections as their 
numbers (and titles) may change. 


Enjoy reading! 


Legal matters 


This book is copyright © by its author, J6érg Arndt. 

Redistributing or selling this book in printed or in electronic form is prohibited. 
This book must not be mirrored on the Internet. 

Using this book as promotional material is prohibited. 


CiteSeer (http://citeseer.ist.psu.edu/cs/, and its mirrors) is allowed to keep a copy of this book 


in its database. 


lin particular Igal Aharonovich, Nathan Bullock, Dominique Delande, Torsten Finke, Sean Furlong, Almaz Gaifullin, 
Alexander Glyzov, Andreas Griinbacher, Christoph Haenel, Tony Hardie-Bick, Laszlo Hars, Jeff Hurchalla, Gideon Klimer, 
Dirk Lattermann, Gal Laszlé, Avery Lee, Brent Lehman, Marc Lehmann, Paul C. Leopardi, John Lien, Mirko Liss, Johannes 
Middeke, Doug Moore, Andrew Morris, David Nalepa, Miroslaw Osys, Christoph Pacher, Scott Paine, Yves Paradis, Edith 
Parzefall, André Piotrowski, David Garcia Quintas, Tony Reix, Johan Rénnblom, Thomas Schraitle, Clive Scott, Michael 
Somos, Ralf Stephan, Michal Staruch, Mikko Tommila, Michael Roby Wetherfield, Vinnie Winkler, Jim White, John 
Youngquist, Rui Zhang, and Paul Zimmermann. 


“Why make things difficult, when tt is possible to make them cryptic 
and totally illogical, with just a little bit more effort?” 


— Aksel Peter Jorgensen 


Part I 


Low level algorithms 


[fxtbook draft of 2008-January-19] 


Chapter 1 


Bit wizardry 


We present low-level functions that operate on the bits of a binary word. It is often not obvious what these 
are good for and I do not attempt much to motivate why particular functions are presented. However, if 
you happen to have an application for a given routine you will love that it is there: the program using it 
may run significantly faster. 


The C-type unsigned long is abbreviated as ulong as defined in [F XT: fxttypes.h). It is assumed that 
BITS_PER_LONG reflects the size of an unsigned long. It is defined in [FXT: and (on 
sane architectures) equals the machine word size. That is, it equals 32 on 32-bit architectures and 64 on 
64-bit machines. Further, the quantity BYTES_PER_LONG shall reflect the number of bytes in a machine 
word, that is, it equals BITS_PER_LONG divided by eight. For some functions it is assumed that long and 
ulong have the same number of bits. 


The examples of assembler code are for the x86 and the AMD64 architecture. They should be simple 
enough to be understandable for readers who know assembler for any CPU. 


1.1 Trivia 


1.1.1 Little endian versus big endian 


The order in which the bytes of an integer are stored in memory can start with the least significant byte 
(little endian machine) or with the most significant byte (big endian machine). The hexadecimal number 
OxODOCOBOA will be stored in the following manner when memory addresses grow from left to right: 


adr: Zz zti zZt+2 z+3 
mem: OD OC OB OA // big endian 


mem: OA OB Oc OD // little endian 


The difference is only visible when you cast pointers. Let V be the 32-bit integer with the value above. 
Then the result of char c = *(char *)(&V); will be 0x0A (value modulo 256) on a little endian 
machine but 0x0D (value divided by 274) on a big endian machine. Portable code that uses casts may 
need two versions, one for each endianness. Though friends of the big endian way sometimes refer to little 
endian as ‘wrong endian’, the wanted result of the shown pointer cast is much more often the modulo 
operation. 


1.1.2 Size of pointer is size of long 


On sane architectures a pointer fits into a type long integer. When programming for a 32-bit architecture 
(where the size of int and long coincide) casting pointers to integers (and back) will work. The same 


[fxtbook draft of 2008-January-19] 


4 Chapter 1: Bit wizardry 


code will fail on 64-bit machines. If you have to cast pointers to an integer type, cast them to long. 


1.1.3 Shifts and division 


With two’s complement arithmetic (that is: on likely every computer you'll ever touch) division and 
multiplication by powers of two is right and left shift, respectively. This is true for unsigned types and 
for multiplication (left shift) with signed types. Division with signed types rounds toward zero, as one 
would expect, but right shift is a division (by a power of two) that rounds to minus infinity: 


int a = -1; 
int c =a >> 1; // co == -1 
int d=a/ 2; //a== 0 


The compiler still uses a shift instruction for the division, but with a ‘fix’ for negative values: 


9:test.cc @ int foo(int a) 
10:test.cc ef 


285 0003 8B442410 movl 16(/esp),Zeax // move argument to eax 
11:test.cc @ int s=a>> 1; 

289 0007 89C1 movl eax, hecx 

290 0009 D1iF9 sarl $1,%ecx 
12:test.cc @ int d=a / 2; 

293 000b 89C2 movl eax, hedx 

294 000d CiEAiIF shrl $31,%edx // fix: hedx=(/edx<071:0) 

295 0010 01D0 addl %edx,%eax // fix: add one if a<0O 

296 0012 DiF8 sarl $1, eax 


For unsigned types the shift would suffice. One more reason to use unsigned types whenever possible. 


The assembler listing was generated from C code via the following commands: 


# create assembler code: 
c++ -S -fverbose-asm -g -02 test.cc -o test.s 


# create asm interlaced with source lines: 

as -alhnd test.s > test.1st 

There are two types of right shifts: a so-called logical and an arithmetical shift. The logical version (shr1 
in the above fragment) always fills the higher bits with zeros, corresponding to divisior}| of unsigned 
types. The arithmetical shift (sarl in the above fragment) fills in ones or zeros, according to the most 
significant bit of the original word. 


Computing remainders modulo a power of two with unsigned types is equivalent to a bit-and using a 
mask: 


ulong a = b % 32; // == b & (32-1) 
All of the above is done by the compiler’s optimization wherever possible. 


Division by (compile time) constants can be replaced by multiplications and shift. The magic machinery 
inside the compiler does it for you. A division by the constant 10 is compiled to: 


5:test.cc @ ulong foo(ulong a) 
6:test.cc Of 


7T:test.cc @ ulong b = a / 10; 
290 0000 8B442404 movl 4(hesp) ,,eax 
291 0004 F7250000 mull .LC33 // value == Oxcccccccd 
292 000a 89D0 movl fedx, ,eax 
293 000c C1E803 shrl $3, eax 


Thereby it is sometimes reasonable to have separate code branches with explicit special values. Similarly, 
for modulo computations with a constant modulus (using modulus 10,000): 


8:test.cc @ ulong foo(ulong a) 
9:test.cc Of 


53 0000 8B4C2404 movl 4(hesp) ,hecx 

10:test.cc @ ulong b = a % 10000; 

57 0004 89C8 movl fecx, heax 

58 0006 F7250000 mull .LCO // value == 0xd1b71759 
59 000c 89D0 movl edx, heax 

60 000e C1E80D shrl $13,%eax 

61 0011 69C01027 imull $10000,%eax, heax 


1S0 you can think of it as ‘unsigned arithmetical’ shift. 


[fxtbook draft of 2008-January-19] 


1.1: Trivia 8) 


62 0017 29C1 subl eax, ,ecx 
63 0019 89C8 movl ecx, eax 


Algorithms to replace divisions by a constant by multiplications and shifts are given in [125]. 


1.1.4 A pitfall (two’s complement) 


c= 
c= 
c= 
c= 
c= 
c= 
c= 


-c= 
-c= = 
-c= = 
-c= = 
-c= = 
-c= = 
-c= = 


c= 
c= 
c= 
c= 
c= 
c= 
c= 
c= 
c= 
c= 


-c= 
-c= 
-c= 
-c= 
-c= 
-c= 
-c= 
-c= 
-c= 
-c= 


PEt 
CoLULILILILIWIOILVLI 
NNNNNNNNNNY 
SNS 
DAAAAAAARH 


I 
CILIOILIOIOIIOII 
NNNNMNNNNNVN 
SNS 
DARAAAAAAADH 


c= 
c= 
c= 
c= 
c= 
c= 
c= 


-c= 
-c= 
-c= 
-c= 
-c= 
-c= 
-c= 


PNWBOION NDWRBUOIMNONDO MOHoIBPWYrRO 


In two’s complement zero is not the only number that is equal to its negative. With a data type of n bits 
the value with just the highest bit set (the most negative value) also has this property. sg ee | 
output of [FXT: bits/gotcha-deino« shows the situation for words of sixteen bits. This is the reason 
why innocent looking code like 


if ( x<O) x = -x; 
// assume x positive here (WRONG!) 


can simply fail. 


1.1.5 Another pitfall (shifts in the C-language) 


A shift by more than BITS_PER_LONG—1 is undefined by the C-standard. Therefore the following function 
can fail if k is zero: 


inline ulong first_comb(ulong k) 

// Return the first combination of (i.e. smallest word with) k bits, 
// i.e. 00..001111..1 (k low bits set) 

{ 


ulong t = ~OUL >> ( BITS_PER_LONG - k ); 
return t; 


} 


Compilers usually emit just a shift instruction which on certain CPUs does not give zero if the shift is 
equal to or greater than BITS_PER_LONG. This is why the line 


if ( k==0 ) t=0; // shift with BITS_PER_LONG is undefined 


has to be inserted just before the return statement. 


1.1.6 Shortcuts 


To test whether at least one of a and b equals zero use if ( !(a && b) ). This works for signed 
and unsigned integers. Checking whether both are zero can be done using if ( (alb)==0 ). This 


[fxtbook draft of 2008-January-19] 


6 Chapter 1: Bit wizardry 


obviously generalizes for several variables as if ( (alblc|..|z)==0 ) ). Test whether exactly one of 
two variables is zero using if ( (!a) * (!b) ) 


1.1.7 Toggling between values 


In order to toggle an integer x between two values a and b use: 


- b; 


precalculate: a 
t;  //a<-->b 


toggle: 


a+b; 
tC = xX; 


precalculate: 


t 
x 

the equivalent trick for floating point types is 
t 

toggle: x 


Here an overflow could occur with a and b in the legal range (but both close to overflow). This should, 
however, not happen with sane programs. 


1.1.8 Next or previous even or odd value 


Compute the next or previous even or odd value via [FXT: bits/evenodd.h': 


static inline ulong next_even(ulong x) { return x+2-(x&1); } 
static inline ulong prev_even(ulong x) ‘{ return x-2+(x&1); } 


static inline ulong next_odd(ulong x) { return xt+1+(xk1); } 

static inline ulong prev_odd(ulong x) { return x-1-(xk1); } 

The following functions return the unmodified argument if it has the required property, else the nearest 
such value: 


static inline ulong nextO_even(ulong x) { return x+(xk1); } 
static inline ulong prevO_even(ulong x) f{ return x-(xk1); } 


static inline ulong nextO_odd(ulong x) { return x+1-(x&1); } 
static inline ulong prevO_odd(ulong x) ‘{ return x-1+(x&1); } 


1.1.9 Testing whether bit-subset 


The following function tests whether a word u, as a bit-set, is a subset of another word e [FXT: 
bits/bitsubsetq.h : 


inline bool is_subset(ulong u, ulong e) 
// Return whether u is a bit-subset of e. 


return ( (u & e)==u ); 


Should u contain any bits not set in e then these bits are deleted in the AND-operation and the test for 
equality will fail. 


1.1.10 Integer versus float multiplication 


The floating point multiplier gives the highest bits of the product. Integer multiplication gives the result 
modulo 2° where b is the number of bits of the integer type used. As an example we square the number 
1010101 using a 32-bit integer type and floating point types with 24-bit and 53-bit mantissa: 


a 111111111 


axa = 12345678987654321 // true result 

axa = 1653732529 // result with 32-bit integer multiplication 

(axa), (2**32) = 1653732529 // ... which is modulo (2**bits_per_int) 

a*a = 1.2345679481405440et16 // result with float multiplication (24 bit mantissa) 
a*a = 1.2345678987654320et16 // result with float multiplication (53 bit mantissa) 


[fxtbook draft of 2008-January-19] 


1.1: Trivia 7 
1.1.11 Double precision float to signed integer conversion 


Conversion of double precision floats that have a 53-bit mantissa to signed integers via [13] p.52-53] 


#define DOUBLE2INT(i, d) ‘{ double t = ((d) + 6755399441055744.0); i = *((int *)(kt)); } 
double x; 

int i = 123; 

DOUBLE2INT(i, x); 


can be a faster alternative to 

double x = 123.0; 

int i; 

i= x; 

The constant used is 6755399441055744 = 2524+ 25!. The method is machine dependent as it relies on the 
binary representation of the floating point mantissa. Here it is assumed that, firstly, the floating point 
number has a 53-bit mantissa with the most significant bit (that is always one with normalized numbers) 
omitted, and secondly, the address of the number points to the mantissa. 


1.1.12 Optimization considerations 


Never ever think that some code is the ‘fastest possible’, there always another trick that can still improve 
performance. Many factors can have an influence on performance like number of CPU registers or cost 
of branches. Code that performs well on one machine might perform badly on another. The old trick to 
swap variables without using a temporary 


// a=0, b=0 a=0, b=1 a=1, b=0 a=1, b=1 
a “=b; // 0 0 1 1 1 0 0 1 
b =a; // 0 0 1 (0) 1 1 0 1 
a “=b; // 0 0 1 (0) 0 1 1 1 


equivalent to: 
tmp =a; a=b; b = tmp; 


is pretty much out of fashion today. However in some specific context (like extreme register pressure) it 
may be the way to go. 


The only way to find out which version of a function is faster is to actually do profiling (timing). The 
performance does depend on the stream of instructions before the machine code (we assume that all of 
these low-level functions get inlined). Studying the generated CPU instructions does help to understand 
what is going on but can never replace profiling. 


The code surrounding a specific function can have a massive impact on performance. That is, benchmarks 
for just the isolated routine can only give a rough indication. Profile your application and also test whether 
the second best (when isolated) routine is the fastest. 


Never just replace the unoptimized version of some code fragment when introducing a streamlined one. 
Keep the original in the source. In case something nasty happens (think of low level software failures 
when porting to a different platform) you'll be very thankful for the chance to temporarily use the slow 
but correct version. 


Study the optimization recommendations for your CPU (like [13] for the AMD64). It doesn’t hurt to see 
the corresponding documentation for other architectures. 


Proper documentation is an absolute must for optimized code, just assume that nobody will be able to 
read and understand it from the supplied source alone. The experience of not being able to understand 
code you have written some time ago helps a lot in this matter. 


More techniques for optimization are given in section [5.4]on page 


[fxtbook draft of 2008-January-19] 


8 Chapter 1: Bit wizardry 


1.2 Operations on individual bits 


1.2.1 Testing, setting, and deleting bits 


The following functions should be self explanatory. Following the spirit of the C language there is no 
check whether the indices used are out of bounds. That is, if any index is greater or equal BITS_PER_LONG, 


the result is undefined [FXT: bits/bittest.h): 


inline ulong test_bit(ulong a, ulong i) 
// Return zero if bit[i] is zero, 
// else return one-bit word with bit[i] set. 


return (a & (AUL << i)); 


The following version returns either zero or one: 


static inline bool test_bit01(ulong a, ulong i) 
e Return whether bit[i] is set. 


return ( 0 != test_bit(a, i) ); 


inline ulong set_bit(ulong a, ulong i) 
// Return a with bit[i] set. 
{ 


return (a | (1UL << i)); 


inline ulong delete_bit(ulong a, ulong i) 
// Return a with bit[i] cleared. 


return (a & ~(1UL << i)); 


inline ulong change_bit(ulong a, ulong i) 
// Return a with bit[i] changed. 


{ 
return (a ~ (1UL << i)); 


1.2.2 Copying a bit 


In order to copy a bit from one position to another we generate a one exactly if the bits at the two 
positions differ. Then an XOR changes the target bit if needed [FXT: bits/bitcopy.h': 
inline ulong copy_bit(ulong a, ulong isrc, ulong idst) 


// Copy bit at [isrc] to position [idst]. 
e Return the modified word. 


ulong x = ((a>>isrc) ~ (a>>idst)) & 1; // one if bits differ 
a “= (x<<idst); // change if bits differ 
} 


The situation is more tricky if the bit positions are given as (one bit) masks: 


inline ulong mask_copy_bit(ulong a, ulong msrc, ulong mdst) 
// Copy bit according at src-mask (msrc) 

// to the bit according to the dest-mask (mdst). 

// Both msrc and mdst must have exactly one bit set. 

g Return the modified word. 


ulong x = mdst; 
if ( msrc & a) x=0; // zero if source bit set 


x “= mdst; // ==mdst if source bit set, else zero 
a &= “mdst; // clear dest bit 

a l= x; 

return a; 


[fxtbook draft of 2008-January-19] 


1.3: Operations on low bits or blocks of a word 9 


The compiler generates branch-free code as the conditional assignment is compiled to a cmov (conditional 
move) assembler instruction. If one or both masks have several bits set the routine will set all bits of 
mdst if any of the bits in msrc is one else clear all bits of mdst. 


1.2.3. Swapping two bits 


A function to swap two bits of a word [FXT: bits/bitswap.h': 


static inline ulong bit_swap(ulong a, ulong ki, ulong k2) 
// Return a with bits at positions [ki] and [k2] swapped. 
// k1==k2 is allowed (a is unchanged then) 
{ 
ulong x = ((a>>ki) ~ (a>>k2)) & 1;  // one if bits differ 
a “= (x<<k2); // change if bits differ 
a “= (x<<k1); // change if bits differ 
return a; 


When it is known that the bits do have different values the following routine can be used: 


static inline ulong bit_swap_01(ulong a, ulong ki, ulong k2) 
// Return a with bits at positions [k1] and [k2] swapped. 

// Bits must have different values (!) 

// (i.e. one is zero, the other one) 

// k1==k2 is allowed (a is unchanged then) 


{ 
return a~ ( (1UL<<k1) ~ (1UL<<k2) ); 


1.3 Operations on low bits or blocks of a word 


The underlying idea of functions that operate on the lowest set bit is that addition and subtraction of 1 
always changes a burst of bits at the lower end of the word. The following functions are given in [FXT: 


bits /bitlow.h). 


Isolation of the lowest set bit is achieved via 


static inline ulong lowest_bit(ulong x) 
// Return word where only the lowest set bit in x is set. 
// Return 0 if no bit is set. 


return x & -x; // use: -x == “x + 1 


The lowest zero (unset bit) of some word x is then trivially isolated using the equivalent of 
lowest_bit( ~x ): 


static inline ulong lowest_zero(ulong x) 


// Return word where only the lowest unset bit in x is set. 
u Return 0 if all bits are set. 


xX = "xX; 
return x & -x; 


Alternatively, one can use either of 


return (x ~ (xt+1)) & “x; 
return ((x * (xt+1)) >> 1) + 1; 


[fxtbook draft of 2008-January-19] 


10 


Chapter 1: Bit wizardry 


The sequence of returned values for = 0, 1, ... is the binary ruler function, the highest power of two 


that divides x + 1: 


X: lowest_zero (x) 
QO: 

1: 

2: 

3: 

4: a ee 
5: == wo... ae 
6: == ..... 11. 
(i == ...., 111 
8: = YA erie 
9: == Be ale 
10: == sheds 


Clearing the lowest set bit in a word can be achieved via 


static inline ulong delete_lowest_bit(ulong x) 


// Return word were the lowest bit set in x is cleared. 


// Return O for input == 
{ 


return x & (x-1); 


while setting the lowest unset bit is done by 


static inline ulong set_lowest_zero(ulong x) 

// Return word were the lowest unset bit in x is set. 
// Return ~O for input == ~0. 

{ 


return x | (x+1); 


Isolate the burst of low bits/zeros as follows: 


static inline ulong low_bits(ulong x) 


// Return word where all the (low end) ones are set. 
// Example: 01011011 --> 00000011 


// Return 0 if lowest bit is zero: 
// 10110110 --> 0 


if ( ~“OUL==x ) return ~OUL; 
return (((x+1)7*x) >> 1); 


and 


static inline ulong low_zeros(ulong x) 


// Return word where all the (low end) zeros are set. 
// Example: 01011000 --> 00000111 


v Return 0 if all bits are set. 


if ( O==x ) return ~OUL; 
return (((x-1)*x) >> 1); 


Isolation of the lowest block of ones (which may have zeros to the right of it) can be achieved via: 


static inline ulong lowest_block(ulong x) 
// Isolate lowest block of ones. 


// e.g.: 

// x = ***#*011100 

// 1 = 00000000100 

// y= *****100000 

// x7-y = 00000111100 

c ret = 00000011100 
ulong 1 = x & -x; // lowest bit 
ulong y =x +1; 
x = y; 


return x & (x>>1); 


} 


Extracting the index (position) of the lowest bit is easy when the corresponding assembler instruction is 


used [F XT: |bits/bitasm-amd64.h): 


static inline ulong asm_bsf(ulong x) 
“ Bit Scan Forward 


asm ("bsfq %0, %0" : "=r" (x) : "0" (x)); 


[fxtbook draft of 2008-January-19] 


1.3: Operations on low bits or blocks of a word 11 


return x; 


Without the assembler instruction an algorithm that uses proportional log,(BITS_PER_LONG) can be used, 
so the resulting function can be implemented aq?| (64-bit. version) 


static inline ulong lowest_bit_idx(ulong x) 
// Return index of lowest bit set. 

// Examples: 

// *x*k*k1 --> 0 

// *#10 --> 1 

// *100 --> 2 

e Return 0 (also) if no bit is set. 


ulong r = 0; 
x &= -x; // isolate lowest bit 


if ( x & OxffffffffOOOOOOOOUL ) r += 32; 
if ( x & OxffffOOOOfFffOOOOUL ) r += 16; 
if ( x & OxffOO0ffOOffOOffOOUL ) r += 8; 
if ( x & OxfOf0f0f0OfOfOFfOfOUL ) r += 4; 
if ( x & OxccccccccccccccccUL ) r += 2; 
if ( x & OxaaaaaaaaaaaaaaaaUL ) r += 1; 
#endif // BITS_USE_ASM 
return r; 


} 


The function returns zero for two inputs, one and zero. If one needs a special value for the input zero, 
add a statement like 


if ( 1>=x ) return x-1; // 0 if 1, ~0 if 0 


as first line of the function. 


Occasionally one wants to set a rising or falling edge at the position of the lowest bit: 


static inline ulong lowest_bit_Oledge(ulong x) 
// Return word where a all bits from (including) the 


// lowest set bit to bit O are set. 
// Return 0 if no bit is set. 


if ( O==x ) return 0; 
return x7(x-1); 


} 


static inline ulong lowest_bit_10edge(ulong x) 

// Return word where a all bits from (including) the 
// lowest set bit to most significant bit are set. 
// Return O if no bit is set. 


if ( 0==x ) return 0; 

x “= (x-1); 

// here x == lowest_bit_Oledge(x) ; 
return ~(x>>1); 


} 


The following function returns the parity of the lowest bit in a binary word 
static inline ulong lowest_bit_idx_parity(ulong x) 


{ 
x &= -x; // isolate lowest bit 


return (x & OxaaaaaaaaaaaaaaaaUL) ; 


The sequence of values for x = 0,1,2,... is 


0010001010100010001000101010001010100010101000100010001010100010... 


This is the complement of the period-doubling sequence, entry |A035263) of [214]. See section |36.5.1] on 
page for the connection to the towers of Hanoi puzzle. 


*thanks go to Nathan Bullock for communicating this improved version. 


[fxtbook draft of 2008-January-19] 


12 Chapter 1: Bit wizardry 
1.4 Isolating blocks of bits and single bits 


We give functions for the creation or extraction of bit-blocks, single bits and related tasks. 


1.4.1 Creating bit-blocks 
The following functions are given in [FXT: bits/bitblock.h). 


static inline ulong bit_block(ulong p, ulong n) 
// Return word with length-n bit block starting at bit p set. 
// Both p and n are effectively taken modulo BITS_PER_LONG. 


{ 
ulong x = (1UL<<n) - 1; 
return x << p; 


} 
A version with indices wrapping around is 


static inline ulong cyclic_bit_block(ulong p, ulong n) 

// Return word with length-n bit block starting at bit p set. 
// The result is possibly wrapped around the word boundary. 
// Both p and n are effectively taken modulo BITS_PER_LONG. 


{ 
ulong x = (1UL<<n) - 1; 
return (x<<p) | (x>>(BITS_PER_LONG-p)) ; 


1.4.2 Isolating single bits or zeros 


The following functions are given in [FXT: bits/bitmisc.h . 


static inline ulong single_bits(ulong x) 
// Return word were only the single bits from x are set. 


{ 
return x & ~( (x<<1) | (x>>1) ); 


static inline ulong single_zeros(ulong x) 
// Return word were only the single zeros from x are set. 


{ 
} 


static inline ulong single_values(ulong x) 
// Return word were only the single bits and the 
// single zeros from x are set. 


{ 


return single_bits( ~x ); 


return (x ~ (x<<i)) & (x 7 (x>>1)); 


1.4.3 Isolating single bits or zeros at the word boundary 


static inline ulong border_bits(ulong x) 
// Return word were only those bits from x are set 
// that lie next to a zero. 


return x & ~( (x<<1) & (x>>1) ); 
static inline ulong border_values(ulong x) 


// Return word were those bits/zeros from x are set 
// that lie next to a zero/bit. 


{ 
ulong g = x ~ (x>>1); 
g l= (g<<1); 
return g | (x & 1); 
} 


[fxtbook draft of 2008-January-19] 


1.4: Isolating blocks of bits and single bits 13 


1.4.4 Isolating bits at zero-one transitions 


static inline ulong high_border_bits(ulong x) 
// Return word were only those bits from x are set 
// that lie right to (i.e. in the next lower bin of) a zero. 


at 


return x & (x ~* (x>>1) ); 


static inline ulong low_border_bits(ulong x) 

// Return word were only those bits from x are set 

// that lie left to (i.e. in the next higher bin of) a zero. 
{ 


return x & (x ~* (x<<1) ); 


1.4.5 Isolating bits or zeros at block boundaries 


static inline ulong block_border_bits(ulong x) 
// Return word were only those bits from x are set 
a that are at the border of a block of at least 2 bits. 


return x & ( (x<<1) * (x>>1) ); 


static inline ulong low_block_border_bits(ulong x) 
// Return word were only those bits from x are set 
a that are at left of a border of a block of at least 2 bits. 


ulong t = x & ( (x<<1) 7 (x>>1) ); // block_border_bits() 
return t & (x>>1); 


static inline ulong high_block_border_bits(ulong x) 
// Return word were only those bits from x are set 
// that are at right of a border of a block of at least 2 bits. 


{ 
ulong t C (x<<i) * (x>>1) ); // block_border_bits() 


=x & 
return t & (x<<1); 


static inline ulong block_bits(ulong x) 
// Return word were only those bits from x are set 
// that are part of a block of at least 2 bits. 


{ 
return x & ( (x<<1) | (x>>1) ); 


1.4.6 Isolating the interior of bit blocks 


static inline ulong block_values(ulong x) 
// Return word were only those bits/values are set 
// that do not lie next to an opposite value. 


{ 
} 


static inline ulong interior_bits(ulong x) 

// Return word were only those bits from x are set 
// that do not have a zero to their left or right. 
{ 


return “~single_values(x) ; 


return x & ( (x<<1) & (x>>1) ); 


static inline ulong interior_values(ulong x) 

// Return word were only those bits/zeros from x are set 
// that do have a zero/bit to their left or right. 

{ 


return ~border_values(x) ; 


[fxtbook draft of 2008-January-19] 


14 Chapter 1: Bit wizardry 
1.5 Computing the index of a single set bit 


In the function lowest_bit_idx() we first isolated the lowest bit of a word x by first setting x&=-x. 
At this point, x contains just one set bit (or x==0). The following lines in the routine implement an 
algorithm that computes the index of the single bit set. This section gives some alternative techniques 
to compute the index of a single-bit word. 


1.5.1 Cohen’s trick 


A nice trick is presented in [83]: for N-bit words find a number m so that all powers of two are different 
modulo m. That is, the order of two modulo m must be greater or equal to N. We use a table mt [] of 
size m that contains the powers of two: mt[(2**j) mod m] = j for 7 > 0 and a special value for 7 = 0. 
To look up the index of a one-bit-word x it is reduced modulo m and mt [x] is returned. 


modulus m=11 

k= 0 12 3 4 5 6 7 
mt[k]l= 0018 249 7 
Lowest bit == 0: X= ssuciws 1 = 1 x % m= 1 ==> lookup = 0 
Lowest bit == 1: KS 2 seates 1.= 2 x %m= 2 ==> lookup = 1 
Lowest bit == 2: R= Aaws 1..= 4 x %m= 4 ==> lookup = 2 
Lowest bit == 3: R= ceecdas. = 8 x % m= 8 ==> lookup = 3 
Lowest bit == 4: RP aged = 16 x % m= 5 ==> lookup = 4 
Lowest bit == 5: R= vel cowa = 32 x % m= 10 ==> lookup = 5 
Lowest bit == 6: R= dee eke: = 64 x % m= 9 ==> lookup = 6 
Lowest bit == 7: X= Teak see = 128 x % m= 7 ==> lookup = 7 


Figure 1.5-A: Determination of the position of a single bit with 8-bit words. 


We demonstrate the method for N = 8 where m = 11 is the smallest number with the required property. 
The setup routine for the table is 


const ulong m = 11; // the modulus 
ulong mt [m+1]; 
static void mt_setup() 


{ 
mt[0] = 0; // special value for the zero word 
ulong t = 1; 
for (ulong i=1; i<m; ++i) 
mt[t] = i-1; 
t *= 2; 
if ( t>=m ) t -=m; // modular reduction 
} 


The entry in mt [0] will be accessed when the input is the zero word. One can use a special value that the 
algorithm will return for input zero. Here we simply used zero in order to always have the same return 
value as with lowest_bit_idx(). The computation of the index can then be achieved by 


inline ulong m_lowest_bit_idx(ulong x) 


{ 
x &= -x; // isolate lowest bit 
x = m; // power of two modulo m 
return mt[x]; // lookup 

} 


The code is given in the demo [FXT: bits/modular-lookup-demo.cc,, the output with N = 8 (edited for 


size) is shown in figure The following moduli m(N) can be used for N-bit words: 


N: 4 8 16 32 64 128 256 512 1024 
m: 5 11 19 37 67 131 269 523 1061 


The modulus m(N) is the smallest prime greater than N such that 2 is a primitive root modulo m(N): 


for (n=2, 10, N=27n; \\ N bits per word 
forprime (z=N, N+9999, 


[fxtbook draft of 2008-January-19] 


1.5: Computing the index of a single set bit 15 


if ( znorder(Mod(2,z))>=N, print(N,": ",z);break() ) 


1.5.2. Using De Bruijn sequences 


The following method (given in [166]) is even more elegant, it uses binary De Bruijn sequences of size N. 
A binary De Bruijn sequence of length 2% contains all binary words of length N (see section on 
page |833). These are the sequences for 32 and 64 bit, as binary words: 

#if BITS_PER_LONG == 32 


const ulong db = 0x4653ADFUL; 


// == 00000100011001010011101011011111 
const ulong s = 32-5; 


#else 

const ulong db = 0x218A392CD3D5DBFUL ; 

// == 0000001000011000101000111001001011001101001111010101110110111111 
const ulong s = 64-6; 

#endif 


db=...1.111 (De Bruijn sequence) 


k = 0 12 3 45 6 7 
dbt[k] = 0 12 4 7 3 6 5 
Lowest bit == 0: KS kanes 1 db * x = ~t.101 shifted = ........ == 0 ==> lookup = 0 
Lowest bit == 1: Kio dieters 1. db * x = ..1.111. shifted = ....... 1 == 1 ==> lookup = 1 
Lowest bit == 2: KS oes, ar db * x = .1.111.. shifted = ...... 1. == 2 ==> lookup = 2 
Lowest bit == 3: RS aoa henge db * x = 1.111... shifted = ..... 1.1 == 5 ==> lookup = 3 
Lowest bit == 4: x= ...1.... db * x = .1i11.... shifted = ...... 11 == 3 ==> lookup = 4 
Lowest bit == 5: X= tgdonaes db * x = 1il..... shifted = ..... 111 == 7 ==> lookup = 5 
Lowest bit == 6: RS aL easces db * x =11...... shifted = ..... 11. == 6 ==> lookup = 6 
Lowest bit == 7: KOSS Axa ack db * x =1....... shifted = ..... 1.. == 4 ==> lookup = 7 


Figure 1.5-B: Computing the position of the single set bit in 8-bit words with a De Bruijn sequence. 
Let w; be the i-th sub-word from the left (high end). We create a table so that the entry with index w; 
points to 2: 


ulong dbt [BITS_PER_LONG] ; 
static void dbt_setup() 


for (ulong i=0; i<BITS_PER_LONG; ++i) dbt[ (db<<i)>>s ] = i; 
} 


The computation of the index involves a multiplication and a table lookup: 


inline ulong db_lowest_bit_idx(ulong x) 


1 
x &= -x; // isolate lowest bit 
x *= db; // multiplication by a power of two is a shift 
x >>= s; // use log_2(BITS_PER_LONG) highest bits 
return dbt[x]; // lookup 

} 


The used sequences must start with at least log,(V) — 1 zeros because in the line x *= db the word x 


is shifted (not rotated). The code is given in the demo [FXT: bits/debruijn-lookup-demo.cc], the output 
with N = 8 (edited for size, dots denote zeros) is shown in figure 


1.5.3 Using floating point numbers 


Floating point numbers are normalized so that the highest bit in the mantissa is one. Therefore if one 
converts an integer into a float then the position of the highest set bit can be read off the exponent. 
By isolating the lowest bit before that operation its index can be found by the same trick. However, 
the conversion between integers and floats is usually slow. Further, the technique is highly machine 
dependent. 


[fxtbook draft of 2008-January-19] 


16 Chapter 1: Bit wizardry 
1.6 Operations on high bits or blocks of a word 


For the functions operating on the highest bit there is not a way as trivial as with the equivalent task with 
the lower end of the word. With a bit-reverse CPU-instruction available life would be significantly easier. 
However, almost no CPU seems to have it. The following functions are given in [FXT: bits/bithigh.h). 


Isolation of the highest set bit is achieved via the bit-scan instruction when it is available [FXT: 
bits /bitasm-i386.h): 


static inline ulong asm_bsr(ulong x) 
// Bit Scan Reverse 


asm ("bsrl %0, %0" : "=r" (x) : "0" (x)); 
return x; 


} 
else one may use 


static inline ulong highest_bit_Oledge(ulong x) 

// Return word where a all bits from (including) the 
// highest set bit to bit O are set. 

u Return 0 if no bit is set. 


x>>1; 

X>>2; 

x>>4; 

X>>8; 

x>>16; 

#if BITS_PER_LONG >= 64 
x |= x>>32; 

#endif 
return xX; 

} 


so the resulting code is 


x | 
x | 
x | 
x | 
x | 


static inline ulong highest_bit(ulong x) 
// Return word where only the highest bit in x is set. 
// Return 0 if no bit is set. 


{ 
#if defined BITS_USE_ASM 
if ( 0==x ) return 0; 
xX = asm_bsr(x); 
return 1UL<<x; 
#else 
x = highest_bit_Oledge(x) ; 


return x ~ (x>>1); 
#endif // BITS_USE_ASM 
} 


Trivially, the highest zero can be isolated using highest_bit (~x). Thereby 


static inline ulong set_highest_zero(ulong x) 

// Return word were the highest unset bit in x is set. 
// Return ~O for input == ~0. 

{ 


} 
Finding the index of the highest set bit uses the equivalent algorithm as with the lowest set bit: 


return x | highest_bit( ~x ); 


static inline ulong highest_bit_idx(ulong x) 
// Return index of highest bit set. 
// Return 0 if no bit is set. 


{ 

#if defined BITS_USE_ASM 
return asm_bsr(x); 

#else // BITS_USE_ASM 


if ( O0==x ) return 0; 


ulong r = 0; 
#if BITS_PER_LONG >= 64 
if ( x & (“OUL<<32) ) { x >>= 32; r += 32; } 
#endif 
if ( x & Oxffff0000 ) { x >>= 16; r += 16; } 
if ( x & Ox0000ff00 ) {x >>= 8; r+= 8; } 


[fxtbook draft of 2008-January-19] 


1.6: Operations on high bits or blocks of a word 


17 


11111111111111111111111111111111 
0 
sida geusea coi ede cones sqahesnseevene ta ea amenend fie tame 111 


Rape enh atin, ae Were eee Lay 

31 
PO Re es ee eT Ee 111 
Eee dod see es fs eines aL 
11111114114111111111111111111... 

3 
ERC KE GER EG EERE Leet chk haste 
POR Ce On Mac foc Sait cm i 
SEER REGERE CE OpeNe tbe te mee 
CEGEREEESE TEE Eh ESR On peg ein 
Sma pale wie, eee ye my 


OxfOf7 == word 
highest_bit 
highest_bit_Oledge 
highest_bit_10edge 
highest_bit_idx 
low_zeros 

low_bits 
lowest_bit 
lowest_bit_Oledge 
lowest_bit_10edge 
lowest_bit_idx 
lowest_block 
delete_lowest_bit 
lowest_zero 
set_lowest_zero 
high_bits 
high_zeros 
highest_zero 
set_highest_zero 


OxffffOf08 == word 
highest_bit 
highest_bit_Oledge 
highest_bit_10edge 
highest_bit_idx 
low_zeros 

low_bits 
lowest_bit 
lowest_bit_Oledge 
lowest_bit_10edge 
lowest_bit_idx 
lowest_block 
delete_lowest_bit 
lowest_zero 
set_lowest_zero 
high_bits 
high_zeros 
highest_zero 
set_highest_zero 


Figure 1.6-A: Operations on the highest and lowest bits (and blocks) of a binary word for two different 


32-bit input words. Dots denote zeros. 


if ( x & 0x000000f0 ) {x >>= 4; 
if ( x & 0x0000000c ) { x >>= 2; 
if ( x & 0x00000002 ) { 

return r; 


qeudts // BITS_USE_ASM 


Isolation of the high zeros goes like 


static inline ulong high_zeros(ulong x) 


rt= 4; } 
rt= 2; } 
rt+= 1; } 


// Return word where all the (high end) zeros are set. 


// e.g.: 00011001 --> 11100000 
// Returns 0 if highest bit is set: 


ve 11011001 --> 00000000 
x |= x>>1; 
x |= x>>2; 
x |= x>>4; 
x |= x>>8; 
x |= x>>16; 
#if BITS_PER_LONG >= 64 
x |= x>>32; 
#endif 


The high bits can be isolated using arithmetical right shift 


static inline ulong high_bits(ulong x) 


// Return word where all the (high end) ones are set. 


// e.g. 11001011 --> 11000000 
// Returns 0 if highest bit is zero: 


[fxtbook draft of 2008-January-19] 


18 Chapter 1: Bit wizardry 


v 01110110 --> 00000000 
long y = (long)x; 
y &= y>>1; 
y &= y>>2; 
y &= y>>4; 
y &= y>>8; 
y & y>>16; 
#if BITS_PER_LONG >= 64 
y &= y>>32; 
#endif 


return (ulong)y; 


} 
In case arithmetical shifts are more expensive than unsigned shifts, instead use 


static inline ulong high_bits(ulong x) 
ti 


} 


return high_zeros( ~x ); 


A demonstration of selected functions operating on the highest or lowest bit (or block) of binary words 


is given in [FXT: bits/bithilo-demo.cc). A part of the output is shown in figure 


1.7 Functions related to the base-2 logarithm 


The following functions are given in [FXT: bits/bit2pow.h). 


The function 1d() that shall return |log,(a)| can be implemented using the obvious algorithm: 


static inline ulong ld(ulong x) 
// Return k so that 2°*k <= x < 27 (k+t1) 
i If x==0 then 0 is returned (!) 


ulong k = 0; 
while ( x>>=1 ) ‘{ ++k; } 
return k; 


} 
And then, 1d() is the same as highest_bit_idx(), so one can use 


static inline ulong ld(ulong x) 


{ 
} 


return highest_bit_idx(x); 


The bit-wise algorithm can be faster if the average result is known to be small. 
The function one_bit_q( can be used to determine whether its argument is a power of two: 


static inline bool one_bit_q(ulong x) 
// Return whether x \in {1,2,4,8,16,...} 
{ 


ulong m = x-1; 
return (((x7m)>>1) == m); 
The following function does the same except that it returns true also for the zero argument: 


static inline bool is_pow_of_2(ulong x) 
// Return whether x == O(!) or x == 2**k 
{ 


return !(x & (x-1)); 


Occasionally useful in FFT based computations (where the length of the available FFTs is often restricted 
to powers of two) are 


static inline ulong next_pow_of_2(ulong x) 
// Return x if x=2**k 

// else return 2**ceil(log_2(x)) 

// Exception: returns 0 for x== 


{ 


[fxtbook draft of 2008-January-19] 


1.8: Counting bits and blocks of a word 19 


if ( is_pow_of_2(x) ) return x; 
x |= x >> 1; 
x |= x >> 2; 
x |= x >> 4; 
x |= x >> 8; 
x |= x >> 16; 
#if BITS_PER_LONG == 64 
x |= x >> 32; 
#endif 
return x +1; 
} 
and 


static inline ulong next_exp_of_2(ulong x) 
// Return k if x=2**k else return kt1. 
// Exception: returns 1 for x== 


{ 
ulong ldx = 1d(x); 
ulong n = 1UL<<ldx; // n<=x 
if ( n==x ) return ldx; 
else return ldx+1; 
} 


The following version of next_pow_of_2() can be faster than the one given above if assembler inlines are 
used: 


static inline ulong next_pow_of_2(ulong x) 


{ 
if ( is_pow_of_2(x) ) return x; 
ulong n = 1UL<<ld(x); // n<x 
return n<<i; 

} 


1.8 Counting bits and blocks of a word 


If your CPU does not have a bit count instruction (sometimes called ‘population count’) then you 
might use an algorithm given in [FXT: bits/bitcount.h). The following functions need proportional 
to log,(BITS_PER_LONG) operations: 


static inline ulong bit_count(ulong x) 
// Return number of bits set 


x = (0x55555555UL & x) + (0x55555555UL & (x>> 1)); // 0-2 in 2 bits 

x = (0x33333333UL & x) + (0x33333333UL & (x>> 2)); // 0-4 in 4 bits 

x = (Ox0f0f0fOfUL & x) + (Ox0fOfOfOfUL & (x>> 4)); // 0-8 in 8 bits 

x = (Ox00ff00ffUL & x) + (Ox00ffO00fFUL & (x>> 8)); // 0-16 in 16 bits 
x = (Ox0000ffffUL & x) + (Ox0000ffffUL & (x>>16)); // 0-31 in 32 bits 
return x; 


} 


The underlying idea is to do a search via bit masks. The code can be improved to either 


x = ((x>>1) & 0x55555555UL) + (x & 0x55555555UL);_  // 0-2 in 2 bits 
x = ((x>>2) & 0x33333333UL) + (x & 0x33333333UL); // 0-4 in 4 bits 
x = ((x>>4) + x) & OxOfOfOfOFUL; // 0-8 in 4 bits 
x += x>> 8; // 0-16 in 8 bits 
x += x>>16; // 0-32 in 8 bits 


return x & Oxff; 
or (taken from [Ii]) 


(x>>1) & 0x55555555UL; 

((x>>2) & 0x33333333UL) + (x & 0x33333333UL) ; 
((x>>4) + x) & Ox0f0fO0fOFUL; 

*= 0x01010101UL; 

eturn x>>24; 


x 
x 
x 
x 
r 


Which of the latter two versions is faster mainly depends on the speed of integer multiplication. 


For 64-bit words the masks have to be adapted and one more step must be added (example corresponding 
to the second variant above): 


[fxtbook draft of 2008-January-19] 


20 Chapter 1: Bit wizardry 


x = ((x>>1) & 0x5555555555555555UL) + (x & 0x5555555555555555)UL; // 0-2 in 2 bits 
x = ((x>>2) & 0x3333333333333333UL) + (x & 0x3333333333333333)UL; // 0-4 in 4 bits 
x = ((x>>4) + x) & OxO0f0f0FOFOLOLOFOLUL; // 0-8 in 4 bits 
x += x>> 8; // 0-16 in 8 bits 
x += x>>16; // 0-32 in 8 bits 
x += x>>32; // 0-64 in 8 bits 


return x & Oxff; 


The following code (communicated by Johan Rénnblom [priv.comm.]) may be advantageous for 32-bit 
systems where loading constants is somewhat expensive: 
inline uint CountBits32(uint a) 


uint mask = 011111111111UL; 
a= (a - ((a&*mask)>>1)) - ((a>>2)&mask) ; 


a t= a>>3; 
a=(a& 070707) + ((a>>18) & 070707); 
a *= 010101; 


return ((a>>12) & Ox3f) ; 
} 


The following algorithm avoids all branches and may be useful when branches are expensive: 


static inline ulong bit_count_01(ulong x) 
// Return number of bits in a word 
// for words of the special form 00...0001...11 
{ 
ulong ct = 0; 
ulong a; 
#if BITS_PER_LONG = 
a=(x& queso >> (32-5); // test bit 32 
KX >>= a; ct += a; 


#endif 
a= (x & Ueto)? >> (16-4); // test bit 16 
KX >>= a; += a; 


= (x & (AUL<<8)) >> (8-3); // test bit 8 
>>= a; ct += a; 


= (x & (AUL<<4)) >> (4-2); // test bit 4 
>>= a; ct += a; 


= (x & (AUL<<2)) >> (2-1); // test bit 2 
o7= A> Ct t= a5 


= (x & (AUL<<1)) >> (1-0); // test bit 1 
PPS 8s Cb = as 


ct t= x & 1; // test bit 0 
return ct; 


oo xo WM 


1.8.1 Sparse counting 


When the (average input) word is known to have only a few bits set the following sparse count variant 
can be advantageous: 


static inline ulong bit_count_sparse(ulong x) 
// Return number of bits set. 
if ( O==x ) return 0; 
ulong n = 0; 
do { ++tn; } while ( x & (x-1) ); 
return Nn; 


} 


The loop will execute once for each set bit. 


1.8.2 Counting blocks 
The number of bit-blocks in a binary word can computed by the following function: 
static inline ulong bit_block_count(ulong x) 


// Return number of bit blocks. 


[fxtbook draft of 2008-January-19] 


1.9: Bit set lookup 21 


// E.g.: 

// ..1..41111...141. -> 3 
// ...4..11111...411 -> 3 
DP naka At csatanint 1.1.. > 3 
a ate acecentis 111.1111 -> 2 


return bit_count( (x7*(x>>1)) ) / 2+ (x & 1); 


Similarly, the number of blocks with two or more bits can be counted via: 


static inline ulong bit_block_ge2_count(ulong x) 

// Return number of bit blocks with at least 2 bits. 
E.g.: 

// ..1..11111...111. -> 2 

// ...1..11111...111 -> 2 

L. secaaeets : 1eden =2 0 

e itn dae OS. & 11,1111 => 2 


return bit_block_count( x & ( (x<<1i) & (x>>1) ) ); 


1.8.3. GCC builtins * 


Newer versions of the C compiler of the GNU Compiler Collection (GCC , Starting with version 3.4) 
offer a function __builtin_popcountl(ulong) that counts the bits of an unsigned long integer. 


We list a few such functions, taken from {113}: 


int __builtin_ffs (unsigned int x) 
Returns one plus the index of the least significant 1-bit of x, 
or if x is zero, returns zero. 


int __builtin_clz (unsigned int x) 
Returns the number of leading O-bits in x, starting at the 
most significant bit position. If x is 0, the result is undefined. 


int __builtin_ctz (unsigned int x) 
Returns the number of trailing O-bits in x, starting at the 
least significant bit position. If x is 0, the result is undefined. 


int __builtin_popcount (unsigned int x) 
Returns the number of i-bits in x. 


int __builtin_parity (unsigned int x) 
Returns the parity of x, i.e. the number of i-bits in x modulo 2. 


The names of corresponding versions for arguments of type unsigned long are obtained by adding ‘1’ (ell) 
to the names. 


1.9 Bit set lookup 


There is a nice trick to determine whether a given number is contained in a given subset of the set 


{0, 1, 2, ...,BITS_PER_LONG—1}. As an example, in order to determine whether x is a prime less than 32, 
one can use the function 

ulong m = (1UL<<2) | (1UL<<3) | (41UL<<5) | ... | (1UL<<31); // precomputed 

static inline ulong is_tiny_prime(ulong x) 

{ 


return m & (1UL << x); 


The same idea applied to lookup tiny factors [FXT: bits/tinyfactors.h): 


static inline bool is_tiny_factor(ulong x, ulong d) 

// For x,d < BITS_PER_LONG (!) 

// return whether d divides x (1 and x included as divisors) 
vy no need to check whether d==0 


return (0 != ( (tiny_factors_tab[x]>>d) & 1) ); 


[fxtbook draft of 2008-January-19] 


22 Chapter 1: Bit wizardry 


} 


The function uses the precomputed array [FXT: |bits/tinyfactors.cc]: 


extern const ulong tiny_factors_tab[] = 


{ 
OxOUL, // x = 0: C bitsh .cchsass ) 
Ox2UL, // x=1: 1 ( bits: ...... 1.) 
Ox6UL, // x =2: 12 ( bits: ..... 11.) 
OxaUL, // x = 3: 13 C bits ssid) 
Ox16UL, //x=4: 124 ( bits: ...4.41.) 
0x22UL, //x=5: 15 ( bits: ..1...1.) 
Ox4eUL, // x =6: 1236 ( bits: .1..111.) 
Ox82UL, //x=7: 17 ( bits: 1..... 1.) 
Ox116UL, // x=8: 1248 
Ox20aUL, // x =9: 139 
{[--snip--] 
0x20000002UL, // x = 29: 1 29 
0x4000846eUL, // x = 30: 1235 6 10 15 30 
0x80000002UL, // x = 31: 1 31 


#if ( BITS_PER_LONG > 32 ) 
0x100010116UL, // x 
0x20000080aUL, // x 


32: 12 4 8 16 32 
33: 13 11 33 


[--snip--] 
0x2000000000000002UL, // x = 61: 1 61 
0x4000000080000006UL, // x = 62: 1 2 31 62 


0x800000000020028aUL _// x 63: 1379 2163 


#endif // ( BITS_PER_LONG > 32 ) 


» 


Bit arrays of arbitrary size are discussed in section [4.6]on page 


1.10 Avoiding branches 


Branches are expensive operations with many CPUs, especially if the CPU pipeline is very long. The 
function in this section avoid branches, they are given in [FXT: bits/branchless.h. 


The following function returns max(0, x). That is, zero is returned for negative input, else the unmodified 
input: 


static inline long max0(long x) 


{ 
return x & ~(x >> (BITS_PER_LONG-1)); 


There is no restriction on input range. The trick used is that with negative x the arithmetic shift will 
give a word of all ones which is then negated and the AND-operation deletes all bits. Similarly: 


static inline long minO(long x) 
// Return min(O, x), i.e. return zero for positive input 


{ 
return x & (x >> (BITS_PER_LONG-1)); 


Computation of the average (a + y)/2 of two arguments x and y. The function gives the correct value 
even if (2 + y) does not fit into a machine word: 


static inline ulong average(ulong x, ulong y) 

// Return (x+y)/2 

// Use the fact that xty == ((x&y)<<1) + (x*y) 

// that is: sum == carries + sum_without_carries 


return (x & y) + ((x * y) >> 1); 
} 


If it is known that « > y then one can alternatively use the statement return y+(x-y)/2. 


The following upos_*() functions only work for a limited range. The highest bit must not be set in order 
to have the highest bit emulate the carry flag. Branchless computation of the absolute difference |a — }]: 


[fxtbook draft of 2008-January-19] 


1.10: Avoiding branches 23 


static inline ulong upos_abs_diff(ulong a, ulong b) 


long di = b - a; 
long d2 = (di & (di>>(BITS_PER_LONG-1)))<<1; 
return di - d2; // == (b - d) - (a +d); 


Sorting of the arguments: 


static inline void upos_sort2(ulong &a, ulong &b) 
// Set fa, b} := {min(a, b), max(a,b)} 
// Both a and b must not have the most significant bit set 


: long d =b- a; 
d & (d>>(BITS_PER_LONG-1)) ; 
a t= d; 
b -= d; 

} 


The following two functions adjust a given values when it lies outside a given range. 


static inline long clip_rangeO(long x, long m) 
// Code equivalent (for m>0) to: 

// if ( xx<0O) x=0; 

// else if ( x>m) x=nm; 

// vreturn x; 


if ( (wlong)x > (ulong)m ) x =m & ~(x >> (BITS_PER_LONG-1)) ; 
return xX; 


static inline long clip_range(long x, long mi, long ma) 
// Code equivalent to (for mi<=ma): 

// if ( x<mi ) x =mi; 

// else if ( x>ma ) x = ma; 


x -= mi; 
x = clip_rangeO(x, ma-mi) ; 
x += mi; 


return xX; 


} 


Johan Ronnblom gives the following versions for signed integer minimum, maximum, and absolute value, 
that can be advantageous for PPC (G4) CPUs: 


#define B1 (BITS_PER_LONG-1) // bits of signed int minus one 

#define MINI(x,y) (C(x) & ((C(Cint) ((x)-(y)))>>B1)) + Cly) & ~CCCint) ((x)-(y)))>>B1))) 
#define MAXI(x,y) (C(x) & ~(CCint) ((x)-(y)))>>B1)) + Cly) & (CCint) ((x)-(y))>>B1)))) 
#define ABSI(x) (((x) & ~(((int) (x))>>B1)) - (Cx) & (CCint) (x))>>B1))) 


1.10.1 Conditional swap 


The following statement is compiled with a branch: 
if ( a<b ) { ulong t=a; a=b; b=t; } // swap if a < b 


// Here: ain %rcx, bin %rdx 

62 000e 4889C8 movq frcx, #rax #X, X 

68 0011 4839D1 cmpq wrdx, ALCX #X, X 

69 0014 7306 jae .L3 #, // the branch 
71 0016 4889D1 movq frdx, Arcx # X, X 

72 0019 4889C2 movq frax, %rax #X, X 

73 eLBt 


As conditional assignments can be done branchless, an equivalent branchless version is: 


{ ulong x=a*b; if (a>=b) { x=0; } a*=x; b*=x; } // swap if a <b 


255 OOaf 4889EA movq uarbp, Ardx #a, x 

257 00b2 B9000000 movl $0, hecx #, tmp83 

257 00 

260 O00b7 4831C2 xorq frax, %rax #b, x 

261 O0ba 4839C5 cmpq ¢rax, Arbp #b, a 

262 O0bd 480F43D1 cmovae %rcx, %rdx #x,, tmp83, x 
263 00c1 4831D5 xorq érdx, Arbp # x, a 

264 00c4 4831D0 xorq frdx, Arax # x, b 


[fxtbook draft of 2008-January-19] 


24 Chapter 1: Bit wizardry 


We'd like to have fewer instructions. If one tries 
{ ulong ta=a; if (a<b) {a=b; b=ta;} } // swap if a <b 


the generated code is identical to the first version. Let’s try [FXT: bits/cswap.h : 


static inline void cswap_lt(ulong &a, ulong &b) 

// Branchless equivalent to: 

// if ( axb ) { ulong t=a; a=b; b=t; } // swap if a <b 

{ 

asm volatile("movq %0, Z“4r15 \n" // t=a 

"cmpq 40, 41 \n" // cmp a, b 
"cmovae 41, %0 \n" // cond a=b 
"cmovae %%r15, %1 \n" // cond b=t 


"=r" (a), "=r" (b) // output 
"Oo" (a), "1" (b)  // input 
: "r15" // clobber 


} 
Now the machine code looks better: 


// Here: ain %rax, bin %rdx 

111 0027 4989C7 movq /rax, 4r15 # tmp71 

112 002a 4839C2 cmpq “%rax, /rdx # tmp71, tmp72 
113 002d 480F43C2 cmovae %rdx, /rax # tmp72, tmp71 
114 0031 490F43D7 cmovae 4r15, %rdx # tmp72 


Clearly, the relative speed of the three versions depends on the machine used. But it also turns out to 
be dependent on the surrounding code. We use bubble sort for benchmarking: 


void bubble_sort(ulong *f, ulong n) 


while ( n-- > 1 ) 
for (ulong k=0; k<n; ++k) cswap_NN(f[k], f[k+1]); 
} 


Where we use the three versions of conditional swap for cswap_NN(). We sort an array of length 2!° 
twice with each version, once starting with an already sorted array and once with an array that is sorted 
in descending order. The ‘plain’ version wins: 


cswap_gt_plain(f[k], f[k+1]); // 3.58s 
cswap_gt_xor(f[k], f[k+1]); // 6.34s 
cswap_gt(f[k], f[k+1]); // 5.10s 


This is due to the fact that the compiler bypasses the store when no swap happens: 


103 0020 488B4808 movq 8(4rax), *rcx #, tmp71 
104 0024 488B10 movq (4/rax), Ardx #* f, tmp72 
105 0027 4839D1 cmpq “%rdx, Arcx # tmp72, tmp71 
106 002a 7307 jae .L7 #, 

108 002c 48895008 movq %rdx, 8(/rax) # tmp72, 
109 0030 488908 movq %rcx, (/rax) # tmp71,* f 
111 -L7: 


If we change the inner loop to 


for (ulong k=0; k<n; ++k) 
{ 


ulong a = f[k], b = f[k+1]; 
cswap_NN(a, b); 
f[k] =a; f[k+1] = b; 


} 
then we obtain: 


cswap_gt_plain(a, b); // 5.78s 
cswap_gt_xor(a, b); // 6.22s 
cswap_gt(a, b); // 4.68s 


Our innocent looking change in the code prevented the compiler from doing its nice trick. The XOR 
version is (within timing precision) as slow as before. The assembler version wins because the data is 
already in registers. We learn that profiling is an absolute must. 


[fxtbook draft of 2008-January-19] 


1.10: Avoiding branches 25 


1.10.2. Your compiler may be smarter than you thought 


The machine code generated for 


x = x & ~(x >> (BITS_PER_LONG-1)); // max0() 


is 
35: 48 99 cqto 
37: 48 83 c4 08 add $0x8,/rsp // stack adjustment 
3b: 48 £7 d2 not Ardx 
3e: 48 21 do and %xrvax , pax 


The variable x resides in the register rAX both at start and end of the function. The compiler uses a 
special (AMD64) instruction cqto. Quoting [12]: 


Copies the sign bit in the rAX register to all bits of the rDX register. The effect of this 
instruction is to convert a signed word, doubleword, or quadword in the rAX register into 
a signed doubleword, quadword, or double-quadword in the rDX:rAX registers. This action 
helps avoid overflow problems in signed number arithmetic. 


Now the equivalent 
x = ( x<0O ?0: x); // max0() "simple minded" 


is compiled to: 


35: ba 00 00 00 00 mov $0x0, hedx 
3a: 48 85 cO test {vax , ,rax 
3d: 48 Of 48 c2 cmovs %rdx,4rax // note fedx is %rdx 


A conditional move (cmovs) instruction is used here. That is, our optimized version is (on my machine) 
actually worse than the straightforward equivalent. 


A second example is the function clip_range() above. It is compiled to 


0: 48 89 £8 mov %xrdi , ,rax 

3: 48 29 £2 sub %xrvsi, ,rax 

6: 31 c9 xor Weck , heck 

8: 48 29 £0 sub {csi , ,rax 

b: 78 Oa js 17 <_Z2CL111+0x17> // the branch 
d: 48 39 do cmp “LAX , hLAX 

10: 48 89 di mov Wax , WCCX 

13% 48 Of 4e c8 cmovle %rax, 4rcx 

17: 48 8d 04 Oe lea (Arsi,%rcex,1),%rax 


Now we replace the code by 


inline long clip_range(long x, long mi, long ma) 


{ 
x -= mi; 
if ( xxO) x=0; 
// else // commented out to make (compiled) function really branchless 
ma -= mi; 
if ( x>ma ) x = ma; 
} 
x += mi; 
} 
Then the compiler generates branchless code: 
0: 48 89 £8 mov irdi , ,rax 
3: b9 00 00 00 00 mov $0x0, hecx 
8: 48 29 £0 sub %rvsi, ,rax 
b: 48 Of 48 ci cmovs %rcx,/4rax 
f: 48 29 £2 sub Uxrsi, ,rax 
12: 48 39 dO cmp “LAX , LAX 
15: 48 Of 4f c2 cmovg %rdx,/rax 
19: 48 01 £0 add %xrvsi, ,rax 


Still, with CPUs that do not have a conditional move instruction (or some branchless equivalent of it) 
the techniques shown in this section can be useful. 


[fxtbook draft of 2008-January-19] 


26 Chapter 1: Bit wizardry 


1.11 Bit-wise rotation of a word 


Neither C nor C++ have a statement for bit-wise rotation of a binary word (which may be considered a 
missing feature). The operation can be ‘emulated’ via [FXT: bits/bitrotate.h): 
static inline ulong bit_rotate_left(ulong x, ulong r) 


// Return word rotated r bits to the left 
// (i.e. toward the most significant bit) 


{ 


} 


As already mentioned, GCC emits exactly the CPU instruction that is meant here, even with non-constant 
argument r. Well done, GCC folks! Explicit use of the corresponding assembler instruction should not 
do any harm: 


return (x<<r) | (x>>(BITS_PER_LONG-r)) ; 


static inline ulong bit_rotate_right(ulong x, ulong r) 
// Return word rotated r bits to the right 
// (i.e. toward the least significant bit) 


{ 
#if defined BITS_USE_ASM // use x86 asm code 
return asm_ror(x, nr); 
#else 
return (x>>r) | (x<<(BITS_PER_LONG-r)); 
aaa 


where we used [FXT: bits/bitasm-amd64.h): 


static inline ulong asm_ror(ulong x, ulong r) 


{ 
asm ("rorq ‘%hcl, 40" : "=r" (x) : "O" (x), "c" (r)); 
return x; 


Rotations using only a part of the word length are achieved by 


static inline ulong bit_rotate_left(ulong x, ulong r, ulong 1dn) 


// Return ldn-bit word rotated r bits to the left 
// (i.e. toward the most significant bit) 

// Must have O <= r <= 1dn 

{ 


ulong m = ~OUL >> ( BITS_PER_LONG - ldn ); 


x & m; 
x = (x<<r) | (x>>(1ldn-r)); 
x & m; 
return xX; 
} 
and 


static inline ulong bit_rotate_right(ulong x, ulong r, ulong ldn) 
// Return ldn-bit word rotated r bits to the right 

// (i.e. toward the least significant bit) 

C Must have 0O <= r <= ldn 


ulong m = ~OUL >> ( BITS_PER_LONG - ldn ); 
x & mn; 

x = (x>>r) | (x<<(ldn-r)); 

x & mn; 

return xX; 


} 
Finally, the functions 


static inline ulong bit_rotate_sgn(ulong x, long r, ulong 1dn) 
// Positive r --> shift away from element zero 


if (r>0O) return bit_rotate_left(x, (ulong)r, ldn); 
else return bit_rotate_right(x, (ulong)-r, ldn); 
} 
and (full-word version) 


static inline ulong bit_rotate_sgn(ulong x, long r) 
// Positive r --> shift away from element zero 


{ 


[fxtbook draft of 2008-January-19] 


1.12: Functions related to bit-wise rotation * 27 


if (r>0O) return bit_rotate_left(x, (ulong)r); 
else return bit_rotate_right(x, (ulong)-r); 


are sometimes convenient. 


1.12 Functions related to bit-wise rotation * 


We give several functions related to cyclic rotations of binary words. The following function determines 
whether there is a cyclic right shift of its second argument so that it matches the first argument. It is 
given in [FXT: bits /bitcyclic-match.h): 


static inline ulong bit_cyclic_match(ulong x, ulong y) 

// Return r if x==rotate_right(y, r) else return ~OUL. 

// In other words: return 

// how often the right arg must be rotated right (to match the left) 
// or, equivalently: 

// how often the left arg must be rotated left (to match the right) 


{ 
ulong r = 0; 
do 
{ 
if ( x==y ) return r; 
y = bit_rotate_right(y, 1); 
} 
while ( ++r < BITS_PER_LONG ); 
return ~OUL; 
} 


The functions shown work on the full length of the words, equivalents for the sub-word of the lowest 1dn 
bits are given in the respective files. Just one example: 


static inline ulong bit_cyclic_match(ulong x, ulong y, ulong 1dn) 
// Return r if x==rotate_right(y, r, ldn) else return ~OUL 
// (using ldn-bit words) 


{ 
ulong r = 0; 
do 
{ 
if ( x==y ) return r; 
y = bit_rotate_right(y, 1, ldn); 
while ( ++r < ldn ); 
return ~OUL; 
} 


The minimum among all cyclic shifts of a word can be computed via the following function given in [FXT: 
bits/bitcyclic-minmax.h : 


static inline ulong bit_cyclic_min(ulong x) 
// Return minimum of all rotations of x 


ulong r = 1; 
ulong m = x; 
do 
{ 


x = bit_rotate_right(x, 1); 
if ( x<m) m=x; 


} 
while ( ++r < BITS_PER_LONG ); 


return Mm; 


[fxtbook draft of 2008-January-19] 


28 Chapter 1: Bit wizardry 


Selecting from all n-bit words those that are equal_to their cyclic minimum gives the sequence of the 
binary length-n necklaces, see chapter [17] on page [335] For example, with 6-bit words: 


word period word period 
eer 1 ..-11,1 6 
soaks 1 6 .,1111 6 
sag bl 36 wets: 2 
ced dl 6 -1,111 6 
ced 1 6 i IPs Ds 
wtsgd 3 .11111 6 
.1.11 6 111111 1 


The values in each right column can be computed using [FXT: bits/bitcyclic-period.hi: 


static inline ulong bit_cyclic_period(ulong x, ulong 1dn) 

// Return minimal positive bit-rotation that transforms x into itself. 
// (using ldn-bit words) 

// The returned value is a divisor of ldn. 


ulong y = bit_rotate_right(x, 1, ldn); 
return bit_cyclic_match(x, y, ldn) + 1; 
} 


It is possible to completely avoid the rotation of partial words: let d be a divisor of the word length n. 
Then the rightmost (n — 1)d bits of the word obtained as x*(x>>d) are zero exactly if the word has 
period d. Thereby we can use the following function body: 


ulong sl = BITS_PER_LONG-1dn; 
for (ulong s=1; s<ldn; ++s) 


t++s1; 
if ( 0==( (x7(x>>s)) << sl) ) return s; 


} 
return ldn; 
Testing for periods that are not divisors of the word length can be avoided as follows: 


ulong f = tiny_factors_tab[ldn] ; 
ulong sl = BITS_PER_LONG-1dn; 
for (ulong s=1; s<ldn; ++s) 


{ 

t++s1; 

f >>= 1; 

if ( 0==(£k1) ) continue; 

if ( 0==( (x*(x>>s)) << sl) ) return s; 
} 
return ldn; 


The table of tiny factors used is shown in section [I.9]on page 

The version for 1dn==BITS_PER_LONG can be optimized similarly: 

static inline ulong bit_cyclic_period(ulong x) 

// Return minimal positive bit-rotation that transforms x into itself. 


// (same as bit_cyclic_period(x, BITS_PER_LONG) ) 


// The returned value is a divisor of the word length, 


// i.e. 1,2,4,8,...,BITS_PER_LONG. 
{ 
ulong r = 1; 
do 
{ 
ulong y = bit_rotate_right(x, r); 
if ( x==y ) return r; 
r <<= 1; 


+ 
while ( r < BITS_PER_LONG ); 


return r; // == BITS_PER_LONG 
} 


A related function computes the cyclic distance between two words [FXT: |bits/bitcyclic-dist.h): 


inline ulong bit_cyclic_dist(ulong a, ulong b) 
// Return minimal bitcount of (t ~ b) 
// where t runs through the cyclic rotations. 


{ 
~OUL; 
a; 


ulong d 
ulong t 


[fxtbook draft of 2008-January-19] 


1.12: Functions related to bit-wise rotation * 29 


~ b; 
it_count( z ); 
if (e<d) d=e; 

t = bit_rotate_right(t, 1); 


oO ct 


} 
while ( t!=a ); 
return d; // not reached 


} 
The functions [FXT: bits/bitcyclic-xor.h 


static inline ulong bit_cyclic_rxor(ulong x) 


{ 
} 


and 


return x ~ bit_rotate_right(x, 1); 


static inline ulong bit_cyclic_lxor(ulong x) 


{ 


return x ~ bit_rotate_left(x, 1); 


return a word where the number of bits is even. In order to produce a random value with an even number 
of set bits one can use either variant. If the bit count shall be odd, XOR the value with ond>| afterwards. 


Iterated application always ends in a cycle, two examples using 6-bit words are: 


11111 
iii: <--= cycle start 
1111.. 

Sead 
11,.11 

odode 

..1111 <--= cycle end 
1.1. 

111, 

seeds 

.11.11 <--= cycle start 
11.443 
1.11.1 <--= cycle end 
11.11 


een <--= cycle start == cycle end 


Cyclic shifts of a word produce cyclic shifts of the same cycle of words. A word and its complement 
produce the same result. 


The inverse functions need no rotation at all, the inverse of bit_cyclic_rxor() is the inverse Gray code 


(see section on page (36): 


static inline ulong bit_cyclic_inv_rxor(ulong x) 
// Return v so that bit_cyclic_rxor(v) == 


{ 
} 


return inverse_gray_code(x) ; 


The argument x must have an even number of bits. If this is the case then the lowest bit of the result is 
zero. The complement of the returned value is also an inverse of bit_cyclic_rxor(). 


The inverse of bit_cyclic_lxor() is the inverse reversed code (see section }1.15.6]on page [41): 


static inline ulong bit_cyclic_inv_lxor(ulong x) 
// Return v so that bit_cyclic_lxor(v) == x. 


3 Actually any value with an odd number of set bits will do for the XOR. 


[fxtbook draft of 2008-January-19] 


30 Chapter 1: Bit wizardry 


{ 
} 


return inverse_rev_gray_code(x) ; 


We do not need to mask out the lowest bit because for valid arguments (that have an even number of bits) 
the high bits of the result are zero. This function can be used to solve the quadratic equation v? ++ v = x 
in the finite field GF(2") when normal bases are used, see page 


1.13 Reversing the bits of a word 


The bits of a binary word can efficiently be reversed by a sequence of steps that reverse the order of 
certain blocks. For 16-bit words, we need 4 = log,(16) such steps [F XT: |bits/revbin-steps-demo.cc): 


[0123456789 abcdef ] 

[1032547698 badcfe] <--= pairs swapped 
[32107654ba98£fedc] <--= groups of 2 swapped 
[76543210fedcba9Q98] <--= groups of 4 swapped 
[fedcba9876543210] <--= groups of 8 swapped 


1.13.1 Swapping adjacent bit blocks 


We need a couple of auxiliary functions given in [FXT: |bits/bitswap.h). Pairs of adjacent bits can be 
swapped via 


static inline ulong bit_swap_1(ulong x) 
// Return x with neighbour bits swapped. 


{ 
#if BITS_PER_LONG == 32 
ulong m = 0x55555555UL; 


#else 
#if BITS_PER_LONG == 


4 
ulong m = 0x5555555555555555UL ; 
#endif 


#endif 
return ((x & m) << 1) | ((x & (‘m)) >> 1); 
The 64-bit branch is omitted in the following examples. Adjacent groups of 2 bits are swapped by 


static inline ulong bit_swap_2(ulong x) 
// Return x with groups of 2 bits swapped. 


ulong m = 0x33333333UL; 
return ((x & m) << 2) | ((x & (“m)) >> 2); 


Equivalently, 


static inline ulong bit_swap_4(ulong x) 
// Return x with groups of 4 bits swapped. 


ulong m = Ox0f0f0fOfUL; 
return ((x & m) << 4) | ((x & (“m)) >> 4); 
} 


and 


static inline ulong bit_swap_8(ulong x) 
// Return x with groups of 8 bits swapped. 


ulong m = Ox00ffO00ffUL; 
return ((x & m) << 8) | ((x & (“m)) >> 8); 
} 


When swapping half-words (here for 32-bit architectures) 


static inline ulong bit_swap_16(ulong x) 
// Return x with groups of 16 bits swapped. 


ulong m = Ox0000ffffUL; 


[fxtbook draft of 2008-January-19] 


1.13: Reversing the bits of a word 3l 


return ((x & m) << 16) | (C(x & (m<<i6)) >> 16); 


GCC is clever enough to recognize that the whole operation is equivalent to a (left or right) word 
rotation_and indeed emits just a single rotate instruction. We could also use the bit-rotate function from 


section on page [26] or 


return (x << 16) | (x >> 16); 


1.13.2 Bit-reversing binary words 


The shown functions are taken from [FXT: bits/revbin.h|). The following is a 64-bit version of revbin() 


static inline ulong revbin(ulong x) 
// Return x with bitsequence reversed 
{ 
bit_swap_1(x) ; 
bit_swap_2(x) ; 
bit_swap_4(x) ; 
bit_swap_8(x) ; 
bit_swap_16(x) ; 
#if BITS_PER_LONG >= 64 

x = bit_swap_32(x); 


#endif 
return x; 
} 


Ppt Pd OP 
iououw uu 


For 32-bit machines the bit_swap_32() line would have to be omitted. 


The steps after bit_swap_4() correspond to a byte-reverse operation. This operation is just one assembler 


instruction for many CPUs (‘bswap’). The inline assembler with GCC for AMD64 CPUs is given in [FXT: 
bits/bitasm-amd64.h): 


static inline ulong asm_bswap(ulong x) 


{ 
asm ("bswap 40" : "=r" (x) : "0" (x)); 
return x; 


We use it for byte reversion when available: 


static inline ulong bswap(ulong x) 
// Return word with reversed byte order. 


{ 
#ifdef BITS_USE_ASM 
x = asm_bswap(x); 


#else 
x = bit_swap_8(x); 
x = bit_swap_16(x); 


#if BITS_PER_LONG >= 64 
x = bit_swap_32(x); 
#endif 


#endif // def BITS_USE_ASM 
return x; 
} 


The function actually used for bit reversion is good for both 32 and 64 bit words: 


static inline ulong revbin(ulong x) 


{ 
x = bit_swap_1(x); 
x = bit_swap_2(x); 
x = bit_swap_4(x); 
x = bswap(x); 
return x; 

} 


One can generate the masks in the process as follows: 


static inline ulong revbin(ulong x) 


{ 
ulong s = BITS_PER_LONG >> 1; 
ulong m = ~OUL >> s; 
while (s ) 


[fxtbook draft of 2008-January-19] 


32 


return xX; 


} 


Chapter 1: Bit wizardry 


Note that the above function will not always beat the obvious, bit-wise algorithm: 


static inline ulong revbin(ulong x) 


{ 
ulong r = 0, ldn = BITS_PER_LONG; 


ou ( ldn-- != 0 ) 
vr <<= 1; 
r t= (x&1); 
x >>= 1; 

return TY; 


} 


Therefore the function 


static inline ulong revbin(ulong x, ulong ldn) 
// Return word with the ldn least significant bits 


// (i.e. bit_O... 
// the other bits are set to zero. 


{ 


bit_{ldn-1}) of x reversed, 


return revbin(x) >> (BITS_PER_LONG-1dn) ; 


should only be used when 1dn is not too small, else replaced by the trivial algorithm. 


One can also use table lookups methods so that, for example, eight bits are reversed at a time using a 
256-byte table. We give the routine for full words: 


unsigned char revbin_tab[256]; // reversed 8-bit words 


ulong revbin_t(ulong x) 


{ 
ulong r = 0; 
for (ulong k=0; k<BYTES_PER_LONG; ++k) 
r <<= 8; 
r |= revbin_tab[ x & 255 ]; 
x >>= 8; 
return r; 
} 


The routine can be optimized by unrolling to 


static inline ulong revbin_t(ulong x) 


{ 


ulong r = revbin_tab[ x & 255 ]; 

r <<= 8; xr |= revbin_tab[ x & 255 ]; 

r <<= 8; xr |= revbin_tab[ x & 255 ]; 
#if BYTES_PER_LONG > 4 

r <<= 8; xr |= revbin_tab[ x & 255 ]; 

r <<= 8; xr |= revbin_tab[ x & 255 ]; 

r <<= 8; xr |= revbin_tab[ x & 255 ]; 

r <<= 8; xr |= revbin_tab[ x & 255 ]; 
#endif 

r <<= 8; r |= revbin_tab[ x ]; 

return r; 


avoid all branches: 


ptt Pd 

Vv VVwv 

Vv VVVv 

i] Io 
©0000 00 © OO 


bd Pd Pd bd 


However, reversing the first 23° binary words with this routine takes (on a 64-bit machine) longer than 


with the routine using the bit_swap_NNQ) calls, see [FXT: bits/revbin-tab-demo.cc). 


Bit-hacker’s life would be easier if there was a CPU instruction for reversing a binary word. 


[fxtbook draft of 2008-January-19] 


1.13: Reversing the bits of a word 33 


1.13.3 Generating the bit-reversed words in order 


If the bit-reversed words have to be generated in the (reversed) counting order then there is a significantly 
cheaper way to do the update [FXT: bits/revbin-upd.hi: 

static inline ulong revbin_upd(ulong r, ulong h) 

// Let n=2**1ldn and h=n/2. 


// Then, with r == revbin(x, ldn) at entry, return revbin(x+1, ldn) 
// Note: routine will hang if called with r the all-ones word 


while ( !((r7=h)&h) ) h >>= 1; 
return TY; 


} 


Now assume we want to generate the bit-reversed words of all N = 2” words smaller than 2”. The total 
number of branches with the while-loop can be estimated by observing that for half of the updates just 
one bit changes, for a quarter two bits change, three bits change for one eighth of all updates, and so on. 
Thereby the loop executes less than 2 N times: 


log.(N) 


1 2 3 #4 log, (N) 7 j 
w(S+i+ ge ee + OE —- N 2 5 <2N (1.13-1) 


Observing that the updates that involve a single bit change occur at every second step we can avoid half 
of all branches. 

For large vales of N the following method can be significantly faster if a fast routine is available for the 
computation of the least significant bit in a word. The underlying observation is that for a fixed word of 
size n there are just n different patterns of bit-changes with incrementing. We generate a lookup table 
of the bit-reversed patterns, utab[], an array of BITS_PER_LONG elements: 


inline void make_revbin_upd_tab(ulong 1dn) 
// Initialize lookup table used by revbin_tupd() 


utab[0] = 1UL<<(1dn-1); 
for (ulong k=1; k<ldn; ++k) utab[k] = utab[k-1] | (utab[k-1]>>1); 
} 


The change patterns for n = 5 start as 


pattern reversed pattern 


wag hh arenes 
ect Ti... 
weed. er 
cod tt 111. 
eal ee 
seit ula eee 
idee Vises 
.1111 1111 
cil Me cates 
11 11 


The crucial observation is that the pattern with x set bits is used for the update of k to k +1 when the 
lowest zero of k is at position x — 1: 


used when the lowest 
reversed zero of k is at index: 


utab [0] = se (0) 
utab[1]= i Be les 1 
utab[2]= 199 3 2 
utab[3]= 1111. 3 
utab[4]= 11111 4 


The update routine can now be implemented as 


inline ulong revbin_tupd(ulong r, ulong k) 

// Let r==revbin(k, ldn) then 

// return revbin(k+1, ldn). 

// NOTE 1: need to call make_revbin_upd_tab(ldn) before usage 


// where ldn=log_2(n) 
// NOTE 2: different argument structure than revbin_upd() 
{ 

k = lowest_bit_idx(~k); // lowest zero idx 

r “= utab[k]; 

return r; 


[fxtbook draft of 2008-January-19] 


34 Chapter 1: Bit wizardry 


The revbin-update routines are used for the revbin permutation described in section [2.1] 


30 bits | 16 bits | 8 bits 
Update, bit-wise 1.00 1.00 1.00 revbin_upd() 
Update, table 0.99 1.08 1.15 revbin tupd() 
Full, masks 0.74 0.81 0.86 revbin() 
Full, 8-bit table 1.77 1.94 2.06 revbin_t () 
Full32, 8-bit table 0.83 0.90 0.96 revbin_t_le32() 
Fulll6, 8-bit table — 0.54 0.58 revbin_t_le16() 
Full, generated masks | 2.97 3.25 3.45 [page 
Full, bit-wise 8.76 5.77 2.50 | [page 32] 
Figure 1.13-A: Relative performance of the revbin-update and (full) revbin routines. The timing of 


the bit-wise update routine is normalized to one. Values in each column should be compared, smaller 
values correspond to faster routines. A column labeled “N bits” gives the timing for reversing the N 
least significant bits of a word. 


The relative performance of the different revbin routines is shown in figure As a surprise, the 
full-word revbin function is consistently faster than both of the update routines. This is mainly due 
to the fact that the machine used (see appendix [A] on page has a byte swap instruction. As the 
performance of table lookups is highly machine dependent your results can be very different. 


1.13.4 Alternative techniques for in-order generation 


The following loop, due to Brent Lehmann [priv.comm.], also generates the bit-reversed words in succes- 
sion: 


ulong n = 32; // a power of two 
ulong p = 0, s = 0, n2 = 2*n; 

do 

{ 


// here: s is the bit-reversed word 
p t= 2; 


, s “=n - (n / (pk-p)); 
while ( p<n2 ); 


The revbin-increment is branchless but involves a division which usually is an expensive operation. With 
a fast bit-scan function the loop should be replaced by 


1 
n - (n >> (lowest_bit_idx(p)+1)); 


} 
while ( p<n ); 


A recursive algorithm for the generation of the bit-reversed words in order is given in [FXT: bits/revbin- 
rec-demo.00 


ulong N; 
void revbin_rec(ulong f, ulong n) 


// visit( f ) 
for (ulong m=N>>1; m>n; m>>=1) revbin_rec(ftm, m); 


} 
One has to call revbin_rec(0, 0) to generate all N-bit bit-reversed words. 


A technique to generate all revbin pairs in a pseudo random order is given in section on page [837] 


[fxtbook draft of 2008-January-19] 


1.14: Bit-wise zip 35 
1.14 Bit-wise zip 


The bit-wise zip (bit-zip) operation moves the lower half bits to even indices and higher half bits to odd 
indices. For example, with 8-bit words the permutation of bits is (see section [2.5]on page (93): 


[abcdABCD] |-->LaAbBcCdD] 
A straightforward implementation is 


ulong bit_zip(ulong a, ulong b) 


{ 
ulong x = 0; 
ulong m= 1, s = 0; 
for (ulong k=0; k<(BITS_PER_LONG/2); ++k) 
x l= (a&m <5; 
++8; 
x l= (b&m <5; 
m <<= 1; 
return xX; 
} 


Its inverse (bit-unzip) moves even indexed bits to the lower half-word and odd indexed bits to the higher 
half-word: 


void bit_unzip(ulong x, ulong &a, ulong &b) 


a=0; b=0; 
ulong m= 1, s = 0; 
for (ulong k=0; k<(BITS_PER_LONG/2); ++k) 


{ 
a l= (x &m) >> s; 
++8; 
m <<= 1; 
b l= (x & m) >> sg; 
m <<= 1; 

} 


} 


The optimized versions (see [FXT: bits/bitzip.h)), using ideas similar to those in revbin() and 
bit_count(), are 


static inline ulong bit_zip(ulong x) 


{ 
#if BITS_PER_LONG == 64 
x = butterfly_16(x); 


#endif 
x = butterfly_8(x); 
x = butterfly_4(x); 
x = butterfly_2(x); 
x = butterfly_1(x); 
return xX; 

} 

and 


static inline ulong bit_unzip(ulong x) 
{ 
butterfly_1(x); 
butterfly_2(x) ; 
butterfly_4(x); 

= butterfly_8(x); 
#if BITS_PER_LONG == 64 
x = butterfly_16(x); 


#endif 
return xX; 
} 


Both use the butterfly_*()-functions which are defined in [FXT: |bits/bitbutterfly.h : 


static inline ulong butterfly_4(ulong x) 


bd Pd dP 


{ 
#if BITS_PER_LONG == 64 
const ulong ml = O0x0f000f000f000f00UL; 


#else 
const ulong ml = Ox0f000f00UL; 


#endif 


[fxtbook draft of 2008-January-19] 


36 Chapter 1: Bit wizardry 


const ulong s = 4; 

const ulong mr = ml >> s; 

const ulong t = ((x & ml) >>s) | (( & mr) << 8 ); 
x = (x & “@l | mr)) | t; 

return xX; 


} 


Laszlo Hars suggests [priv.comm.] the following routine (version for 32-bit words), which can be obtained 
by making the compile-time constants explicit: 


inline uint32 bit_zip(uint32 x) 


{ 
x = ((x & 0x0000ff00) << 8) | ((x >> 8) & Ox0000ff00) | (x & Oxff0000FF) ; 
x = ((x & Ox00f000f0) << 4) | ((x >> 4) & Ox00f000f0) | (x & Oxf00FF00F) ; 
x = ((x & Ox0cOcOcOc) << 2) | (C(x >> 2) & OxOcOcOcOc) | (x & Oxc3c3c3c3) ; 
x = ((x & 0x22222222) << 1) | ((x >> 1) & 0x22222222) | (x & 0x99999999) ; 
return x; 

} 


Functions that zip/unzip the bits of (the lower half of) two words are 


#define BPLH (BITS_PER_LONG/2) 


static inline ulong bit_zip2(ulong x, ulong y) 
// Two-word version: 
// only the lower half of x and y are merged 


{ 


} 
and 


return bit_zip( (y<<BPLH) + x ); 


static inline void bit_unzip2(ulong t, ulong &x, ulong &y) 
// Two-word version: 
// only the lower half of x and y are filled 


it 
t = bit_unzip(t); 
y = t >> BPLH; 
x = t ~ (y<<BPLH) ; 
} 


1.15 Gray code and parity 


The Gray code of a binary word can easily be computed by [FXT: |bits/graycode.h 


static inline ulong gray_code(ulong x) 


{ 


return x ~ (x>>1); 


Gray codes of consecutive values differ in one bit. Squared Gray codes of consecutive values differ in one 
or two bits. Gray codes of values that have a difference of a power of two differ in two bits. Gray codes 
of even/odd values have an even/odd number of bits set, respectively. This is demonstrated in [FXT: 


bits/gray2-demo.cc|, whose output is given in figure|1.15-A 


In order to produce a random value with an even/odd number of bits set, set the lowest bit of a random 
number to zero/one, respectively, and take the Gray code. 


Computing the inverse Gray code is slightly more expensive. Understanding the Gray code as ‘bit-wise 
difference modulo 2’ leads to the idea of computing the ‘bit-wise sums modulo 2’ for the inverse: 


static inline ulong inverse_gray_code(ulong x) 


{ 
// VERSION 1 (integration modulo 2): 
ulong h=1, r=0; 


x >>= 1; 
h = (h<<1)4+1; 


} 
while ( x!=0 ); 


[fxtbook draft of 2008-January-19] 


1.15: Gray code and parity 37 


k: bin(k) g(k) g(g(k)) g(2*k) = g(2*k+1) 
Oo vaauiine where eulitee, Saeed “qantas 1 
rer oe Lo .Gb3h eds Lee ho 1 Abas er di 
2 0 ee The tiated. : re rr 1. ee cle ware ddd 
Se 8 saascw abs sf ere Die -bbgutitens 11 gece edd isecsre Lee 
4: sual are seve orsat diac pares eee ectea le i A 
5: Revere res | seve ddl dangers ...1111 ares ist oe 
6: téedd, oslo d eae ddd ers eee etek 
7: em bd wteaidives gupialidlsg Pere eae | a cede 
8: baa Dates eo dis s ee gen Bares Eee ed Dee A 
9: webeol sou dod Pores eee Feil 11.11 ed Dede 
10: weld. ..1111 Soa dh sere 1111. ..11111 
Tis peepee la iT. ead ad 111.1 wt dds 
12: goede bos avedte ds sad tid Epil Godlee gad 
13: welled seater dh Poe eile 1.111 weds dd 
14: sv lld. sb badd 11.1 ev dered c re eee 
15: ae eed ae celece eels eee pees oa oe ater 
16: a Pale ensee seat Lit on5 Pere aes ee pe vd Diesen ak 
a As i glcceert dl stitch deed sede sak elt... Td eiteed 
18: re! rar mtd de ed sede dd 11.11. 11.111 
19: svg: ete del soldi ds ..1.111 11.1.1 Pe le ee 
20: pee eoe aren seti td. sede edd, 1111... 1111.1 
21: ae lo dood ..11111 oe eee 111111 e141. 
22: pohed ds caddis d wat diy ded 111.1. 111.11 
23: webs LEI setddens pidivids -111..1 dl Pd ses 
24: wack d oa sibel sit TL. sods dee eee eer | 
25: es dL. 1 warbeedived ..11111 1.1.11 vcd eds 
26: dak bad. s wai dad od wel TD oc els 141. od D101 
27: oll, 11 stead Ls ..111.1 1.11.1 Pp eee la 
28: op bids eis dedee ais vol Dold gd aes edStelaad 
29: eb 1 sige ie ck setts .1..111 presen (ei Oe 
30: eek dd. ris dient aes pi eee ol ssuecde veyed 
31: ..11111 Be eee olde 4a Baleares | sth Stiseras a 


Figure 1.15-A: Binary words, their Gray code, squared Gray code, and Gray codes of even and odd 
values. 


return r; 


} 
For n-bit words, n-fold application of the Gray code gives back the original word. Using the symbol G 
for the Gray code (operator) we have G" = id, so G’-!oG=id=G~1!0G. That is, applying the Gray 
code computation n — 1 times gives the inverse Gray code. Thus we can simplify to 

// VERSION 2 (apply graycode BITS_PER_LONG-1 times): 

ulong r = BITS_PER_LONG; 

while ( --r ) x “= x>>1; 

return x; 
Applying the Gray code twice is identical to x*=x>>2;, applying it four times is x*=x>>4;, and the idea 
holds for all powers of two. This leads to the most efficient way to compute the inverse Gray code: 


// VERSION 3 (use: gray ** BITSPERLONG == id): 


x “= x>>1; // gray ** 1 

x “= x>>2; // gray ** 2 

x “= x>>4; // gray ** 4 

x 7= x>>8; // gray ** 8 

x *= x>>16; // gray ** 16 
// here: x = gray**31 (input) 


// note: the statements can be reordered at will 
#if BITS_PER_LONG >= 64 

x 7= x>>32; // for 64bit words 
#endif 

return x; 


1.15.1 The parity of a binary word 


The parity of a word is its bit-count modulo two. The inverse Gray code of a word contains at each bit 
position the parity of all bits of the input left from it (including itself). Thereby we use the lowest bit 


IPXT: : 


static inline ulong parity(ulong x) 
// return 1 if the number of set bits is even, else 0 


[fxtbook draft of 2008-January-19] 


38 Chapter 1: Bit wizardry 


return inverse_gray_code(x) & 1; 


} 


Be warned that the parity bit of many CPUs is the complement of the above. With the x86-architecture 
the parity bit only takes in account the lowest byte, therefore [FXT: |bits/bitasm-i386.h : 


static inline ulong asm_parity(ulong x) 
{ 
x (x>>16) ; 
x “= (x>>8); 
asm ("addl $0, 40 \n" 

"setnp Asal \n" 

"movzx hal, %O" 

: Noy" (x) : No" (x) : "eax"); 
return x; 


The equivalent code for the AMD64 CPU is [FXT: bits/bitasm-amd64.h!: 
static inline ulong asm_parity(ulong x) 


x *= (x>>32); 
x *= (x>>16); 
x 7= (x>>8); 
asm ("addq $0, %0 \n" 
"setnp Asal \n" 
"movzx hal, %0" 
: Noy" (x) : No" (x) : "eax"); 
return x; 


1.15.2 Byte-wise Gray code and parity 


A byte-wise Gray code can be computed using (32-bit version) 


static inline ulong byte_gray_code(ulong x) 
// Return the Gray code of bytes in parallel 


{ 
return x ~ ((x & Oxfefefefe)>>1); 


Its inverse is 
static inline ulong byte_inverse_gray_code(ulong x) 
// Return the inverse Gray code of bytes in parallel 


{ 
x “= ((x & OxfefefefeUL)>>1); 
x “= ((x & OxfcfcfcfcUL)>>2) ; 
x “= ((x & OxfOfO0fOfOUL)>>4) ; 
return xX; 

Thereby 


static inline ulong byte_parity(ulong x) 
// Return the parities of bytes in parallel 
{ 


} 


return byte_inverse_gray_code(x) & 0x01010101UL; 


1.15.3 Incrementing (counting) in Gray code 


Let g(k) be the Gray code of a number k. We are interested in efficiently generating g(k +1). Using the 
observation shown in figure Bees can implement a fast Gray counter if we use a spare bit to keep 
track of the parity of the Gray code word. The following routine does this [FXT: bits/nextgray-.h : 
inline ulong next_gray2(ulong x) 

// With input x==gray_code(2*k) the return is gray_code(2*k+2). 

// Let x1 be the word x shifted right once 


// and ii its inverse Gray code. 
// Let r1 be the return r shifted right once. 


[fxtbook draft of 2008-January-19] 


1.15: Gray code and parity 


39 


k: g(k) g(2*k) g(k) 
Qe, aietecng:. wadiegess dey earhs 
| ree 1 nee errr le Sree 1 
2 ins ards 11 #11. 11 
ee 1 Pe 1 
4: 11 11.. 11 
5: 111 1111 111 
G: 1.1 sled. 1.1 
T: if with Aaa 1 

8: 11 eb ds .g 11 

9: 11.1 Pe es | 11.1 
10: 1111 Fer Ebb | 1111 
11 111. .1411.1 111 
12 y Bs ee wL.4 1.4 
13 1.11 eae d 04 1.411 
14: aoe lece fa Liedls Pere Bee 
15: crave Lind? er eter pore eee 
16: sel Aiea’ faa bs Dare re: hi eee 
17: 2211.21 11..11 1.4 


1 
1 


Ae 


‘11.. 


1 
1 


2} 
1, 2} 
2} 


3} 

2, 3} 

1, 2, 3} 
2, 3} 
3} 
1, 3} 
3} 


4} 
3, 4} 


Figure 1.15-B: The Gray code equals the Gray code of doubled value shifted to the right once. Equiv- 
alently, we can separate the lowest bit which equals the parity of the other bits. The last column shows 


that the changes with each increment always happen one position left of the rightmost bit. 


// Then ri = gray_code(il+1). 
// That is, we have a Gray code counter. 


// The argument must have an even number of bits. 


sf . 
x “= 1; 
x “= (lowest_bit(x) << 1); 
return x; 


To obtain a Gray counter, start with x=0, increment with x=next_gray2(pg) and use the words g=x>>1: 


ulong x = 0; 
for (ulong k=0; k<n2; ++k) 


{ 
ulong g = x>>1; 


X = next_gray2(x); 
// here: g == gray_code(k); 
} 


This is shown in [FXT: bits/bit-nextgray-demo.cc]. 


To start at an arbitrary (Gray code) value g compute 


x = (g<<i) * parity(g) 


in order to use the statement x=next_gray2(x) for later increments. 


If one works with a set whose elements are the set bits in the Gray code then the parity is the set size k 
modulo two. The increment can then be achieved as follows: if k is even then, if the first element is zero, 
then remove it, else prepend the element zero. If k is odd then, if the first element equals the second 
minus one, then remove the second element, else insert at the second position the element equal to the 
first element plus one. Further, the decrement is obtained by simply swapping the actions for even and 


odd parity. 


If one works with an array that contains the elements of the set it is more convenient to actually do 
the described operations at the end of the array. This leads to the (loopless) algorithm for subsets in 
minimal-change order that is given in section [8.2]on page [193] 


1.15.4 The Thue-Morse sequence 


The sequence of parities of the binary words, 


[fxtbook draft of 2008-January-19] 


40 Chapter 1: Bit wizardry 


011010011001011010010110011010011001011001101001... 


is called the Thue-Morse sequence (entry |A010060) of ). It appears in various seemingly unrelated 
contexts, see [8] and section on page 


The sequence can be generated with [FXT: class thue_morse in |bits/thue-morse.h): 


class thue_morse 
// Thue-Morse sequence 


a 
public: 


ulong k_; 
ulong tm_; 


public: 
thue_morse(ulong k) { init(k); } 
~thue_morse() { ; } 


ulong init(ulong k) 
k_ = k; 
tm_ = parity(k_); 
return tm_; 


} 
ulong data() ‘{ return tm_; } 
ulong next () 


ulong x = k_ ~*~ (k_ + 1); 


++k_; 

x “= x>>1; // highest bit that changed with increment 

x & 0x5555555555555555UL; 1 // 64-bit version 

tm_ “= ( x!=0 ); // change if highest changed bit was at even index 


return tm_; 
} 
Hee 


The rate of generation is about 435 million per second (5 cycles per update) [FXT: 
emo.) 


1.15.5 The Golay-Rudin-Shapiro sequence * 


++ 
+++- 

+++- +4+-+ 

+++- +4+-+ ¢4+4+- --4+- 

tt+t—- t+-+  ¢t4+- --t- t4t- tt-+ 0 ---+ t4-4+ 


tt+t—- tt-+  ¢t4- --t-  t4t— tt-+  ---t+ ttt ttt- F4-4 0 H44-0 --4- 


3, 6, 11,12,13,15, 19, 22, 


Figure 1.15-C: A construction for the GRS sequence. 


The function [FXT: bits/grsnegative.h 


static inline ulong grs_negative_q(ulong x) 


{ 
} 


returns one for indices where the Golay-Rudin-Shapiro sequence (or GRS sequence) has a negative value. 
The function returns one for x in the sequence 

3, 6, 11, 12, 13, 15, 19, 22, 24, 25, 26, 30, 35, 38, 43, 44, 45, 

47, 48, 49, 50, 52, 53, 55, 59, 60, 61, 63, 67, 70, 75, 76, 77 


79, 83, 86, 88, 89, 90, 94, 96, 97, 98, 100, 101, 103, 104, 105, 
106, 110, 115, 118, 120, 121, 122, 126, 131, 134, 139, 140, ... 


This is sequence |A020985 of [214], see also section on page [696] 


The sequence can be obtained by starting with a sequence of two ones and in each step appending the 
left half and the negated right half of the values so far, see figure|1.15-C 


return parity( x & (x>>1) ); 


[fxtbook draft of 2008-January-19] 


1.15: Gray code and parity 41 


The algorithm counts the bit-pairs modulo 2. Note that the sequence [1111] contains three bit-pairs: 
[11..], [.11.] and [..11]. The function proves to be useful in specialized versions of the fast Fourier- 
and Walsh transform, see section on page [436 


1.15.6 The reversed Gray code 


gl Ears Ea Bt Ug Fe Leer eee ea = OxefOf0000 == word 
Waved Us-wee dae dL cell gray_code 
rev_gray_code 
inverse_gray_code 


Wg yell Ake crane Oo ncteide tpi ce aehecheresev inverse_rev_gray_code 

weed....2111....1111111111111111 = Ox1ofoffff == word 
dad dairesase nasat Actanse Lava tena Garienshae, se.ssnsise 4 gray_code 

oddone ed 1 Wh ariel isl thgs se cars ide 1 = rev_gray_code 


inverse_gray_code 


oi i be ere oa Danae 8 1 inverse_rev_gray_code 
See Lecce eee eee eee ee eee = 0X2000000 == word 
eee Wie enti ey db ee eee = gray_code 

dealer’ 11......................... = rev_gray_code 

sents 11111111111111111111111111 = inverse_gray_code 
Me ae ssa aie siete ngie er eka ins aaa aa esa = inverse_rev_gray_code 
111111.1111111111111111111111111 = Oxfdffffff == word 
erates DD, gciecatecaren dante siete arabs wigs ee a = gray_code 

scievaeanes WA sco aeecannreiin ee a Scene eee L, = FOV pray codes 
1.1.1..1.1.1.1.1.1.1.1.1.1.1.1.1 = inverse_gray_code 
1.1.1.11.1.1.1.1.1.1.1.1.1.1.1.1 = inverse_rev_gray_code 


Figure 1.15-D: Four examples of the Gray code, reversed Gray code and their inverses with 32-bit 
words. 


We define the reversed Gray code to be the bit-reversed word of the Gray code of the bit-reversed word. 
That is, 


rev_gray_code(x) := revbin(gray_code(revbin(x))) 


It turns out that the corresponding functions are identical to the Gray code versions up to the reversed 


shift operations (C-language operators ‘>>’ replaced by ‘<<’). Thereby, computing the reversed Gray code 
is as easy as [FXT: bits/revgraycode.hi: 


static inline ulong rev_gray_code(ulong x) 


{ 


return x ~ (x<<1); 


Its inverse is 
static inline ulong inverse_rev_gray_code(ulong x) 
{ 
// use: rev_gray ** BITSPERLONG == id: 
x “= x<<1;  // rev_gray ** 1 
x<<2;  // rev_gray ** 2 
x<<4;  // rev_gray ** 4 
x<<8; // rev_gray ** 8 
x<<16; // rev_gray ** 16 
// here: x = rev_gray**31 (input) 
// note: the statements can be reordered at will 
#if BITS_PER_LONG >= 64 
x 7= x<<32;  // for 64bit words 
#endif 
} return xX; 


Some examples with 32-bit words are shown in figure}1.15-D| The inverse reversed Gray code contains at 
each bit position the parity of all bits of the input right from it, including the bit itself. Especially, the 


> > 


> 


bd bd dob 
> 


[fxtbook draft of 2008-January-19] 


42 Chapter 1: Bit wizardry 


word parity can be found in the highest bit of the inverse reversed Gray code. 
The reversed Gray code preserves the lowest set bit while the Gray code preserves the highest. 


Let G~! and E~! be the inverse Gray- and reversed Gray code of X, respectively. Then the bit-wise sum 
(XOR) of G~! and E~! equals X if the parity of X is zero, else it equals the complement X. 


We note that taking the reversed Gray code of a binary word corresponds to multiplication with the 
binary polynomial «+ 1, and the inverse reversed Gray code is a method for fast exact division by «+1, 


see section |38.1.6]on page 


1.16 Bit sequency 


Functions concerned with the sequency (number of zero-one transitions) are given in [FXT: 
bits /bitsequency.h). Sequency counting: 


static inline ulong bit_sequency(ulong x) 


a 
} 


return bit_count( gray_code(x) ); 


The function assumes that all bits to the left of the word are zero, and all bits to right are equal to the 
lowest bit. For example, the sequency of the 8-bit word [00011111] is one. To take the lowest bit into 
account, add it to the sequency (then all sequencies are even). 


Computation of the minimal binary word with given sequency: 


static inline ulong first_sequency(ulong k) 

// Return the first (i.e. smallest) word with sequency k, 
// e.g. 00..00010101010 (seq 8) 

// e.g. 00..00101010101 (seq 9) 

fs Must have: O <= k <= BITS_PER_LONG 


return inverse_gray_code( first_comb(k) ); 


} 
A faster version is (32-bit branch only): 
if ( k==0 ) return 0; 
const ulong m = OxaaaaaaaaUL; 
return m >> (BITS_PER_LONG-k) ; 
Computation of the maximal binary word with given sequency: 


static inline ulong last_sequency(ulong k) 
// Return the last (i.e. biggest) word with sequency k. 
{ 


} 


The functions first_comb(k) and last_comb(k) return a word with k bits set at the low and high end, 
respectively (see section on page (61). 


Generation of all words with a given sequency, starting with the smallest, can be achieved with a function 
that computes the next word with the same sequency: 


return inverse_gray_code( last_comb(k) ); 


static inline ulong next_sequency(ulong x) 

// Return smallest integer with highest bit at greater or equal 
// position than the highest bit of x that has the same number 
// of zero-one transitions (sequency) as x. 

// The value of the lowest bit is conserved. 


// Zero is returned when there is no further sequence. 


{ 
x = gray_code(x) ; 
xX = next_colex_comb(x) ; 
x = inverse_gray_code(x) ; 
} return x; 


[fxtbook draft of 2008-January-19] 


1.17: Powers of the Gray code 43 


The inverse function, returning the previous word with the same sequency, is: 


static inline ulong prev_sequency(ulong x) 


{ 
xX = gray_code(x) ; 
xX = prev_colex_comb(x) ; 
x = inverse_gray_code(x) ; 
return x; 
} 
seq= 0 1 2 3 4 5 6 
Sites sega 1 Bue eae dye ewe d all Pare eee Pas ge lara 1.41.1. 
sedate dk seal dh: ee ddd eddie d.. 11.1.1 
Pare Sera eee et Me gd ody ah. 1..1.1 
..1111 ..111. ..1.41 1.114. 1.11.1 
.11111 Bers peer 111.1 ede dL. 3 146 ot 
111111 Pee Wee Ps eee 111.1. 1.2.92 
-1111. 14.141 A ed 
111... odes L 11.11. 
es eae Pi Laren et TA Ti e.3 
Pa eee .1.111 Leet. 
11111. 1111.1 1..11. 
1111.. Us i I i liege Ie 
Ti... 111.11 1.111. 
11.. Tay al A VAs 
: eee 11..411 5 ee Le 
11.111 
dees 
1...411 
1.011 
1.1111 


Figure 1.16-A: 6-bit words of prescribed sequency as generated by next_sequency(). Note that 
the transition at the lower end is not counted. This is consistent with sequency counting function 
bit_sequency(). 


The list of all 6-bit words ordered by sequency is shown in figure It was created with the program 
[FXT: bits/bitsequency-demo.cc). 
We note that the sequency of a word can be ‘complemented’ as follows (32-bit version): 


static inline ulong complement_sequency(ulong x) 
// Return word whose sequency is BITS_PER_LONG - s 
// where s is the sequency of x 


{ 


return x ~ OxaaaaaaaaUL; 


1.17 Powers of the Gray code 


The Gray code is a bit-wise linear transform of a binary word. The 2*-th power of the Gray code of 
can be computed as x ~ (x>>k). The e-th power can be computed as the bit-wise sum of the powers 
corresponding to the bits in the exponent. This motivates [FXT: bits/graypower.h): 


inline ulong gray_pow(ulong x, ulong e) 

// Return (gray_code**e) (x) 

// gray_pow(x, 1) == gray_code(x) 

// gray_pow(x, BITS_PER_LONG-1) == inverse_gray_code(x) 


e &= (BITS_PER_LONG-1); // modulo BITS_PER_LONG 


ulong s = 1; 

mate Ce) 
if (e&1) x= x>>s; // gray ** s 
s <<= 1; 
e >>= 1; 


return xX; 


[fxtbook draft of 2008-January-19] 


44 


The Gray code g = [go, g1,---, 97] of a & bit binary word x = [a, 11,... 


matrix multiplication over GF(2) (dots for zeros): 


g = G x 

[go] Es ae Aer ] [xo] 
[gi] [et Pececcns ] [x1] 
[g2] [ ..41.... ] [x2] 
[g3] = [...14... ] [x3] 
[g4] L.aceddts.. J. Ea 
[g5] [eset ttes 11. ] [x5] 
[g6] [2s Seca 11] [x6] 
[g7] Dostadead 1] [x7] 


Chapter 1: Bit wizardry 


, &7] can be expressed as a 


The powers of the Gray code correspond to multiplication with powers of the matrix G: 


DD ict eek Ved ood os oe Ce 

ihe Fe lee 1111... 

TD ace ice Peles re Ga 

oe a eters 1,1, ..1111, 

soscbtbssc -1,1 .-1111 

wnass 11. ead ete dee 1 ween ec Ld 

eyecegatere il aero 205 Ve, Sade 

| ne er Ts. Gav. Saeed 1 

G**0=id G**1=G G**2 G**3 


1,1,1.1 11111111 
1,1,1,1 1111111 
1,1,1 111111 
1,1,1 . 11111 
1,1, ee le 
ore 1,1 poets ae AL 
ae ae a ener kb 
ia sre ate 1 diccyoravaraie cd! 
G**6 G**7=G** (-1) 


The powers of the inverse Gray code for N-bit words (where N is a power of two) can be computed by 


the relation Ge GN-¢ = GN = id. 


inline ulong inverse_gray_pow(ulong x, ulong e) 
// Return (inverse_gray_code**(e) ) (x) 


// == (gray_code**(-e)) (x) 
// inverse_gray_pow(x, 1) == inverse_gray_code(x) 
// inverse_gray_pow(x, BITS_PER_LONG-1) == gray_code(x) 
{ 
return gray_pow(x, -e); 
} 


The matrices corresponding to the powers of the reversed Gray code are: 


Triaecessie 1 iA iagnanths Did putwocs-s 

TA seics  ~ athe das oe eres 

ss Ereeenees ss eae a Es Beene 

se Bere ideas os aS eee 

-il,.. ap Ba eters stad oes 

»-1i,. pre bea Wee edd Tes 

f° | anecotare Ta... Let: -11i1. 
p Ce are sl rece se 1.1 cece d LPT 

Ex*0=id E**1=E Ex*2 Ex*3 


We just have to reverse the shift operator in the functions: 


inline ulong rev_gray_pow(ulong x, ulong e) 
// Return (rev_gray_code**e) (x) 


{ 


e &= (BITS_PER_LONG-1); // modulo BITS_PER_LONG 


ulong s = 1; 
while (e ) 
{ 


if (e&1) x =x << s; // rev_gray ** s 


s <<= 1 
e>>= 1 


? 
? 


return xX; 


} 


The inverse function is 


inline ulong inverse_rev_gray_pow(ulong x, ulong e) 


// Return (inverse_rev_gray_code**(e) ) (x) 


{ 
} 


return rev_gray_pow(x, -e); 


[fxtbook draft of 2008-January-19] 


1.18: Invertible transforms on words 45 
1.18 Invertible transforms on words 


The functions presented in this section are invertible ‘transforms’ on binary words. The names are chosen 
as ‘some code’, emphasizing the result of the transforms, similar to the convention used with the name 
‘Gray code’. The functions are given in [FXT: |bits/bittransforms.h]. 


Consider (blue code) 


inline ulong blue_code(ulong a) 


{ 
ulong s = BITS_PER_LONG >> 1; 
ulong m = ~OUL << s; 
aude Cs) 
a “= ( (a&m) >> s ) 
s >>= 1; 
m “= (m>>s); 
return a; 
} 


and (yellow code) 


inline ulong yellow_code(ulong a) 


{ 
ulong s = BITS_PER_LONG >> 1; 
ulong m = ~OUL >> s; 
while (s ) 
a “= ( (a&m) << s ); 
s >>= 1; 
m “= (m<<s); 
return a; 
} 


Both involve a computational work ~ log,(b) where b is the number of bits per word (BITS_PER_LONG). 
The blue_code can be used as a fast implementation for the composition of a binary polynomial with 
x +1, see page Note the names ‘blue code’ etc. are ad hoc terminology and not standard. 


The output of the program [F XT: |bits/ Riera blue- oe cc, is shown in figure}1.18-A| The parity 


of B(a) is equal to the lowest bit of a. Up to the a = 4 e bit-count varies by +1 between successive 
values of B(a), the transition B(47) - BiB) changes the ni count by 3. The sequence of the indices a 
where the bit-count changes by more than one is 


47, 51, 59, 67, 75, 79, 175, 179, 187, 195, 203, 207, 291, 299, 339, 347, 419, 427, 


The yellow code might be a good candidate for ‘randomization’ of binary words. The blue code maps 
any range [0...2* — 1] onto itself. Both the blue code and the yellow code are involutions (self-inverse). 


The transforms (red code) 


inline ulong red_code(ulong a) 

a 

BITS_PER_LONG >> 1; 
“QOUL >> s; 


ulong u = a & n; 
gsat 


=a u; 
=v (u<<s); 


return a; 


} 
and (green code) 


inline ulong green_code(ulong a) 
{ 

BITS_PER_LONG >> 1; 
“OUL << 5s; 


ulong s 
ulong m 


[fxtbook draft of 2008-January-19] 


46 Chapter 1: Bit wizardry 


blue yellow 
OF -che end OF" ake Bnei ae oie a ae bts 0) 
Ve eas 1 1* 11111111111111111111111111111111 32 
2: speeded = “22 Ld. tote tet tei. t.t. 46 
3: Seneeed ae AD ted bet 1 tdi. 16 
4: ...1.1 2 1dcstt Tt Ad. Td eth. 1 16 
5: AioetAvas “AL ..i1..11..11..11..11..11..11..11 16 
6: ...141. 2 11..11..11..11..11..11..11..11. 16 
3 ...111 3% 1.002. 10 odd. PL. 2d a. ot 16 
8: ..1111 4 Tet hes sada s ded dds 8 
9: wettis, <3 144.144.114.114 411 111 411-411 24 
10: odes 2 Che cod lina de dee Dee cde ede 8B 
11: wedded 33 11.144.411.111.4111.114.111.111.1 24 
12: wah. dt. 2 tends cd eh hdl aa ehee 6 <8 
13: ..1.11 3 1.111.111.111.111.111.111.111.11 24 
14: fad gol, 2 111.111.111.111.111.111.111.111. 24 
15: pete aL ete de ads ed ee ce hd eed 8 
16: wha Seach 32 1191 205.211 d TTI. Td. se 6 
17: sda A ...A111....1111....1111....1111 16 
18: .1..4. 2 Led ded ett tod 1 Pt 16 
19: .1..11 3% 1.41..1.11.14. 11d .2 2 .1131..4.7 16 
20: .1.1.. 2 eo PAV ee EEL -1111....1111.. 16 
21: .1.1.1 3% 11....411411. 111....1111....11 16 
22: .1.111 4 1..1.11.1..1.11.1..1.11.1..1.11. 16 
23: sAeti.. 3 Td. t tied tet. ttt. at 16 
24: .1111. 4 -1111....1111....1111....1111... 16 
25: .11111 5 4c DTI... TAT... 2111. 2.111 16 
26: .111.1 4 qted ded ded te Dodd de 6 
27: -111.. 3 wht eh a Tate he Dt 16 
28: .11.11 4 1.41.12.22.171.2...12.11.1..1.12-1... 16 
29: .11.1. 3 Ae bedded tet Ln tod td te td 16 
30: ae ks Ree 3 eae ua cen te 16 
31: tds td? 3 114.0..04411,... 0490 1141 1 16 


Figure 1.18-A: Blue and yellow transforms. Bit-counts are shown at the right of each column. Fixed 
points are marked with asterisks. 


green 
0: Or ata tecac boii te ct evteteke tints aerate ee staliets ga tia 0 
1: 1 11111111111111111111111111111111 32 
2: 2 sot. weds 1.1. 1.1 16 
3: 1 1.1.1.1.1.1.1.1.1.1.1.1.1.1,1.1, 16 
4: 2 .11.,11..11..11,..11..11,.11..11 16 
5: 1 is Eos Et eter barre Os ete 1..11.. 16 
6: 2 edd, td. 1d Tad Ts ctl Pde 16 
7: 3 dtl dd. At the Pte Ts 16 
8: 4 Pace papers Reapaee' kero eee Er 1. 8 
9: ; 3 Va di WAT da it a a 
10: = 2 whe dads ede d es sad oe ode 8 
11: 1. 3 PSs sts er Betis Es es Es ss Bs Es Ps eg 
12: ae 2 dail cahn iawn lnc tents 8 
13: 11. 3 14141111144, 1991141415141. 24 
14: Le 2c 2 se Wve ike sls sn lit, 1115 tit, 111 24 
15: see 1 Pith. She ete ake da yee e.g Oe 
16: Liars Latent ehalecett a4 eerie eke quece.s eine Oe 2 Beebe Meee ahh Retire Gb meee, Gi Mc 
17: fayb etd 1 diddy Ais ey Pde A, 6 
18: 1..1 2 4 Ud chide dt tad ed 
19: 11.24 3 1.1..1.11.1..1.11.1..1.11.1,..1.1 16 
20: sod 2 ..1111....1111....1111....1111.. 16 
21: 1.1.1 3 11....1111....1111....1111....11 16 
22: 1413.1 4 -11.1..1,11.1..1.11.1..1,.11.1..1 16 
23: -11.4 3 foot dtdcdeli dated sd PE 16 
24: -1111 4 ..,1111....,1111...,1111....1111, 16 
25: 11111 5 111....1111...,1111....1111....1 16 
26: 1.111 4 ot. .T. Tle P11 1d Lt 16 
27: se LT ons 3 1.11.1..1.11.1..1.11.1..1.11.1.. 16 
28: 11.11... 4 ..1.11.1..1,11.1..1.11.1..1,11.1 16 
29: died Ps 3 Tide deliv tle el ee 46 
30: sete Le. 2 PUM edt dle bold. ost dl ong 16 
31: 1 TEL 3 sD gs nbs ae ks bs RP en Bg 


Figure 1.18-B: Red and green transforms. Bit-counts are shown at the right of each column. 


[fxtbook draft of 2008-January-19] 


1.18: Invertible transforms on words 47 


while (s ) 
{ 


return a; 


} 


are shown in figure|1.18-B| which was created with the program [FXT: |bits/bittransforms-red-demo.cc). 


1.18.1 Fixed points of the blue code 


Ore avesiae ~ athiele wines = 0 
DS yas 1 shinee Sears 1 = 1 
2S" Zecgedhe 1, vadadareradee 11. = 6 
SO Sead $2 esc ecess 111 = 7 
ee ee 1.1..= 20 
BS aecded Feat 1..1. = 18 
CoH eed idk asec 1.1.1 = 21 
ee he eee 1..11 = 19 
8. giclee eed D1 es = 120 
Q=..1..1 .. -d1.11.. = 108 
10 = 2.2.2. ..-4111111. = 126 
11. S61 edd mediol.d. = 106 
12)= 2.1143 ..-1111..1 = 121 
13 = ..11.1 ..-411.11.1 = 109 
14 = ..111. ...1111111 = 127 
15 = ..1111 ..-411.1.11 = 107 
16 = .1.... -1...1.... = 272 
17 = .1...1 -1.11.1... = 360 
18 = .1..1. re 1.. = 260 
19 = .1..11 1.11111... = 380 
20 = .1.1.. -1...1.11. = 278 
21 = .1.1.1 -1.11.111. = 366 
22 = .1.11. bedi ss sdce een 1. = 258 
23 = .1.111 -1.1111.1. = 378 
24 = .1i1... -1...1...1 = 273 
25 = .11..1 -1.11.1..1 = 361 
26 = .11.1. plbeprseois 1.1= 261 
27 = .11.11 .1.11111.1 = 381 
28 = .1ii1.. 1...1.111 = 279 
29 = .111.1 -1.11.1111 = 367 
30 = .1111. etree shine 11 = 259 
31 = .11111 -1.1111.11 = 379 


Figure 1.18-C: The first fixed points of the blue code. The highest bit of all fixed points lies at an even 
index. There are 2”/? fixed points with highest bit at index n. 
The sequence of fixed points of the blue code is (entry |A118666) of [214]) 

0, 1, 6, 7, 18, 19, 20, 21, 106, 107, 108, 109, 120, 121, 126, 127, 258, 259, 


If f is a fixed point then f XOR 1 is also a fixed point. Further, 2(f XOR (2 f)) is a fixed point. These 
facts can be cast into a function that returns a unique fixed point for each argument [FXT: |bits/blue- 


fixed-points bi: 


inline ulong blue_fixed_point(ulong s) 


{ 


return f; 


[fxtbook draft of 2008-January-19] 


48 Chapter 1: Bit wizardry 


The output for the first few arguments is shown in figure}1.18-C| Note that the fixed points are not in 


ascending order. The list was created by the program [FXT: bits/bittransforms-blue-fp-demo.cc). 


Now write f(x) for the binary polynomial corresponding to f (see chapter [38] on page [793), if f(x) is 
a fixed point (that is, B f(x) = f(a +1) = f(zx)), then both (2? + x) f(x) and 1+ (a7 + 2) f(z) are 
fixed points. The function blue_fixed_point() repeatedly multiplies by x? + 2 and adds one if the 
corresponding bit of the argument is set. 


The inverse function uses the fact_that polynomial division by x +1 can be achieved with the inverse 
reversed Gray code (see section |1.15.6]on page [41) if the polynomial is divisible by x + 1: 


inline ulong blue_fixed_point_idx(ulong f) 
// Inverse of blue_fixed_point() 
{ 


ulong s = 1; 
while ( f ) 
s <<= 1; 
s “= (f & 1); 
f >>= 1; 
f = inverse_rev_gray_code(f); // == bitpol_div(f, 3); 


return s >> 1; 


1.18.2 Relations between the transforms 


We write B for the blue code (transform), Y for the yellow code and r for bit-reversal (the revbin- 
function). Then B and Y are connected by the relations 


B=YrY -=rYr (1.18-1a) 

Y = BrB =rBr (1.18-1b) 

r = YBY =BYB (1.18-1c) 
As said, B and Y are self-inverse: 

Bo = B, BB=id (1.18-2a) 

Toe me 3, YY =id (1.18-2b) 


The red code and the green code are not involutions (‘square roots of identity’) but third roots of identity 
(Using R for the red code, E for the green code): 


RRR = id A =jRRSE (1.18-3a) 
EEE = id, EP ={EHERER (1.18-3b) 
RE = ER=id (1.18-3c) 
By construction 
R = rB (1.18-4a) 
E = ry (1.18-4b) 


Relations connecting R and E are: 


R = ErE =rEr (1.18-5a) 
E = RrR =rRr (1.18-5b) 
R = RER (1.18-5¢) 
E = ERE (1.18-5d) 


[fxtbook draft of 2008-January-19] 


1.18: Invertible transforms on words 49 


One has 
r = YR=RB=BE=ELHY (1.18-6) 

Further 
B = RY =~YE=RBR=EBE (1.18-7a) 
Y = BHB=BR=RYR=EYEL (1.18-7b) 
R = BY =BEB=YEY (1.18-7c) 
E = YB=BRB=YRY (1.18-7d) 

and 

id = BYE=RYB (1.18-8a) 
id = EBY =BRY (1.18-8b) 
id = YHEB=YBR (1.18-8c) 


The following multiplication table lists z = yx. The R in the third column of the second row says that 


r B= R. The letter 7 is used for identity (id). An asterisk says that ry 4 ya. 


i ir B Y R E 
i i r B Y R E 
r r i R* E* B* yY* 
B B E* i R* Y* = r* 
Yi] Y R* EF i r* B* 
R/| R Y* r* Bt E i 
E E B* y* r*® ji R 


1.18.3 Relations to Gray code and reversed Gray code 


Write g for the Gray code, then: 


gBgB = id (1.18-9a) 
gBg = B (1.18-9b) 
gg’ Be? = B (1.18-9c) 
gn =. Bg (1.18-9d) 


Let S; be the operator that rotates a word by k 


bit_rotate_sgn() in |bits/bitrotate.h ) then 


bits (bit zero is moved to position k, use [FXT: 


YSuY = g (1.18-10a) 
yeuY = ¢@ (1.18-10b) 
YS:Y = g* (1.18-10c) 


Shift in the frequency domain is derivative in time domain. Relation together with a algorithm 
to generate the cycle leaders of the Gray permutation (section 2.8.1]on page |97) gives a curious method 
to generate the binary necklaces whose length is a power of two, described in section [I7.1.6]on page [341] 
Let e be the operator for the reversed Gray code, then 


Bs4y~R = e* (1.18-11a) 
BS_,.B = e (1.18-11b) 
BSB = e* (1.18-11c) 


[fxtbook draft of 2008-January-19] 


50 Chapter 1: Bit wizardry 


1.18.4 More transforms by symbolic powering 


The idea of powering a transform (as done for the Gray code in section on page can be applied 
to the ‘color’-transforms as exemplified for the blue code: 


inline ulong blue_xcode(ulong a, ulong x) 


x &= (BITS_PER_LONG-1); // modulo BITS_PER_LONG 
ulong s = BITS_PER_LONG >> 1; 
ulong m = ~“OUL << s; 
ate (s) 
if (x&1) a= ( (akm) >> s); 
x >>= 1; 
s >>= 1; 
m “= (m>>s); 


} 
return a; 


} 


The result is not the power of the blue code which would be pretty boring as B B = id. Instead the 
transform (and the equivalents for Y, R and E, see [FXT: bits/bitxtransforms.h ) are more interesting: 
all relations between the transforms are still valid, if the symbolic exponent is identical with all terms. 
For example, we had BB = id, now B* B® = id is true for all x (there are essentially BITS_PER_LONG 
different x). Similarly, E F = R now has to be E* E* = R*. That is, we have BITS_PER_LONG different 
versions of our four transforms that share their properties with the ‘simple’ versions. Among them 
BITS_PER_LONG transforms B® and Y* that are involutions and E*” and R® that are third roots of the 
identity: BE” E® E* = R® R® R® =id. 


While not powers of the simple versions, we still have B° = Y° = R° = E° = id. Further, let e be the 
‘exponent’ of all ones and Z be any of the transforms, then 7° = Z, Writing ‘+’ for the XOR operation, 
then Z* ZY = Z**Y and so Z* ZY = Z whenever x+y =e. 


1.18.5 The building blocks of the transforms 


Consider the following transforms on two-bit words where addition is bit-wise (that is, XOR): 


oe Felis (1.18-12a) 
oD _ 
me [EN E]-[s'] aa 
oe [NIL] a 
we [ENE -[en] eae 
ov [Ea El-[e] an 


It can easily be verified that for these the same relations hold as for id, r, B, Y, R, E. In fact the 
‘color-transforms’, bit-reversion and (trivially) id are the transforms obtained by the repeated Kronecker- 
products of the matrices. The transforms are linear over GF(2): 


Z(aa+b) = aZ(a)+6Z(b) (1.18-13) 


The corresponding version of the bit-reversal is [FXT: xrevbin() in bits/revbin.h): 


[fxtbook draft of 2008-January-19] 


1.19: Moves of the Hilbert curve 51 


inline ulong xrevbin(ulong a, ulong x) 


x &= (BITS_PER_LONG-1); // modulo BITS_PER_LONG 
ulong s = BITS_PER_LONG >> 1; 
ulong m = ~OUL >> s; 
male (s ) 
if (x&1) a=( (a&m <<s)7 ( (a& (Mm) >» 8); 
x >>= 1; 
s >>= 1; 
m “= (m<<s); 


return a; 


} 


Then, for example, R® = r* B® (see relation |1.18-4a| on page 48). The yellow code is the bit-wise Reed- 
22.12) 


Muller transform (described in section |22.12|on page |459) of a binary word. The symbolic powering is 
equivalent to selecting individual levels of the transform. 


1.19 Moves of the Hilbert curve 


Figure 1.19-A: The Hilbert curve. 


Ax+dy 2 $4+-+4+4-+44---- 4444-4444 tt tt tt tot ttn po ttt tt 
dx-dy: +----+44+-444-444-4444---4-- 4 ttt pn po tn tt ptt 


dir: >°<77>V>*>VV<v>>7>V>>7<7 > 7 << <7 7 TVD > TS 7 >< KK 7 <<< << 77> 7< 
turn: 0--+0++--++0+--0-++-0--++--0-++00++-0--++--0-++-0--+0++--++0+-- 


Figure 1.19-B: Moves and turns of the Hilbert curve. 


A rendering of the Hilbert curve is shown in figure An efficient algorithm that computes the 
direction of the n-th move of the Hilbert curve is based on the parity of the number of threes in the 


radix-4 representation of n (see section |36.9.1]on page |713). 
Let d, and d, correspond to the moves at step n in the Hilbert curve. Then d,,d, € {—1,0,+1} and 
exactly one of them is zero. Thereby for both p:= d, + dy and m := dz — dy we have p,m € {—1,+1}. 


The following function computes p and returns 0,1 if p = —1,+1, respectively [FXT: bits/hilbert-hi: 


inline ulong hilbert_p(ulong t) 

// Let dx,dy be the horizontal,vertical move 

// with step t of the Hilbert curve. 

// Return zero if (dxtdy)==-1, else one (then: (dx+dy)==+1). 
// Algorithm: count number of threes in radix 4 


{ 
ulong d = (t & 0x5555555555555555UL) & ((t & OxaaaaaaaaaaaaaaaaUL) >> 1); 


return parity( d ); 
} 


The function can be slightly optimized as follows (64-bit version only): 


[fxtbook draft of 2008-January-19] 


52 Chapter 1: Bit wizardry 


inline ulong hilbert_p(ulong t) 
ze 


((t & OxaaaaaaaaaaaaaaaaUL) >> 1); 


>> > & 


uuu d 
ct 
Vv 
Vv 
iS 


t 
+ 
t 
t 
+t 
t “= t>>32; 

return t & 1; 


} 
The value of m can be computed as: 


inline ulong hilbert_m(ulong t) 

// Let dx,dy be the horizontal,vertical move 

// with step t of the Hilbert curve. 

// Return zero if (dx-dy)==-1, else one (then: (dx-dy)==+1). 
{ 


} 


return hilbert_p( -t ); 


It remains to merge the values of p and m into a two-bit value d that encodes the direction of the move: 


inline ulong hilbert_dir(ulong t) 
// Return d encoding the following move with the Hilbert curve. 


// 
// a \in {0,1,2,3} as follows: 


// da: direction 
// O03: right (+x: dx=+1, dy= 0) 
// 1: down (-y: dx= 0, dy=-1) 
// 2: up (ty: dx= 0, dy=+1) 
// 3: left (-x: dx=-1, dy= 0) 
{ 

ulong p = hilbert_p(t); 

ulong m = hilbert_m(t); 

ulong d = p ~ (m<<1); 

return d; 


To print the value of d symbolically, one can use the C++ statement cout << ("v><*") [d];. 
The turn u between steps can be computed as 


inline int hilbert_turn(ulong t) 
// Return the turn (left or right) with the steps 


//  %t and t-1 of the Hilbert curve. 
// Returned value is 
O for no turn 
// +1 for right turn 
// -1 for left turn 


ulong di = hilbert_dir(t); 

ulong d2 = hilbert_dir(t-1) ; 

di “= (d1>>1); 

d2 “= (d2>>1); 

ulong u = di - d2; 

// at this point, symbolically: cout << ("+.-0+.-")[ u+ 3]; 
if ( 0==u ) return 0; 

if ( (long)u<O ) u += 4; 

return (i==u ? +1 : -1); 


To print the value of u symbolically, one can use cout << ("-0+") [d+1];. 


The values of p and m, followed by the direction and turn of the Hilbert curve are shown in figure|1.19-B 


The list was created with the program [FXT: bits/hilbert-moves-demo.cc). Figure |1.19-A] was created 
with the program [F XT: bits/hilbert-texpic-demo.cc). 


[fxtbook draft of 2008-January-19] 


1.20: The Z-order 53 


Figure 1.20-A: The Z-order curve. 


1.20 The Z-order 


A 2-dimensional space-filling curve that traverses all points in each quadrant before it enters the next 
can be obtained by the Z-order. Figure |1.20-A| shows a rendering of the Z-order curve, it was created 
with the program [FXT: |bits/zorder-texpic-demo.cc|. The conversion between a linear parameter to a 


pair coordinates achieved by separating the bits at the even and odd indices. The simple routine is [FXT: 
bits/zorder.h): 


inline void lin2zorder(ulong t, ulong &x, ulong &y) { bit_unzip2(t, x, y); } 
The routine bit_unzip2() is described in section on page[35| The inverse is 


inline ulong zorder2lin(ulong x, ulong y) { return bit_zip2(x, y); } 


From any coordinate pair the next pair can be computed with the following (constant amortized time) 
routine: 


inline void zorder_next(ulong &x, ulong &y) 


{ 
ulong b = 1; 
do 
{ 
x “= b; b & ~x; 
y “= b; b&= “y; 
b <<= 1; 
while ( b ); 
} 


The previous pair is obtained similarly: 


inline void zorder_prev(ulong &x, ulong &y) 


{ 
ulong b = 1; 
do 
{ 
x “= b; b & x; 
y “=b; b b= y; 
b <<= 1; 
while ( b ); 
} 


The routines are written in a way that generalizes trivially to more dimensions: 


inline void zorder3d_next(ulong &x, ulong &y, ulong &z) 


{ 
ulong b = 1; 
do 
{ 
x “= b; b & ~x; 
y “= b; b & “y; 
zZz“=b; b & ~Z; 
b <<= 1; 
} 
while ( b ); 
} 


[fxtbook draft of 2008-January-19] 


54 Chapter 1: Bit wizardry 


inline void zorder3d_prev(ulong &x, ulong &y, ulong &z) 


{ 
ulong b = 1; 
do 
{ 
x “= b; b & x; 
y “=b; bay; 
z“=b; b &aZ; 
b <<= 1; 
while ( b); 
} 


Unlike the Hilbert curve there are steps where the curve advances more than one unit. 


1.21 Scanning for zero bytes 


The function (32-bit version) 
static inline ulong contains_zero_byte(ulong x) 


return ((x-0x01010101UL)*x) & (~x) & 0x80808080UL; 


from [FXT: bits/zerobyte.h determines if any sub-byte of the argument is zero. It returns zero when x 


contains no zero-byte and nonzero when it does. The idea is to subtract one from each of the bytes and 
then look for bytes where the borrow propagated all the way to the most significant bit. In order to scan 
for other values than zero (e.g. 0xa5) one can use contains_zero_byte( x ~ Oxa5a5a5a5uUL ). 


Using the simplified version 
return ((x-0x01010101UL) ~ x) & Ox80808080UL; 


gives false alarms when a byte equals 0x80. For one byte (in hex, omitting prefixes ‘Ox’): 


x-O1 = 80-01 = 7f 
(x-01)*x = 7f ~ 80 = ff 
((x-01)*x) & 80 = ff & 80 = 80 != 0 


For strings where the high bit of every byte is known to be zero (for example ASCII-strings) the simple 
version can be used. 


The function [FXT: aux1/bytescan.cc 


ulong long_strlen(const char *str) 
// Return length of string starting at str. 
{ 


ulong x; 

const char *p = str; 

// Alignment: scan bytes up to word boundary: 
while ( (ulong)p % BYTES_PER_LONG ) 


if ( 0 == *p ) return (ulong) (p-str) ; 
++p; 

} 

x = *(ulong *)p; 

while ( ! contains_zero_byte(x) ) 
p += BYTES_PER_LONG; 


x = *(ulong *)p; 
} 


// now a zero byte is somewhere in x: 
while (0 != *p ) { ++p; } 
return (ulong) (p-str) ; 

} 


may be a win for very long strings and word sizes of 64 or more bits. 


[fxtbook draft of 2008-January-19] 


1.22: 2-adic inverse and square root 55 


1.22 2-adic inverse and square root 


1.22.1 Computation of the inverse 


The 2-adic inverse can be computed using an iteration (see section |28.1.5}on page |543) with quadratic 
convergence. The number to be inverted has to be odd [FXT: bits/bit2adic.h): 

inline ulong inv2adic(ulong x) 

// Return inverse modulo 2**BITS_PER_LONG 

// x must be odd 

// The number of correct bits is doubled with each step 

// ==> loop is executed prop. log_2(BITS_PER_LONG) times 

// precision is 3, 6, 12, 24, 48, 96, ... bits (or better) 


if ( 0O==(x&1) ) return 0; // not invertible 
ulong i= x; // correct to three bits at least 


- 
while ( p!=1 ); 
return i; 


} 


Let m be the modulus (a power of two), then the computed value i is the inverse of x modulo m: 
i = « tmodm. It can be used for the so-called exact division: to compute the quotient a/x for a 
number a that is known to be divisible by x, simply multiply by i. This works because a = bx (a is 
divisible by x), so ai = bai =bmodm. 


1.22.2 Exact division by C = 2*+1 


We use the relation (for power series) 


4 = — = A(1+Y)(1+¥2)(1+Y4) (1+ Y¥8)...(0+¥2") mod 2?" (1.22-1) 


where Y = 1—C. The relation can be used for efficient exact division over Z by C = 2* +1. For 
C=2* +1 use 


4 = Ao (142040) (14 2"*) 5 (2°?) mod a” (1.22-2) 
where k2% > N. For C = 2* —1 use (A/C = —A/—C) 
a = ~AG+ 2) (14-2?) OOP") a i Pe) modo” (1.22-3) 
The equivalent method for exact division by polynomials (over GF(2)) is given in section on 


page [798] 


1.22.3 Computation of the square root 


With the inverse square root we choose the start value to match |d/2] + 1 as that guarantees four bits 
of initial precision. Moreover, we get control to which of the two possible values the inverse square root 
is finally reached. The argument modulo 8 has to be equal to one. 


inline ulong invsqrt2adic(ulong d) 
// Return inverse square root modulo 2**BITS_PER_LONG 


// Must have: d==1 mod 8 
// The number of correct bits is doubled with each step 


[fxtbook draft of 2008-January-19] 


56 Chapter 1: Bit wizardry 


x Stay ean hae cg wee ANN Slade. deets ages Win lame saiecdis 1= 1 x SY sick wii fasade vain Phaigh as ih Said sane cadets alt ay 1 
A 2S in sks sue sx cece twaceek keetiuge std asteeh Srcacaesace trend 1 inv = 11..0..11eITh tL. 1111. 
SOIC ho iitecs hee Ba sos cace aceceve ay claus a er ersrevien dee 1 
x = 111111111114111111111111111111.1 
x = 1111111111411111411111111111111111 = -1 inv = ..11..11..11..11..11..11..11..1 
inv = 11111111111111111111111111111111 11 
x Seite ak Suda dace eas Shad eee & OO 
Ss enecech amar dead eictide ana htear se iene ad eeseae tend 1.= 2 
e x = 11111111111111111111111111111.1 
x = 1111111111111111111111111111111. = -2 44 
x Sieh haa bg gpa graye yn a ae ba ge eae 
x BS serach ca yar ara Cea aes Na acege Soe sha Marea) eee eee oeae 11 = 3 inv = 1.11.11.11.11.11.11.11.11.11.11 
inv = 1.1 sheds did.1.1.11 
x = 11111111111111111111111111111.. 
x = 1111 11111111111111.1 = -3 dnv = 21.1 11 teed did. td. 
inv = .1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1 sqrt = 1...211..1..11...11.. 005. Le1L.1. 
x SS lavender aed ave saad @ sae eae ade Seaud ate ewe aL ee 1 = 4 x Sy ecdiandvese eodudce ered ads aca wleoe sea 1 
BQEE = iirc dasa enna a6 See ak woes 88 1 
x = 11111111111111111111111111111.. 
x = 111111111111111111111111111111.. = -4 4 
x = deuhip goe-trapgia doth anea dS -acdrde dea serd ees . 
inv = 111 111.011 111 1172.2 
sqrt = 111111111111111111111111111111. 


. = -6 


Bee Be 
il} 
i} 
sf 


Bee - 
il} 
o 


Figure 1.22-A: Examples of the 2-adic inverse and square root of « where —9 < « < +9. Where no 


inverse or square root is given, it does not exist. 


// ==> loop is executed prop. log_2(BITS_PER_LONG) times 
// precision is 4, 8, 16, 32, 64, ... bits (or better) 
{ 
if ( 1 != (d&7) ) return 0; // no inverse sqrt 
// start value: if d == ****10001 ==> x := *#**1001 
ulong x = (d >> 1) | 1; 


ulong p, y; 

do 

{ 
Y= ee 
p= (3-d*y * y); 
x = (y * p) >> 41; 


} 
while ( x!=y ); 
return xX; 


} 
The square root can be obtained by a final multiplication with d: 


inline ulong sqrt2adic(ulong d) 

// Return square root modulo 2**BITS_PER_LONG 

// Must have: d==1 mod 8 or d==4 mod 32, d==16 mod 128 
Si ... d==4**k mod 4**(k+3) 

v Result undefined if condition does not hold 


if ( 0==d ) return 0; 

ulong s = 0; 

while ( 0==(d&1) ) {d >>= 1; ++s; } 
d *= invsqrt2adic(d) ; 

d <<= (s>>1); 

return d; 


} 


Note that the 2-adic square root is something completely different from the integer square root in 


general. 


If the argument d is a perfect square then the result equals +Vd. The output of the program [FXT: 


bits /bit2adic-demo.cc) is shown in figure}1.22-A} For further information on 2-adic (more generally p-adic) 


numbers see [155], [105], and also [153]. 


1.23 Radix —2 representation 
The radix —2 representation of a number n is 


n = >> tx (-2)* 
k=0 


where the ¢, are zero or one. 


[fxtbook draft of 2008-January-19] 


(1.23-1) 


1.23: Radix —2 representation 57 


1.23.1 Conversion from binary 


k: bin(k) m=bin2neg(k) g=gray(m) dec(g) 
Oe. deeaeae ate ate eetatan 0 <= 0 
eee 5 rr cee : er re 1 1 <= 1 
Ze sinca abs 4. Fares ee peers ae 5 

ne cee 11 oped cen are 4 

4: ay ae dee dreaatiet Leste sce ww De 2 

5: veel bGae lend ... 111 3 <= 5 
6: seat. veld... ..1.141 19 

T: jaca hdl sadDell ede Ld. 18 

8: geotk acaes ead Discs ye ae 20 

9: ie dso Pe lp eee 1.1.1 21 

10: wads. ..1111. oo ere 17 

11: aad odld ..11111 Bee ere 16 

12: oo ee ..111.. pee ere 14 

13: ..11.1 ..111.1 we des gL 15 

14: ood t. éredlsieds ..11.41 7 

15: ...1111 vedi gad wold ch. 6 

16: aia: sna.0 Dad seb eue pape erie 8 

17: juirdoeret iad ats sel wo dda D 9 

18: vd Laces .1.11. ..111.1 13 

19: weds td eed TT parece ee 12 
20: wwda diss weds. ..1111. 10 
21: wedead ool ..1.1.1 .. 11141 11 <= 21 
22: sedied ds 141d yt 1.11111 75 
23: Pe kaa 11.1.11 1.1111. 74 
24: ashlee ce eee Gree 1.111.. 76 
25: wedded 11.1..1 1.111.141 7T 
26: webbed. 11.111. 5 ey ee 73 
27: ved ded 11.1111 i ee 72 
28: rgd Tl 11.11.. 1.11.1. 70 
29: ..111.1 11.11.1 1.11.41 71 
30: wad ldd. Dlsiacielg pe ee ak 79 
31: ao LlTt sl eer ea 11s, des 78 


Figure 1.23-A: Radix —2 representations and their Gray codes. Lines ending in ‘<=N’ indicate that all 
values less or equal N occur in the last column up to that point. 


Item 128 of [30] gives a surprisingly simple algorithm to obtain the coefficients t; of the radix —2 repre- 
sentation of a binary number [F XT: bits/negbin.h): 


inline ulong bin2neg(ulong x) 
// binary --> radix(-2) 
{ 


const ulong m = OxaaaaaaaaUL; // 32 bit 
x += mn; 

x “= mM; 

return xX; 


} 
An example: 
14 --> ..1..1. == 16 - 2 == (-2)°4 + (-2)71 
The inverse routine is obtained by executing the inverse of the two steps in reversed order: 
inline ulong neg2bin(ulong x) 


// radix(-2) --> binary 
// inverse of bin2neg() 


{ 
const ulong m = OxaaaaaaaaUL; 
x “= mM; 
x -= Mm; 
return xX; 
} 
Figure}1.23-A]shows the output of the program [FXT: bits/negbin-demo.cc). The sequence of Gray codes 
of the radix —2 representation is a Gray code for the numbers in the range 0,..., for the following 


values of k: 


k = 1,5, 21, 85, 341, 1365, 5461, 21845, 87381, 349525, 1398101, ..., (4” —1)/3 


[fxtbook draft of 2008-January-19] 


58 Chapter 1: Bit wizardry 


1.23.2 Fixed points of the conversion 


The sequence of fixed points of the conversion starts as 


O--: 

A eh, haeactkeeeae 1 
4d eas 1, 
a a ee 1.1 
160 deka: see 
17 2 sasas 1.,.1 
QO So anda acs i ie 
Pi: een t.ti1 
64S eat ead ee 
69 = iasDiceess 1 
68s saidiiwades 
69 + saad. Ded 
80 2 week De the.e 
81: .2ch.d.g.d 
84. 2 secede did 
855 44d. 0.1 


This the Moser — De Bruijn sequence, entry A000695|of 214]. A related power series is 


co 
IT +2") = ltaetattartal® tal? + 979 4 7) 4 84 4 4 8 4... (1.23-2) 
k=0 


The k-th fixed point can be obtained moving all bits of the binary representation of k to position 2x 
where x > 0 is the index of the bit under consideration: 
inline ulong negbin_fixed_point(ulong k) 
{ 
ulong f = 0; 
for (ulong m=1, s=0; m!=0; m<<=1, t+s) f£ “= ( (k&m)<<s ); 
return f; 


The sequence of radix —2 representations of 0, 1, 2, ..., interpreted as binary numbers, is entry A005351 
of (214): 


0,1,6,7,4,5,26,27,24,25,30,31,28,29,18,19,16,17,22,23,20,21,106,107,104,105,110,111, 
The corresponding sequence for the negative numbers —1, —2, —3, ... is entry A005352 
3,2,13,12,15,14,9,8,11,10,53,52,55,54,49,48,51,50,61,60,63,62,57,56,59,58,37,36,39,38, 


More information about ‘non-standard’ representations of numbers can be found in [155}. 


1.23.3. Generating negbin words in order 


BREE a whine bin ahcen acu ones 1411141111111111111111111111111111111111111 
igo aad ie as setieclelea atlantie wihuar dae Joule 11111111111111111111111111111111......00.. 
Seat aeee is tt Et es ss Est meager cera et EE EB Ug tt tt et Es Le rea 
ere si ts st Pee mt at et it pt gs Fee em 6 RU tg Et Ft et 
wollte cc TAT. de TTT. I PT TS TTL. 
toble std. ddecdd Ts oll: 1, dd cde dL. dd. lee Te. dd. td. 2 hd 
chet dt Lid ghidkediod ted dete te dette td Peds ed dd do 
sis eiceicsr Mie We a8 SESE ea BEd BOE, BG. eS Ge ges SiR aie) Oe ee endear 3 111111111111111111111 
igo idcieng ein wal Se eirie actecin, ahaha cousin: @: es Bsustiacgiie gue enae Gudea lee 111111111111111111111 
uacand aera ge Ue it isp EW bs Eig Es ss Dis Fest Et Ere arr 
veh Wilds udartay ctor’ 1111111111111111................2121212111111111111..... 
Beer sg i es ee ree i el Ot es eee jee Fa tt Ee rere 11111111..... 
eovlldd... cd Td, oe TI TT. TI... Ed TTI LTT 
ble cd de dbo dtodd. 1. te TT dl dds odd te TL dt. ld. 
phedvd ede bebeleded ltd behest tL teed ded at 
Figure 1.23-B: Radix —2 representations of the numbers 0... + 63 (top), and 0... — 63 (bottom). 


A radix —2 representation can be incremented by the function [FXT: |bits/negbin.h): 


inline ulong next_negbin(ulong x) 
// With x the radix(-2) representation of n 
// return radix(-2) representation of n+1. 


[fxtbook draft of 2008-January-19] 


1.24: A sparse signed binary representation 59 


const ulong m = OxaaaaaaaaUL; // 32-bit version 
x “= mM; 

+4+X 5 

x “= mM; 

return x; 


} 


A version without constants is 


ulong s 
ulong y 
yt 1; 
s “= y; 
return s; 


x S; 


Decrementing can be done via 


inline ulong prev_negbin(ulong x) 
// With x the radix(-2) representation of n 
// return radix(-2) representation of n-1. 


{ 
const ulong m = OxaaaaaaaaUL; 
x “= mM; 
--x; 
x “= mM; 
return x; 
} 
or via 
const ulong m = 0x55555555UL; 
xX “= mM; 
++X 5 
x “= mM; 
return x; 


The functions are quite fast, about 440 million words per second are generated (5 cycles per increment 
or decrement). Figure|1.23-B/shows the generated words in forward (top) and backward (bottom) order, 


it was created with the program [F XT: bits/negbin2-demo.cc). 


1.24 A sparse signed binary representation 


An algorithm to compute a representation of a number x as 


x = 5° s,-2* where s, € {—1, 0, +1} (1.24-1) 
k=0 


such that two consecutive digits s,, $,41 are never simultaneously nonzero is given in [194]. Figure|1.24-A 
gives the representation of several small numbers, it is the output of [FXT: |bits/bin2naf-demo.cc. 


We can convert the binary representation of x into a pair of binary numbers that correspond to the 
positive and negative digits [FXT: |bits/bin2naf.h : 


inline void bin2naf(ulong x, ulong &np, ulong &nm) 

// Compute (nonadjacent form, NAF) signed binary representation of x: 
// the unique representation of x as 

// x=\sum_{k}{d_k*2*k} where d_j \in {-1,0,+1} 

// and no two adjacent digits d_j, d_{jt+1} are both nonzero. 


// np has bits j set where d_j==t1 
// nm has bits j set where d_j==-1 
// Thereby: x = np - nm 
{ 
ulong xh = x >> 1; // x/2 
ulong x3 = x + xh; // 3*x/2 
ulong c = xh ~ x3; 
mp = x3 & c; 


nm = xh & c; 


} 
Converting back to binary is trivial: 


[fxtbook draft of 2008-January-19] 


60 


Chapter 1: Bit wizardry 


PReREE 


BWNRFOWOONDOURBWNRO 


RRR ee 
ee 


. eRe. 


1 
1 
1 
1 
1 
1 
1 
1 


of REM ERS So ae fe, Ppp ee oe ah 
+ AR ee 8 PR) pe 


aera ares 
eS 


PREREEREEERE EERE: 6 6 eee ee eee 
RRR 6 ee ee 


RRR. - 
RR. 


iaveseudans 0= 
ere P 1 = 
fitting aie P. 2= 
ties eo ML 3 = 
Peres ete 4= 
Areas tics b= 
oo Pia 6 = 
are Sle asM, 7= 
Perey era o= 
ieans aul 9= 
...P.P. 10 = 
..-P.M.M 11 = 
«eR Mo. 12 = 
wanes MiP 13 = 
we P eM 14 = 
aio 15 = 
WP does 16 = 
a Risans (P 17 = 
wai eieP's 18 = 
..-P.P.M 19 = 
ieP Ps. 20 = 
ar Ps PtP 21 = 
-P.M.M. 22 = 
-P.M..M 23 = 
Pe Mocca 24 = 
«PMiceP 25 = 
-P.M.P. 26 = 
«P...MaM 27 = 
a Pes Mb. 28 = 
«Ps .MuP 29 = 
iP seis. 30 = 
oP. 2 3. 31 = 
Phere ais 32 = 


+32 -1 
+32 


Figure 1.24-A: Sparse signed binary representations (nonadjacent from, NAF). The symbols ‘P’ and ‘M’ 
are respectively used for +1 and —1, dots denote zeros. 


inline ulong naf2bin(ulong np, ulong nm) 


return ( np - nm ); 


} 


The representation is one example of a nonadjacent form (NAF). A method for the computation of certain 
nonadjacent forms (w-NAF) is given in [183]. A Gray code for the signed binary words is described in 
section on page |290 


17: 


AHDOOKdNABNEO 


ai lead etic sise 0 
ai liar late ae P 1 
shigdeue Bice P. 2 
oes Pisa 4 
Bes aise P.P 5 

Beir? spree 8 

ite eae P 9 

Pena e sort car 10 

a ae 16 

pee rarer os 17 
pee ihe sar 18 
ia PylPoe 20 
ie PPP 21 
bo Pedincerasa 32 
gees od 33 
ais Pie Oe 34 
fovea 36 
$F sR sP 37 
Pee eee 40 
wt Pe Ps se P. 41 
..P.P.P 42 
el eee 64 


+32 
+64 


+1 


+1 


+1 
+2 


Figure 1.24-B: The numbers whose negative part in the NAF representation is zero. 


When a binary word contains no consecutive ones then the negative part of the NAF representation is 


zero. The sequence of values is [0, 1, 2, 4, 5, 8, 9, 10, 16, ...], entry A003714 of [214], see figure }1.24-B 


The numbers are called the Fibbinary numbers. 


[fxtbook draft of 2008-January-19] 


1.25: Generating bit combinations 61 


1.25 Generating bit combinations 


1.25.1 Co-lexicographic (colex) order of the subsets 


word = set = set (reversed) 
.1141 = 0, 1, 2 } ={2,1,0} 
1.11 = {0, 1, 3 } ={3,1,0} 
..11.1 ={0, 2, 3} ={3 ,2 ,0} 
..111. = {1, 2, 3} ={3 ,2 ,1} 
.1..41 = {0, 1, 4} ={4,1,0} 
.1.14.1 ={0, 2, 4} ={4,2 ,0} 
vd Ty = 1s 25: 4: 3 ={4 ,2 ,1} 
.11..1 ={0, 3, 4} ={4,3 ,0} 
11.14. = {1, 3, 4} ={4,3 ,1} 
.111.. = {2, 3, 4} ={4 ,3 ,2} 
1...11 ={0, 1, 5 } ={5 ,1 ,0} 
1..1.1 = 10, 2, 5 } ={5 ,2 ,0} 
todd. = 4 1, 2,. 5} ={5 ,2 ,1} 
1.14..1=1{0, 3, 5 } ={5 ,3 ,0} 
1.14.1. ={1, 3, 5 } ={5 ,3 ,1} 
1.41... = { 2, 3, 5 } ={5 ,3 ,2} 
11...1=1{0, 4, 5 } ={5 ,4 ,0} 
11..1. ={1, 4, 5 } ={5 ,4 ,1} 
11.1 ={2, 4, 5} ={5 ,4 ,2} 
111. ={3, 4, 5} ={5 ,4 ,3} 


Figure 1.25-A: Combinations () in co-lexicographic order. The reversed sets are sorted. 
Given a binary word with & bits set the following routine computes the binary word that is the next 
combination of & bits in co-lexicographic order (see figure [1.25-A). When considering the delta sets 
(leftmost column), the ordering would be lexicographic. So a more precise term for our ordering is 
subset-colex (for sets written with elements in increasing order). The delta-set-colex ordering would be 
the same sequence as shown, but bit-reversed. 


The underlying mechanism to determine the successor is to determine the lowest block of ones and move 


its highest bit one position up. The rest of the block is then moved to the low end of the word [FXT: 
bits/bitcombcolex.h]: 


inline ulong next_colex_comb(ulong x) 


{ 
ulong r = x & -x; // lowest set bit 
x += 4; // replace lowest block by a one left to it 
if ( 0O==x ) return 0; // input was last combination 
ulong z = x & -x; // first zero beyond lowest block 
Z—-= 7; // lowest block (cf. lowest_block()) 
while ( 0==(z&1) ) { z>>= 1; } // move block to low end of word 
return x | (z>>1); // need one bit less of low block 
} 
One could replace the while-loop by a bit scan and shift combination. The combinations Gs) are generated 
at a rate of about 165 million per second. The rate is about 135 M/s for the combinations Ga 


The following routine computes the predecessor of a combination: 


inline ulong prev_colex_comb(ulong x) 
// Inverse of next_colex_comb() 


X = next_colex_comb( ~x ); 
if ( O!l=x ) x = "x; 
return xX; 
The first and last combination can be computed via 


inline ulong first_comb(ulong k) 


[fxtbook draft of 2008-January-19] 


62 Chapter 1: Bit wizardry 


// Return the first combination of (i.e. smallest word with) k bits, 
// i.e. 00..001111..1 (k low bits set) 
// Must have: O <= k <= BITS_PER_LONG 
{ 


ulong t = ~OUL >> ( BITS_PER_LONG - k ); 
if ( k==0 ) t =0; // shift with BITS_PER_LONG is undefined 
return t; 


} 
and 


inline ulong last_comb(ulong k, ulong n=BITS_PER_LONG) 

// return the last combination of (biggest n-bit word with) k bits 
// i.e. 1111..100..00 (k high bits set) 

‘a Must have: O <= k <= n <= BITS_PER_LONG 


return first_comb(k) << (n - k); 


The if-statement in first_comb() is needed because a shift by more than BITS_PER_LONG—1 is undefined 
by the C-standard, see section on page 
A variant of the presented (colex-) algorithm appears in [80 item 175]. The variant used here avoids 


the division of the HAKMEM-version and was given by Doug Moore and Glenn Rhoads. The listing in 
figure }1.25-A]can be created with the program [FXT: bits/bitcombcolex-demo.cc): 

ulong n= 6, k = 3; 

ulong last = last_comb(k, n); 


ulong g = first_comb(k) ; 
ulong gg = 0; 
do 


// visit combination given as word g 
&& = &3 


g = next_colex_comb(g) ; 


} 
while ( gg!=last ); 


1.25.2 Lexicographic (lex) order of the subsets 


lex (5, 3) colex (5, 2) 

word = set word = set 
.111 = {0, 1, 2} ..11 ={0, 1} 
1.11 ={0, 1, 3} .1.1 =1{0, 2} 
1..11 ={0, 1, 4} .11. = {1, 2} 
11.1 ={0, 2, 3 } 1..1 ={0, 3} 
1.14.1 =1{0, 2, 4} 1.14. ={1, 3} 
11..1={0, 3, 4} .11.. = {2, 3} 
tt. = { 4,2, 3 F 1...1={0, 4} 
1.1414. = {1, 2, 4} 1..4. ={1, 4} 
11.14. ={1, 3, 4} 1.14.. ={2, 4} 
111... = { 2, 3, 4} 11... = {3, 4} 


Figure 1.25-B: Combinations ) in lexicographic order (left columns). The sets are sorted. The binary 
words corresponding to lexicographic order are obtained from the bit-reversed complements of the words 
corresponding to the co-lexicographic order of combinations (| = ues 

The binary words corresponding to combinations (7) in lexicographic order can be obtained as the bit- 
reversed complements of the words for the combinations (Au ‘) in colex order, see figure Note a 
more precise term for the order is subset-lex (for sets written with elements in increasing order). The 
sequence is identical to the delta-set-colex order backwards. 


The program [FXT: bits/bitcomblex-demo.cc] shows how to compute the subset-lex sequence efficiently: 


ulong n= 5, k = 3; 

ulong x = first_comb(n-k) ; // first colex (n-k choose n) 
const ulong m = first_comb(n) ; // aux mask 

const ulong 1 last_comb(k, n); // last colex 


[fxtbook draft of 2008-January-19] 


1.26: Generating bit subsets of a given word 63 


y = revbin(~x, n) & m; // lex order 
// visit combination given as word y 
xX = next_colex_comb(x) ; 


} 
while ( y !=1); 


The bit-reversal routine revbin() is shown in section on page Sections on page and 
section give iterative algorithms for combinations (represented by arrays) in lex and colex order, 
respectively. 


1.26 Generating bit subsets of a given word 


1.26.1 Counting order 


In order_to generate all bit-subsets of a binary word one can use the sparse counting idea shown in 
section [1.8] on page [20] The implementation is [FXT: class bit_subset in bits/bitsubset.h): 


class bit_subset 


public: 
ulong u_; // current subset 
ulong v_; // the full set 
public: 


bit_subset(ulong v) : u_(0), v_(v) {; } 
~pit_subset() { ; } 


ulong current() const { return u_; } 
ulong next() { u_ = (u_- v_) & v_; return u_; } 
ulong prev() {u_ = (u_- 1) & v_; return u_; } 


ulong first(ulong v) { v_=v; u_=0; return u_; } 
ulong first() { first(v_); return u_; } 

ulong last(ulong v) { v_=v; u_=v; return u_; } 
ulong last() { last(v_); return u_; } 


3 
With the word [...11.1.] the following sequence of words is produced by subsequent next ()-calls: 
speed iatians i. 
ee ee 
Sag dd 
ee 
vedeod. 
pee i eee 
Pee Es Bo 


A block of ones at the right will result in the binary counting sequence, see [FXT: bits/bitsubset-demo.cc'. 


1.26.2 Gray code order 


We use a method to isolate the changing bit from counting order that does not depend on shifting: 


eeKKKKKOLLL = u 

**KKAKKLOOO = uti 

00000001111 = (uti) *“ u 

00000001000 = ((uti) * u) & (uti) <--= bit to change 


The method still works if the lowest one are separated by any amount of zeros. In fact, we want to find 
the single bit that changed from zero to one. The bits that are switched from zero to one in the transition 
from the word A to B can also be isolated via X=B&~A. The implementation is [FXT: class bit_subset 


in |bits/bitsubset-gray.h): 


class bit_subset_gray 


aw 
public: 


[fxtbook draft of 2008-January-19] 


64 Chapter 1: Bit wizardry 


bit_subset S_; 


ulong g_; // subsets in Gray code order 
ulong h_; // highest bit in S_.v_; needed for the prev() method 
public: 


bit_subset_gray(ulong v) : S_(v), g_(0), h_(highest_bit(v)) ‘{ ; } 
~bit_subset_gray() { ; } 


ulong current() const { return g_; } 
ulong next () 


ulong uO = S_.current(); 

if ( uO == S_.v_ ) return first(); 
ulong ul = S_.next(); 

ulong x = “uO & ul; 

8 “= % 

return g_; 


} 


ulong first(ulong v) { S_.first(v); h_=highest_bit(v); g_=0; return g_; } 
ulong first() { S_.first(); g_=0; return g_; } 
[--snip--] 


With the word [...11.1.] the following sequence of words is produced by subsequent next ()-calls: 


A block of ones at the right will result in the binary Gray code sequence, see [FXT: |bits/bitsubset-gray- 
pone The method prev() computes the previous word in the sequence, note the swapped roles o 
e variables u0 and ut: 


[--snip--] 

ulong prev() 

{ 
ulong ul = S_.current(); 
if ( ul == 0) return last(); 
ulong uO = S_.prev(); 
ulong x = “uO & ul; 
B= = x; 
return g_; 


} 


ulong last(ulong v) { S_.last(v); h_=highest_bit(v); g_=h_; return g_; } 
ulong last() {S_.lastQ); g_=h_; return g_; } 


1.27 Binary words as subsets in lexicographic order 


1.27.1 Next and previous word in lexicographic order 


The (bit-reversed) binary words in lexicographic order with respect to the subsets can be generated by 
successive calls to the following function [FXT: |bits/bitlex.h|: 


static inline ulong next_lexrev(ulong x) 
// Return next word in subset-lex order. 


ulong x0 = x & -x; // lowest bit 
if ( 1!=x0 ) // easy case: set bit right of lowest bit 


x0 >>= 1; 
x “= x0; 
return xX; 
} 
oo // lowest bit at word end 
-= x0; // delete lowest bit 
& -x; // new lowest bit ... 


[fxtbook draft of 2008-January-19] 


1.27: Binary words as subsets in lexicographic order 


65 


1: 1... = 8 {0} 

22 Adee, -= 12 {0, 1} 

3: 111. = 14 {0, 1, 2} 
4: 1111 = 15 {0, 1, 2, 3} 
5: 11.1 = 13 {0, 1, 3} 
6: 1.1. = 10 {0, 2} 

7: 1.11 = 11 {0, 2, 3} 
8: 1..1 = 9 {0, 3} 

9: .1.. = 4 {1} 

10: .l1. = 6 {1, 2} 
11: slit = 7 {1, 2, 3} 
12: 1.14 = 5 {1, 3} 
13: 1 = 2 {2} 

14: 11 = 8 {2, 3} 
15: 1) =: 4 {3} 


Figure 1.27-A: Binary words corresponding to non-empty subsets of the 4-element set in lexicographic 
order with respect to subsets. Note the first element of the subsets corresponds to the highest set bit. 


x0 >>= 1; x -= x0; // ... is moved one to the right 
return xX; 
} 
} 


The bit-reversed representation was chosen because the isolation of the lowest bit is often cheaper than 
the same operation on the highest bit. Starting with a one-bit word at position n — 1 one generates the 


2” bit-subsets of length n. The function is used as follows [FXT: |bits/bitlex-demo.cc : 


ulong n = 4; // n-bit binary words 
ulong x = 1UL<<(m-1); // first subset 
- 


// visit word x 


while ( (x=next_lexrev(x)) ); 


The output for of the program is shown in figure}1.27-A] About 225 million words per second are generated. 
8.1.2] 


An equivalent routine for arrays is given in section|8.1.2}on page 


[O%. Scsda = 0 *] 16: .1...1 = 17 32: 1....1 = 
Lets eectees 1 = i * 17: .1..11 = 19 33: 1...11 = 
2? ...-41 = 3 18: .1..1. = 18 * 34: 1...1. = 
3: ...,1,. = 2 19: .1.1.1 = 21 35: 1..1.1 = 
4: ...1.1 = 5 20: .1.111 = 23 36: 1..111 = 
5: ...111 = 7 21: .1.411. = 22 37: 1..11. = 
6: ...11. = 6 * 22% 4... = 38: 1..1.. = 
C2 eeedee = 4 23: .11..1 = 25 39: 1.1..1 = 
8: ..1..1 = 9 24: .11.11 = 27 40: 1.1.11 = 
9: ..1.11 = 11 25: .11.1. = 26 41: 1.1.1. = 
10: ..1.1. = 10 * 26: .111.1 = 29 42: 1.11.1 = 
ti: ..11.1 = 13 27: .11111 = 31 43: 1.1111 = 
12: ..1111 = 15 28: .1111. = 30 44: 1.111. = 
13: ..111. = 14 29: .111.. = 28 45: 1.11.. = 
14: ..11.. = 12 30: .12... = 24 46: 1.1... = 
LOS conde 5 = 8 Sl dy = 16 47: 11...1 = 


11..11 = 
35 49: 11..1. = 50 
34 * 50: 11.1.1 = 53 
37 51: 11.111 = 55 
39 62: 11.11. = 54 
38 53: 11.1.. = 52 
36 54: 111..1 = 57 
41 55: 111.11 = 59 
43 56: 111.1. = 58 
42 57: 1111.1 = 61 
45 58: 111111 = 63 
47 59: 11111. = 62 
46 60: 1111.. = 60 * 
44 61: 111... = 56 
40 62: 11.. = 48 
49 637 Low as. = 32 


Figure 1.27-B: Binary words corresponding to the subsets of the 
prev_lexrev(). Fixed points are marked with asterisk. 


The following function goes backward: 


static inline ulong prev_lexrev(ulong x) 
// Return previous word in subset-lex order. 


{ 
ulong x0 = x & -x; // lowest bit 


if ( x & (x0<<1) ) // easy case: next higher bit is set 


{ 
x “= x0; // delete lowest bit 
return x; 


} 


else 


[fxtbook draft of 2008-January-19] 


6-element set, as generated by 


66 Chapter 1: Bit wizardry 


x += x0; // move lowest bit to the left 
x l= 1; // set rightmost bit 
return x; 


} 


About 250 million words are generated per second. Starting with zero one obtains, by repeated calls to 
prev_lexrev(), a sequence of words that just before the 2”-th call has visited every word of length n. 
The generated sequence of words corresponding to subsets of the 6-element set is shown in figure|1.27-B 


The sequence 1, 3, 2, 5, 7, 6, 4, 9,... in the right column is entry |A108918 of [214]. It turns out to be 
22.6) 


useful for a special version of fast Walsh transforms described in section |22.6]on page 


1.27.2 Conversion between binary- and lex-ordered words 


A little contemplation on the structure of the binary words in lexicographic order leads to the routine 
that allows random access to the k-th lex-rev word (unrank algorithm) [F XT: |bits/bitlex.h): 


inline ulong negidx2lexrev(ulong k) 


{ 
ulong z = 0; 
ulong h = highest_bit (k) ; 
os (Ck) 
while ( 0==(h&k) ) h >>= 1; 
z “=h; 
++k; 
k &=h - 1; 
return Z; 
} 


Let the inverse function be T(x), then we have T(0) = 0 and, with h(x) being the highest power of two 
not greater than 2, 


T(x—h(x)) if x —h(x) £0 


T(a) = ne) 14+ h(x) aes (1.27-1) 


We obtain the rank algorithm by starting with the lowest bit: 
inline ulong lexrev2negidx(ulong x) 
te 


if ( O==x ) return 0; 
x & -x; // lowest bit 


r 
h=x &-x; // next higher bit 


} 
r+=h; // highest bit 
return TY; 


1.27.3. Minimal decompositions into terms 2" — 1 * 


The least number of terms needed in the sum x = >>, 2* — 1 equals the number of bits of the lex-word 
as shown in figure}1.27-C] The number can be computed as 


c = bit_count( negidx2lexrev( x ) ); 


Alternatively, one can subtract the greatest integer of the form 2” —1 until x is zero and count the number 


of subtractions. The sequence of these numbers is entry A100661) of [214]: 
132,15253,25152,53,2,3,4,3,23152,3,2,3,4,3,;2,3,4,53,4,5,4,3:.25 1,253,253 5.000 


The following function can be used to compute the sequence: 


[fxtbook draft of 2008-January-19] 


1.27: Binary words as subsets in lexicographic order 67 


podoseck al et = 1= 1 

sade 2 wl. = 2= 1+i1 

Seeds .-l1 = 3= 8 

esidle da 2 wt... = 4= 3+1 

..111 3 tid = 5= 3+1+1 
wowed: .it. = 6= 3+3 

gore dhwass (ak ili = 7= 7 

.1..1 2 1... = 8= 7+1 

21.11 3 L..4= 9= 7+it+il 

phi de 2 -1.1. =10= 7+3 

11.13 1.42 =112 = 7+3+1 
1111 4 eit.. = 12= 7+3+1+1 
111. 3 -11.4 =13 = 7+3+3 

padi ecst 2 -111. =14= 7+7 

gd sctiee ak .1111 = 15 = 15 

Diced 2 1.... = 16=15+1 

1..11 3 1... =17 =15+1i+1 
1.1... 2 1..1. = 18 = 15 +3 

1.1.1 3 1..11 = 19 =15+3+1 
1.111 4 1.14..=20=15+73+1+1 
Let 3 1.4.4 = 21 =15+3+3 
Lod 3D 1.41. =22=15+7 

11..13 1.14141 = 23 =15+7+1 
11.11 4 11... =24=15+7+1+1 
11.1. 3 11..1 = 25 =15+7+3 
111.1 4 11.14. =26=15+7+3+1 
11111 5 11.141 = 27 =15+7+3+1+1 
1111. 4 1i1.. = 28 =15+7+3+3 
111.. 3 111.4 =29=15+7+7 

LT ie 2 1111. = 30 = 15 + 15 

ee | 11111 = 31 = 31 


Figure 1.27-C: Binary words in subset-lex order and their bit counts (left columns). The least number 
of terms of the form 2* — 1 needed in the sum x = )>, 2" — 1 (right columns) equals the bit count. 


void S(ulong f, ulong n) // A100661 


{ 
static int s = 0; 
++8; 
cout << 6 << "5 
for (ulong m=1; m<n; m<<=1) S(ftm, m); 
= 
cout << go << ","% 
} 


When called with arguments f = 0 and n = 2* it prints the first 2*+' — 1 numbers of the sequence 
followed by a zero. 


A generating function of the sequence is given by 


Ze) := arte Th ter) = (1.27-2) 


1+ 2e +27 +203 + 324 + Qx° + 7% + 207 + 32° + 209 + 3x! + 4r +30! + ark +... 


1.27.4 The sequence of fixed points * 


The sequence of fixed points of the conversion to and from indices is 0, 1, 6, 10, 18, 34, 60, 66, 92, 108, 
116, 180, 156, 172, 180, 204, 212, 228, 258, 284, 300, 308, 332, 340, 356, 396, 404, 420, 452, 514, 540, 556, 


is sequence A079471 of [214]. Their values as bit patterns are shown in figure|1.27-D] The crucial 


observation is that a word is a fixed point exactly if (it equals zero or) its bit-count equals 2’ where j is 
the index of the lowest set bit. 


Now we can find out whether z is a fixed point of the sequence by the following function: 


static inline bool is_lexrev_fixed_point(ulong x) 
// Return whether x is a fixed point in the prev_lexrev() - sequence 


if (x&i1) 


if ( 1==x ) return true; 


[fxtbook draft of 2008-January-19] 


68 Chapter 1: Bit wizardry 


0: 514: ill see eeterepieers 1s 
i: 540: Pp eee i [eee 
6: 556: abc ane dig Les 
10: [--snip--] 
18: 1556: gl Det dcdla 5 
34: 1572: eee: Rees eee 
60: 1604: vA eds eed. 
66: eset 1668: oe es eee ee 
92: eer 1796: Pe eee Lee. 
108: sacs 2040: 11111111 
116: ii 2050: Tce ens cdess does 1 
130: aii 2076: re 111.. 
156: we 2092: ere pe Le 
172: oF 2100: We ices ay Ee ees 
180: sa 2124: t T.ctt... 
204: aa 2132 le ie Ue Lae 
212: at 2148: t. 11.2... 
228: ... ee [--snip-—] 
2983 ea deeiced 1. 4644: 1..1...1..1.. 
284: ..1...111.. 4676: dyv.1s.1...2.. 
300: ..1..1.11 4740s 4. dede sche 
308: ..1..11.1 4868: 1..11..... da 
3322 wld. T1 BlI2s det ATTA TT ss 
340: ..1.1.1.1 51322 Dede ee 11.. 
356: ..1.11..1 5140 ° Ade sens 1d. 
396: ..11...11 5166? 1. Peccwe decd. 
404: ..11..1.1 51888 Tet eed. cd as 
420: ..11.1..1 5262: Dedede Te. 
452: ..111...1 5380: 1.1.1..... alee 
Figure 1.27-D: Fixed points of the binary to lex-rev conversion. 
else return false; 


ulong w = bit_count (x); 

if (w != G & -w) ) return false; 
if ( 0O==x ) return true; 

return O != ( (x & -x) kw); 


} 

} 

One can also use either of the following tests: 
x == negidx2lexrev(x) 
x == lexrev2negidx(x) 


1.27.5 Recursive generation and relation to a power series * 


The following function generates the bit-reversed binary words in reversed lexicographic order: 
void C(ulong f, ulong n, ulong w) 
for (ulong m=1; m<n; m<<=1) C(ftm, m, wm); 
print_bin(" ", w, 10); // visit 
Calling C(O, 64, 0) we obtain the list of words shown in figure|1.27-B| with the all-zeros word moved to 
the last position. A slight modification of the function 
void A(€ulong f, ulong n) 
{ 


cout << "1,"; 
for (ulong m=1; m<n; m<<=1) A(ftm, m); 
cout << "0,"; 


generates the power series (sequence A079559 of |214]) 
Il (1+27"-2) = Ilteteritattar tab ta patted 4 x64... (1.27-3) 
n=1 


[fxtbook draft of 2008-January-19] 


1.28: Minimal-change bit combinations 69 


Calling ACO, 32) we obtain: 
1,1,0,1,1,0,0,1,1,0,1,1,0,0,0,1,1,0,1,1,0,0,1,1,0,1,1,0,0,0,0, 


Indeed, the lowest bit of the k-th word of the bit-reversed sequence in reversed lexicographic order equals 
the (k—1)-st coefficient in the power series. The sequence can also be generated with a string substitution 


engine (see chapter [16] on page (331): 


Start: 1 


"410110011011000 
: (#=32) 


0 

1 

2 

3: #=16) 

4: 
1101100110110001101100110110000 

5 1 40$10611011000110110011011000011011001101100011011001101100000 


We note that the sequence of sums, prepended by one, 


Nee (1 + oo) 


i L+le+2e7429¢34+30¢4+40°4+40%+... (1.27-4) 
—@ 


l+2 


has series coefficients 
1, 1, 2, 2, 3, 4, 4, 4, 5, 6, 6, 7, 8, 8, 8, 8, 9, 10, 10, 11, 12, 12, 12, 13, 


This sequence is entry |A046699 of [214]. We have a(1) = a(2) = 1 and the sequence satisfies the peculiar 
recurrence 


a(n) = a(n—a(n—1))+a(n—1-a(n—-2)) for n>2 (1.27-5) 


1.28 Minimal-change bit combinations 


The wonderful routine [FXT: |bits/bitcombminchange.h 


static inline ulong igc_next_minchange_comb(ulong x) 
// Return the inverse graycode of the next combination in minchange order. 
// Input must be the inverse graycode of the current combination. 


{ 
ulong g = rev_gray_code(x) ; 
ulong i = 2; 
ulong cb; // ==candidateBits; 
do 
{ 
ulong y = (x & ~(i-1)) + i; 
ulong j = lowest_bit(y) << 1; 
ulong h = !!(y & j); 
cb = ((j-h) * g) & (j-i); 
i= j; 
while ( 0==cb ); 
return x + lowest_bit(cb); 
} 


together with 


static inline ulong igc_last_comb(ulong k, ulong n) 
// Return the (inverse graycode of the) last combination 
// as in igc_next_minchange_comb() 
{ 
if ( 0==k ) return 0; 
ulong f = first_sequency(k) ; 
ulong c first_comb(n) ; 


[fxtbook draft of 2008-January-19] 


70 Chapter 1: Bit wizardry 


return c ~ (f>>1); 
// ="= (by Doug Moore) 
. return ((1UL<<n) - 1) * (((AUL<<k) - 1) / 3); 


(the function first_sequency() is defined in section on page [42) can be used as 


static inline ulong next_minchange_comb(ulong x, ulong last) 
// not efficient, just to explain the usage 

// of igc_next_minchange_comb() 

// Must have: last==igc_last_comb(k, n) 


{ 
x = inverse_gray_code(x) ; 
if ( x==last ) return 0; 
x = igc_next_minchange_comb(x) ; 
return gray_code(x); 
} 


Each combination is different from the preceding one in exactly two positions. For example, using n = 5 
and k = 3 we obtain 


x inverse_gray_code(x) 

..111 ..1.1 == first_sequency(k) 
“t.41 accord: 

.1il. af .11 

ede 11.1 

11..1 1.251 

11.1. i leery ie 

111... 1.111 

Lete1 Ti. ot. 

1.11. 11.11 

pga 111.1 == igc_last_comb(k, n) 


The same run of bit combinations could be obtained by going through the Gray codes and omitting all 
words where the bit-count is not equal to k. The algorithm shown here, however, is much more efficient. 


For reasons of efficiency one may prefer code as 


ulong last = igc_last_comb(k, n); 
ulong c, nc = first_sequency(k) ; 
do 
{ 
c = nc; 
nc = igc_next_minchange_comb(c) ; 
ulong g = gray_code(c); 
// Here g contains the bitcombination 


} 
while ( c!=last ); 


which avoids the repeated computation of the inverse Gray code. 


n=6 k=2 n=6 k=83 n=6 k=4 

Neel “aeeetite: soccaceled ead. Ged. nae ee eet ede asd «3 
jiadds:. dnseddiens’ ‘gos a ls sob de aa L aoa L sie dvbiva -11.41  .41..4. ee ee 
sstdek: vieedidt.  aneoneds sed, vedic sues pdice shite Cediedies Siget ese 
sadidasd anv anid eedgdd sydd pee ee ALD edt. sceallg 
vedighe eels aware ls vAdoet. alesse veep de sdetdd fd Tac  aedieces 
soda ulated s. eared. wth oad he oe 1101 Sted pee: ie 
eb Aot acdscauccs vecacilleandns -141..  .41.111 Subasdos edt. Deedes gga deg 
sBdwse. whew: sae das whetst std pore he 11.1.1 1..11. steve 
wDecedes. abd wees he Lite «di.a¢ wo eds 11Tt..  Ddees evden 
vieeed siltid, «Wwwels .1..41  .111.1 oo ee 111.14. 4.11.. Pee ee 
Thc Denedis- a ea eee WA aeeiy  Aheweset Pe bee 111..1 1.111. ae ee 
Todos, Tle: ena Menace Pecks Legedt Pee eee 11,701. 21.51. Soeta dss 
Tesdan F141. watlins 1d Gendt «wctie. 1.141. 14.1.. soinwds 
1.04. D102 wd. 111... 4.1411 ee ee 1.41.1 14.11. Sse Dice 
1....1 141141 ods Todds be wh nate es 4401 “ta. 1. py: Gree 

t.2.1. “125.04 dees 

1.11... 21.711 ma dig 

1..4.1 1411..1 ead 

1..41. 141.11 pes 

Lescckd, ATL pe 


Figure 1.28-A: Minimal-change combinations, their inverse Gray codes and the differences of the inverse 
Gray codes. The differences are powers of two. 


The algorithm in igc_next_minchange_comb() uses the fact that the difference of two (inverse Gray 
codes of) successive combinations is always a power of two, see figure |1.28-A| See also [FXT: 


[fxtbook draft of 2008-January-19] 


1.29: Fibonacci words 71 


bits/bitcombminchange-demo.cc]. Using this observation one can derive a different version that checks 


e pattern of the change: 


static inline ulong igc_next_minchange_comb(ulong x) 
// Alternative version. 


ulong gx = gray_code( x ); 
ulong i = 2; 
do 
{ 
ulong y = x + i; 
i <<= 1; 
ulong gy = gray_code( y ); 
ulong r = gx ~ gy; 
// Check that change consists of exactly one bit 
// of the new and one bit of the old pattern: 
if ( is_pow_of_2( r & gy ) && is_pow_of_2( r & gx ) ) break; 
// is_pow_of_2(x):=((x & -x) == x) returns 1 also for x==0. 
// But this cannot happen for both tests at the same time 


+ 
while ( 1); 
return jy; 


} 
This version is the fastest, the combinations (a) are generated at a rate of about 96 million per second, 


12 
32 


the combinations (55) at a rate of about 83 million per second. 


Here is another version which needs the number of set bits as a second parameter: 


static inline ulong igc_next_minchange_comb(ulong x, ulong k) 
// Alternative version, uses the fact that the difference 
// of two successive x is the smallest possible power of 2. 


{ 
ulong y, i = 2; 
do 
{ ; 
y=zx+i; 
i <<= 1; 
} 
while ( bit_count( gray_code(y) ) !=k ); 
return jy; 
} 


The routine will be fast if the CPU used has a bitcount instruction. The necessary modification for the 
generation of the previous combination is trivial: 


static inline ulong igc_prev_minchange_comb(ulong x, ulong k) 

// Returns the inverse graycode of the previous combination in minchange order. 
// Input must be the inverse graycode of the current combination. 

// With input==first the output is the last for n=BITS_PER_LONG 


{ 
ulong y, i = 2; 
do 
{ 
y=x-i; 
i <<= 1; 
} 
while ( bit_count( gray_code(y) ) !=k ); 
return jy; 
} 


1.29 Fibonacci words 


A Fibonacci word is a word that does not contain two successive ones. Whether a given binary word is 
a Fibonacci word can be tested with the function [F XT: |bits/fibrep.h 


inline bool is_fibrep(ulong f) 
{ 
return ( 0==(fk(f>>1)) ); 


[fxtbook draft of 2008-January-19] 


72 Chapter 1: Bit wizardry 


1.29.1 Lexicographic order 


OF fede eee la eae es ee 225° ie leavened 1 332 .tet.1.1 44: 1..1..1 
USS sacl iw 1 12: let 232) ler tsid SAS! Vis ee ayes 460. 104d. 
Qe vague toes 1. 13: : era aes eee SBF Dio. stue iL, 46: 1..1.1.1 
SY aes Ls. 14: eee | 20%. whisecded 363 Lees 1 BEC e Misedcrcssiens 
Bee ati saee ne 1.1 15: Ps. ccdl 263 elsncdss S86. Lice cece L ABS Deda ecssedk 
5: a eee 16: 1..1 Zs ghee dsl 38: 1....1.1 phe me ee eae 
6: Sede d 17: ded 28 «teed. 39% da cad. 502 4b. cde. 
CP cgracdled oA 18: 1.1. 298? olied ors 40: 1...1..1 51: 1.1..1.1 
OP» sina sees 19: desde dt 90% wile ds. <1 Ale: ested 52h) Lidelocs 
Oe seedisceed 20: 1.1.1 Shik ole deed As Lies dees bos Led. 
10: oe oe oe DA Sleds ess o2t leded 433 4..4 1 54: 1.1.1.1. 


Figure 1.29-A: All 55 Fibonacci words with 8 bits in lexicographic order. 


To generate all Fibonacci words use the following functions from [FXT:|bits/fibrep.h]|. For forward order 


(see figure [1.29-A}: 


inline ulong next_fibrep(ulong x) 
// With x the Fibonacci representation of n 
// return Fibonacci representation of n+1. 


{ 
// 2 examples: // ex. 1 // ex.2 
// // x == [*]0 010101 // x == [*]0 01010 
ulong y = x | (x>>1); // y == [*]? 011111 // y == [*]? 01111 
ulong z = y + 1; // z == [*]? 100000 // z == [*]? 10000 
Z=Z & -Z; // z == [0]0 100000 // z == [0]0 10000 
x= 2; // x == [*]0 110101 // x == [*]0 11010 
x & ~(z-1); // x == [*]0 100000 // x == [*]0 10000 
return x; 

} 

The routine can be used as shown in [F XT: |bits/fibrep2-demo.cc): 
ulong n = 7; 
const ulong f = 1UL << n; 
ulong t = 0; 
do 


// visit(t) 
t = next_fibrep(t); 


} 
while ( t!=f ); 


The reversed order can be obtained via 


ulong f = 1UL << n; 
while ( f ) 
{ 


ulong t = prev_fibrep(f); 
f=t; 
// visit (t) 


which uses the function (64-bit version) 


inline ulong prev_fibrep(ulong x) 
// With x the Fibonacci representation of n 
// return Fibonacci representation of n-1. 


{ 
ulong i = lowest_bit_idx(x) ; 
x 7= (1UL<<i); 
+415 
x 7*= (0x5555555555555555UL >> (BITS_PER_LONG-i)) ; 
return x; 
} 


The forward version generates about 200 million words per second, the backward version about 135 million 
words per second. 


[fxtbook draft of 2008-January-19] 


1.29: Fibonacci words 73 


a k(j) k(j)-k(j-1) = x=bin2neg(k) gray (x) 

hs are eae | ere eed Da ges ocd .-1..1..1 = 27 
2° beedekesee. ovine dd hate 1 et eee ..t..1... = 26 
3: Peer lee ei | ere a 1 ree Ce let Ogee ..1..1.1. = 28 
4: saddles. S2gnevedesncs 11 oe bdd Li... eobecinde = 23 
5: Sisdgleads,  iesearter verted 1 ..1111111 Poe Ona rears = 21 
6: Sabie’ ised gaeeev ees 1 ..111111. soutliegsege's 1 = 22 
Cs wdiadeadde’ a ge eater ters 1 etd... ¢leacdied, =. 25 
8: Soiedacieds’  saseradeuauetreice 1 Bere ttl eee wihete din. SY 24 
9: Sigdsetetde | eae 1.1 ..11..111 ..t.1.1.. = 32 
10: idseeetdis,  <iaradeearemass 1 ..11..11. ..1.1.1.1 = 33 
11: seliteeies de jgaelne ee loes 1 Seo L ab ..1.41...1 = 30 
12: wppetdes. wide dy deaths 1 eee eee ..t.1.... = 29 
V3% bese oO | 1 eri dedee ea dd whe leeds = Ol 
Ta eeestoits Mg. eres alee [errr tee MD dc ae aust 1..1. = 10 
VO Geer weet pee | rere ee Te santiesg er 11111 Losey = 8 
TOs  .vasved ate Ded th Seeds : er 1111. 1. = 9 
LE ectugedtate Lgccd.  selaede tienes T. | Bieationg 11.44 1. = 12 
US tescguase' discas.. "ea Seacbue Nece : cee TA 1. = 11 
TOs? sheeratieeeusces Tt eee cs |e ree 111 = 3 
ZOE ose aeavenecs Vie atid eee ae Do eeaetnienisets 11. = 4 
Pa re rere de swede edeticer’s Dy seh a tthe ws 1 = 1 
Qo aMecstovelersm a: -gneerduls Bs ates svlesaleregen = fe) 
23: DUTTA AT, kee tsetaes Drain ieeenee 11 = 2 
24: i i se eee UT ache eres Wh ses = 7 
25: lip eee Te ewwiseedrieas 1111 = 5 
26: zi ss se eer rrr 111. = 6 
27: EU te ee (rer 1..1 aopodel os. a = 19 
28: se Ue Be ate 1 fey lei esnarar = 18 
29: ss it ts see oe dds ded = 20 
30: ys Ue Es Pa ee eee 11 Relic i eae = 15 
31: li ls 1 111111 = 13 
32: PAT dds * cetuettstiseasds 1 bd AT. = 14 
33: AUT Tedd cekevane Sane cos 1 ey lei eereel = 17 
34: li tea rie rene 1 seb Tsses = 16 


Figure 1.29-B: Gray code for the binary Fibonacci words (rightmost column). 


1.29.2 Gray code order 


A Gray code for the binary Fibonacci words (shown in figure|1.29-B) can be obtained by using the Gray 
code of the radix —2 representations (see section on page|56) of binary words whose difference is of 
the form 


Po | Axiddhaeewe Gacedarg al 

3 11 

5 aL 

9 el 

19 eal dt 
3f hed 
13 sad 
147 el 
293 Peel 
585 ied 
1171 ..il 
2341 .1.1 
4681 al 
9363 ae bal 


The algorithm is to try these values as increments starting from the least, same as for the minimal- 
change combination described in section on page [te] The next valid word is encountered if it is 
a valid Fibonacci word, that is, if it does not contain two consecutive set bits. The implementation is 


[FXT: class bit_fibgray in bits/bitfibgray.h!: 


class bit_fibgray 
// Fibonacci Gray code with binary words. 


{ 
public: 
ulong x_; // current Fibonacci word 
ulong k_; // aux 
ulong fw_, lw_; // first and last Fibonacci word in Gray code 
ulong mw_; // max(fw_, lw_) 
ulong n_; // Number of bits 
public: 
bit_fibgray(ulong n) 
{ 


n_ =n; 
fw_=0; 
for (ulong m=(1UL<<(n-1)); m!=0; m>>=3) fw_ |= m; 


[fxtbook draft of 2008-January-19] 


7A Chapter 1: Bit wizardry 


lw. = fw_ >> 1; 
) 


if ( 0==(n&1) { ulong t=fw_; fw_=lw_; lw_=t; } 


mw_ = ( lw_>fw_ ? lw_ : fw_ ); 
x_ = fw_; 
k_ inverse_gray_code(fw_); 


neg2bin(k_); 


~pit_fibgray() {;} 


ulong next () 
// Return next word in Gray code. 
// Return ~0 if current word is the last one. 


if ( x_ == 1lw_) return ~OUL; 
ulong s = n_; 
while ( 1 ) 
{ 
--s; 
ulong c = 1 | (mw_ >> s); 
ulong i = k_ - c; 
ulong x = bin2neg(i); 
x “= (x>>1); 
- ( O==(x&(x>>1)) ) 
k_ =i; 
X_ = X3 
return x; 


} 
}; 


More than 100 million words per second are generated. The program [FXT: bits/bitfibgray-demo.cc 
shows how to use the class, figure|1.29-B| was created with it. Section on page gives a recursive 


algorithm for Fibonacci words in Gray code order. 


1.30 Binary words and parentheses strings * 


0 .. P [empty string]  )— ..... [empty string] 
1 ..1P OO 1 006(QO 

2 jade ...11 0 (QO) 

3 ..11 P (QO) 21.1 OO 

4 Aes 141 ((Q))) 

5 1.1P OO 1.114 (OQ) 

6 ott et1.14 OCQO) 

7 .111 PP ((Q)) .1141  (€(Q))) 

8 die: 1..41 (ODO 

9 1..4 1.14.14 OOQO 

10 1.1. 1.14141 ((OQ)) 
11 1.141 P (OQ) 11.41 (OCQ)) 
12 11.. 111.1 OCCO)) 
13 11.1 P QOCQ) 11141 =(€(€(Q)))) 
14 111. 

15 1114 (CCO))) 


Figure 1.30-A: Left: some of the 4-bit binary words can be interpreted as a string parentheses (marked 
with ‘P’). Right: all 5-bit words that correspond to well-formed parentheses strings. 


A subset of the binary words can be interpreted as a (well formed) string of parentheses. The 4-bit 
binary words that have this property are marked with a ‘P’ in Reure[LA i) [FXT: 
demo. The strings are constructed by scanning the word from the low end and printing a ‘( with eac 

one and a ‘)’ with each zero. In order to find out when to terminate one adds up +1 for each opening 


parenthesis and —1 for a closing parenthesis. When the ones in the binary word have been scanned then 
s closing parentheses have to be added where s is the value of the sum [FXT: bits/parenwords.h): 


inline void parenword2str(ulong x, char *str) 


[fxtbook draft of 2008-January-19] 


1.30: Binary words and parentheses strings * 75 


{ 
int s = 0; 
ulong j = 0; 
for (j=0; x!=0; ++j) 
s += ( x¥1 ? +1: -1) 
str[j] = ")("[x&1]; 
x >>= 1; 
} 
while ( s-- > 0) str[j++] = ’)’; // finish string 
str[j] = 0; // terminate string 
} 


The 5-bit binary words that are valid ‘paren words’ together with the corresponding strings are shown in 
figure|1.30-A| (right). Note that the lower bits in the word (right end) correspond to the beginning of the 
€ 


string (left end). If a negative value for the sums occurs at any time of the computation then the word is 
not a paren word. We use that fact to create a routine that determines whether a word is a paren word: 


inline bool is_parenword(ulong x) 


int s = 0; 

for (ulong j=0; x!=0; ++j) 
s += ( xk1 ? +1: -1); 
if ( s<O ) break; // invalid word 
x >>= 1; 


return (s>=0); 


The sequence 
1, 3, 5, 7, 11, 18, 15, 19, 21, 23, 27, 29; 31, 39, 48, 45, 47, 51, 53, 55, 59, 61, 63, ..... 
of nonzero integers x so that is_parenword(x) returns true is entry A036991| of 214]. If we fix the 


number of paren pairs then the following functions generate the least and biggest valid binary word. The 
function simply returns a word with a block of n ones at the low end: 


inline ulong first_parenword(ulong n) 

// Return least binary word corresponding to n pairs of parens 
// Example, n=5: ..... 11111) (€€€0)) 

{ 


return first_comb(n) ; 


The last paren word is the word with a sequence of n blocks ‘01’ at the low end: 


inline ulong last_parenword(ulong n) 

// Return biggest binary word corresponding to n pairs of parens. 
// Must have: 1 <= n <= BITS_PER_LONG/2. 

// Example, n=5: .1.1.1.14.1 OOOOQOO 

{ 


return 0x5555555555555555UL >> (BITS_PER_LONG-2*n) ; 


ee 11111 = ((((())))) w.1...1141 = (€€€0)) QO) 1 1111 = ((CQ)))O 
te. 1.1411 = ((COQ))) J.1..4.111 = (COO) QO) 1...1.111 = (COO))O 
oe 11.411 = (CO(Q))) ..1..41.411 = (COCO) O) 1...11.11 = COCO))O 
eee 111.11 = (O((Q))) w.t..411.1 = OCCO) QO) 1...111.14 = OCCO)O 
OS 1114.1 = OCCCO))) J.t.4..1141 = CCO)OQO) 1..1..1114 = (CO) O)O 
1..4111 = ((CO)Q)) ..1.4.1.11 = COOOQ) .1..4.1.11 = COOQOQ)O 
1.1.111 = (COOQ)) ..1.4.11.1 = OCOOQO) .t..4.11.1 = OCOO)O 
1.11.11 = (OCOQ)) ..t.44..41 = C(O) COQ) ..1..41..11 = (CO) CO)O 
1.111.141 = OCCOQ)) .t.44.1.1 = OOCOQO) 1..11.1.14 = OOCO)O 
11..111 = (CO) (QO)) ..11...141 = (€€0)) CO) 1.1...1114 = CCONOO 
11.14.11 = (OQO(CQO)) ette.dett-= €O.O)CO) 1.1..14.114 = COO)OQO 
11.41.14 = OCOCQO)) ..11..11.1 = OCO)CO) 1.1..11.1 = OCQ)OO 
111..11 = (O)C(Q)) ..11.4..41 = COVOCQO) 1.14.1..114 = COVOOQO 
111.1.1 = OOCCO)) 11.1.1.1 = OOO CQ) 1.4.1.1.14 = OOOOO 
Figure 1.30-B: The 42 binary words corresponding to all valid pairings of 5 parentheses, in colex order. 


The sequence of all binary words corresponding to n pairs of parens in colex order can be generated with 
the following (slightly cryptic) function: 


[fxtbook draft of 2008-January-19] 


76 Chapter 1: Bit wizardry 


inline ulong next_parenword(ulong x) 
// Next (colex order) binary word that is a paren word. 


if (x&2) // Easy case, move highest bit of lowest block to the left: 


} 


The program [FXT: 


£ 


ulong b = lowest_zero(x); 


x “= b; 
x “= (b>>1); 
return x; 


+ 
else // Gather all low "01i"s and split lowest nontrival block: 


{ 
if ( O0==(x & (x>>1)) ) return 0; 
ulong w= 0; // word where the bits are assembled 
ulong s = 0; // shift for lowest block 
ulong i= 1; // == lowest_bit (x) 
a // collect low "01"s: 
x “= 1; 
w <<= 1; 
w l= 1; 
++s; 
r i <<= 2; // == lowest_bit(x); 
while ( 0==(x&(i<<1)) ); 
ulong z = x ~ (xti); // lowest block 
X "= Z; 
z &= (z>>1); 
z &= (z>>1); 
w “= (z>>s); 
x l= w; 
return x; 
} 


bits /parenword-colex-demo.cc| shows how to create a list of binary words corre- 


sponding to n pairs of parens (code slightly shortened): 


ulong n = 4; // Number of paren pairs 
ulong pn = 2*n+1; 

char *str = new char[nti]; str[n] = 0; 
ulong x = first_parenword(n) ; 

ae (x) 


print_bin(" ", x, pn); 
parenword2str(x, str); 
cout << "=" << str << endl; 


x = next_parenword(x) ; 


} 


Its output with n = 5 is shown in figure}1.30-B] The 1, 767, 263, 190 paren words for n = 19 are generated 
ata rate of about 153 million words per second. Chapter [13]on page [299] gives a different formulation of 
the algorithm. 


Knuth gives [157] a very elegant routine for generating the next paren word, the comments are MMIX 


instructions: 

inline ulong next_parenword(ulong x) 

{ 
const ulong m0 = -1UL/3; 
ulong t = x ~ m0; // XOR t, x, m0; 
if ( (t&x)==0 ) return 0; // current is last 
ulong u = (t-1) * t; // SUBU u, t, 1; XORu, t, u; 
ulong v = x | u; // OR v, x, u; 
ulong y = bit_count( u & mO ); // SADD y, u, m0; 
ulong w =v + 1; // ADDU w, v, 1; 
t=v & Ww; // ANDN t, v, w; 
y=zt> y; // SRU y, t, y; 
y t= w; // ADDU y, w, y; 
return y; 

} 


The routine is slower, however, about 81 million words per second are generated. A bit-count instruction 


[fxtbook draft of 2008-January-19] 


1.31: Error detection by hashing: the CRC 77 


in hardware would speed it up significantly. By treating the case of easy update separately as in the 
other version, a rate of about 137 million words per second is obtained. 


1.31 Error detection by hashing: the CRC 


A hash value is an element from a set H that is computed via a hash function f that maps any (finite) 
sequence of input data to H. 


For the sake of simplicity we now consider the case that the input sequences are of fixed size so they are 
in a fixed set, say S. We further assume that the set S is (much) bigger than H. 


f:S- dH, sroh (1.31-1) 


wheres€ Sandhe H. 


Two input sequences with different hash values are necessarily different. But, as the hash function maps 
a larger set to a smaller one, there are different input sequences with identical hash values. 


A trivial example is the set H = {0, 1} together with a function that count binary digits modulo two, 
the parity function. Another example is the sum-of-digits test (see section [27.5] on page used to 
check the multiplication of large numbers. In the test we compute the value of a multi digit number 
decimal s € S modulo nine. The crucial additional property of this hash is that with f(A) =a, f(B) =}, 
f(C) =c (were A, B,C are decimal numbers), then A- B = C implies a- b= c. 


A hash function f that is actually useful should have the mizing property: it should map the elements 
s € S ‘randomly’ to H. With the sum-of-digits test we could have used rather arbitrary moduli for the 
hash function. With one exception: the value modulo ten as hash would be pretty useless. No change in 
any digit except for the last could ever be detected. 


The so-called cyclic redundancy check (CRC) is a hash where the hash values are binary words of fixed 
length. The hash function (basically) computes h = s mod c where s is a binary polynomial build from 
the input sequence and c is a binary polynomial that is primitive (see chapter [38] on page [793). We will 
use polynomials c of degree 64 so the hash values (CRCs) are 64-bit words. 


An C++ implementation is given as [FXT: class crc64 in bits/crc64.h): 


class crc64 
// 64-bit CRC (cyclic redundancy check) 


ak 

public: 
uint64 a_; // internal state (polynomial modulo c) 
uint64 c_; // a binary primitive polynomial 


// (non-primitive c lead to smaller periods) 
// The leading coefficient needs not be present. 
uint64 h_; // auxiliary 


static const uint64 cc[]; // 16 "random" 64-bit primitive polynomials 


public: 

crc64(uint64 c=0) 

{ 
if ( 0==c ) c = Ox1bULL; // ="= 64,4,3,1,0 (default) 
init(c); 

“crc64() {3} 

void init (uint64 c) 
C=C; 
c_ >>= 1; 
h_ = iULL<<63; 
c_ |= h_; // leading coefficient 
reset(); 


void reset() { set_a(~OULL); } // all ones 


[fxtbook draft of 2008-January-19] 


78 Chapter 1: Bit wizardry 


void set_a(uint64 a) f{ a_=a; } 


uint64 get_a() const { return a_; } 
[--snip--] 


Note that a nonzero initial state (member variable a) is used: starting with zero will only go to a nonzero 
state with the first nonzero bit in the input sequence. That is, input sequences differing only by initial 
runs of zeros would get the same CRC. 


After an instance is created one can feed in bits via bit_in(b) where lowest bit of b must contain the 
bit to be used: 


[--snip--] 
ee shift () 


bool s = (a_ & 1); 
a_ >>= 1; 


if ( O!=s ) al *=c_; 


uint64 bit_in(unsigned char b) 
{ 

a_ “= (b&1); 

shift(); 

return a_; 


[--snip--] 


When a byte is to be checksummed we can do better than just feeding in the bits one by one. This is 
achieved adding the byte followed by eight calls to shift Q: 


[--snip--] 
uint64 byte_in(unsigned char b) 
{ 
#if 1 
a_ “=b; 
shiftQ); shiftQ; shiftQ; shiftQ; 
shiftQ); shiftQ); shiftQ; shiftQ; 
#else // identical but slower: 
bit_in(b); b>>=1; // bit 
bit_in(b); b>>=1; // bit 
bit_in(b); b>>=1; // bit 
bit_in(b); b>>=1; // bit 
bit_in(b); b>>=1; // bit 
bit_in(b); b>>=1; // bit 
bit_in(b); b>>=1; // bit 
bit_in(b); b>>=1; // bit 
#endif 
return a_; 


NOOB WNRFO 


} 

[--snip--] 
The lower block implements the straightforward idea. The program [F XT: \bits/crc64-demo.cc| computes 
the 64-bit CRC of a single byte in both ways. 
Binary words are fed in byte by byte, starting from the lower end: 

uint64 word_in(uint64 w) 


ulong k = BYTES_PER_LONG_LONG; 
while ( k-- ) { byte_in( (uchar)w ); w>>=8; } 
return a_; 


} 
To feed in a given number of bits of a word, use the following method: 


uint64 bits_in(uint64 w, uchar k) 
uf Feed in the k lowest bits of w 


if ( kel) { a. *= (wk1); wo>>= 1; shiftQ; } 

k >>= 1; 

if ( kei) { aL “= (w&3); w>>= 2; shift(); shift(); } 

k >>= 1; 

if ( kei) { aL “= (wk15); w>>= 4; shiftQ; shiftQ); shift(); shiftQ; } 
k >>= 1; 


while ( k-- ) { byte_in( (uchar)w ); w>>=8; } 


[fxtbook draft of 2008-January-19] 


1.31: Error detection by hashing: the CRC 79 


return a_; 


The operation is the optimized equivalent to 
while ( k-- ) f{ bit_in( (uchar)w ); w>>=1; } 


If two sequences differ in a single block of up to 64 bits, their CRCs will be different. The probability 
that two different sequences have the same CRC equals 2~% = 5.42 - 10729. If that is not enough (and 
one does not want to write a CRC with more than 64 bits) then one can simply use two (or more) 
instances where different polynomials must be used. Sixteen ‘random’ primitive polynomials are given 


[FXT: bits/crc64.cc) as static class member: 


const uint64 crc64::cc[] = { 
0x5a0127dd34afie81ULL, // [0] 
Ox4ef12e145d0e3ccdULL, // [1] 
0x16503f£45acce9345ULL, // [2] 
0x24e8034491298b3fULL, // [3] 
0x9e4a8ad2261db8b1iULL, // [4] 
Oxb199aecfbb1i7a13fULL, // [5] 
Ox3f1fa2ccOdfbbf51ULL, // [6] 
Oxfb6e45b2f694fb1fULL, // [7] 
0xd4597140a01d32edULL, // [8] 
Oxbd08ba1a2d621bffULL, // [9] 
Oxae2b680542730db1ULL, // [10] 
Ox8ecO06ec4a8fe8f6dULL, // [11] 
Oxb89a2ecea2233001ULL, // [12] 
Ox8b996e790b615ad1ULL, // [13] 
Ox7eaef8397265e1f9ULL, // [14] 
Oxf368ae22deecc7c3ULL, // [15] 

3; 


These are taken from the list [FXT: data/rand64-hex-primpoly.txt}. Initialize multiple CRCs as follows: 


crc64 crca( crc64::cc[0] ); 
crc64 crceb( crc64::cc[1] ); 


A class for 32-bit CRCs is given in [FXT: class crc32 in|bits/crc32.h|. Its usage is completely equivalent. 


The CRC can easily be implemented in hardware and is, for example, used to detect errors in hard disk 
blocks. When a block is written its CRC is computed and stored in an extra word. When the block is 
read, the CRC is computed from the data and compared to the stored CRC. A mismatch indicates an 
error. 


One property that the CRC does not have is cryptographic security. It is possible to intentionally create 
a data set with a prescribed CRC. With secure hashes (like MD5 and SHA1) it is (practically) not 
possible to do so. Secure hashes can be used to ‘sign’ data. Imagine you distribute a file (for example an 
binary executable) over the Internet. You want to make sure that someone downloading the file (from 
any source) can verify that it is not an altered version (like, in the case of an executable, a malicious 
program). To do so you create a (secure!) hash value which you publish on your web site. Any person 
can verify the authenticity of the file by computing the hash and comparing it to the published version. 
[Note added: recently successful attacks on both MD5 (see [236]) and SHA1 were reported]. 


1.31.1 Optimization via lookup tables 


One can feed in an n-bit word w into the CRC in one step (instead of n steps) as follows: add w to (the 
CRC word) a. Save the lowest n bits of the result to a variable x. Right shift a by n bits. Add to a the 


entry x of an auxiliary table t. For n = 8 the operation can be implemented as [FXT: class tcrc64 in 
bits/tcrc64.h): 


uint64 byte_in(uchar b) 
{ 


a_ “= b; 
uint64 x = t_[a_ & 255]; 
a_ >>= 8; 

a_ “= xX; 

return a_; 


[fxtbook draft of 2008-January-19] 


80 Chapter 1: Bit wizardry 


} 


The size of the table ¢ is 2” = 256 words. For n = 1 the table would have only two entries, zero and c, 
the polynomial used. Then the implementation reduces to 


uint64 bit_in(uchar b) 
{ 


a_ “= (bk1); 

bool s = (a_ & 1); 

a_ >>= 1; 

if ( O!=s ) a_“=c_; // t[0]=0; t[1]=c_; 


return a_; 


} 
which is equivalent to the bit_in() routine of the unoptimized CRC. 
The lookup table is computed upon class initialization as follows: 
for (ulong w=0; w<256; ++w) 


set_a(0); 

for (ulong k = 0; k<8; ++k) bit_in( (uchar)w>>k ); 

t_tw] = a_; 

} 

The class can use tables of either 16 or 256 words. When a table of size 16 is used, the computation is 
about 6 times faster than with the non-optimized routine. A table of size 256 gives a speedup by a factor 
of 12. Optimization techniques based on lookup tables are often used in practical applications, both in 
hardware and in software, see [58]. 


1.31.2 Parallel CRCs 


A very fast method for checksumming is to compute the CRCs for each bit of the fed-in words in parallel. 
An array of 64 words is used [FXT: class pcrc64 in bits/pcrc64.h): 


template <typename Type> 

class pcerc64 

// Parallel computation of 64-bit CRCs for each bit of the input words. 
// Primitive polynomial used is x°64 + x°4 + x°3 + x°2 +1 


{ 

public: 
Type x_[64]; // CRC data 
// bit(i) of x_[0], x_[1], ..., x_[63] is a 64-bit CRC 
// of bit(i) of all input words 
uint pos_; // position of constant polynomial term 
const uint m_; // mask to compute mod 64 


Upon initialization all words are set to all ones: 


public: 
perc64() 
: m_(63) 
reset(); 


“perc64() { ; } 
void reset () 
pos_ = 0; 
Type ff = 0; ff = “ff; 
for (uint k=0; k<64; ++k) x_[k] = ff; 
The cyclic shift of the array is avoided by working modulo 64 when feeding in words: 


void word_in(Type w) 


‘ uint p = pos_; 
pos_ = (pti) & m; 
uint h = (p-1) & m; 
Type a=x_[p&m_]; // 0 


[fxtbook draft of 2008-January-19] 


1.32: Permutations via primitives 81 


p t= 2; 
a“=x_[p&m_]; // 2 
+tp; 

a “= x_[p&m_]; // 3 
++p; 

a “= x_[p&m_]; // 4 
x_(h] =a ~* w; 


The algorithm corresponds to the Fibonacci setup of the linear feedback shift registers (see section 
on page [836). There is no primitive trinomial with degree a multiple of eight so we use the pentanomia. 


v4 4+ 44+ 23 + 2? +1. With an array size where a primitive trinomial exists the modulo computations 
would be more expensive. A unrolled routine can be used to feed in multiple words: 


void words_in(Type *w, ulong n) 


{ 
if ( n&i ) { word_in(w[0]); ++w; } 
n >>= 1; 
if ( n&1 ) { word_in(w[0]); word_in(w[1]); wt=2; } 
n >>= 1; 
for (ulong k=0; k<n; ++k) 
{ 
word_in(w[0]); 
word_in(w[1]); 
word_in(w[2]); 
word_in(w[3]); 
w t= 4; 
} 
} 


The program [FXT: \bits/pcrc64-demo.cc]| feeds the numbers up to a given value into a perc64<uint>: 


int main() 


Type n = 32768; 
perc64<Type> P; 
for (Type k=0; k<n; ++k) P.word_in(k); 


// print array P.x_[] here 
} 


This rather untypical type of input data illustrates the independence of the bits in the array x_[]: 


0: pak ded au 
de DUI dtd 1. 
Qe TLL. wit. dee cae « 
Oo DULTITITU iid .t.. tdd..<. 1, 
CS ee Oc Oy Gi i Be Gil i es i 
OS Seed eR we Hark ee See Viwedeg dey es 3 1 
Be GG aay a eae ae ete es Oe (ss I I 
Ze SUPA aaa 1.1.2. 21.1... 
St DULVTTUa dd d., dtL 1. 
Qs TALTITITITTII aT. wit... 
TOe yaoi ee ae eaee eared Wh phe bas bh 
11: 444441417171141415 171 i iilt 
Bo hea dk RAS EME E88 iE SS Es Ep a ee 
Se wh oters eee eeaerds T1iilillitliiti 
[--snip--] 
BOS be eee gaa eee a eee elelt titel 
60: iiiiiiiiiiiiiiiiilis Ti, tit. 2431 
Ss 2 eee rae gr dus Gute eee argc Pa bs hs Ge 11, 
62: iiiiiiiiiiiiiiiii,il tis iil y: 
O32 Sine he bass baw ES 112: i1.iitiliii 


The implementation can process about 2 GB of data per second when 64-bit types are used, 1 GB/s with 
32-bit types, 500 MB/sec with 16-bit types, and about 230 MB/sec with 8-bit types. 


1.32 Permutations via primitives 


We give two methods to specify permutations of the bits of a binary word via one or more control words. 
The methods are suggestions for machine instructions that can serve as primitives for permutations of 
the bits of a word. 


[fxtbook draft of 2008-January-19] 


82 Chapter 1: Bit wizardry 


A restricted method 


Generalizing the symbolic-powering idea given in section on page [45] we can specify a subset of all 
permutations by selecting bit-blocks of the masks (for 32-bit words) 


erate avd Whadat ates Gn eas 11111111111 
Ge sous topes 111 
11 


1 
addy 44. 
61.1.4 .1.1-4. 
Subsets of the blocks of the masks can 
highest bit of each block: 


bits 15... 
bits i ane 
oat ae bits 3 11. 
fe Danae Dee a ed te Deis te Det Dees a ll eee Uh bits 1 5 9 13... 
tdedelsdeled se telede ddd. tet bits 0 2 4 6 8 10 12 14... 


Thereby one can use all (except for the highest) bits of a word to select the blocks where the bits defined 
by the block and those left to it should be swapped. A implementation of the implied algorithm can be 


found in [FXT: bits/bitperm1-demo.cc). Arrays are used to give more readable code: 


void permi(uchar *a, ulong ldn, const uchar *x) 
// Permute a[] according to the ’control word’ x[]. 
// The length of a[] must be 2**ldn. 


{ 
long n = iL<<ldn; 
for (long s=n/2; s>0; s/=2) 
for (long k=0; k<n; kt=s+ts) 
{ 
if ( x[kts-1]!=’0’ ) 
// swap regions [atk,...,atkts-1], [atkts,...,atk+2*s-1]: 
swap(atk, atkts, s); 
} 
} 
} 
} 


No attempt has been made to optimize or parallelize the algorithm. We just explore how useful a machine 
instruction for the permutation of bits would be. 


The program uses a fixed size of 16 bits, an ‘x’ is printed whenever the corresponding bit is set: 
a=0123456789ABCDEF bits of the input word 
x=0010011000110110 control word 


3 11x 


1 x 9 13x 
: 0 x 4 6x 8 10x 12 14x 
a=01326754CDFEAB98 result 


FNHS00 


The control word used leads to the Gray code permutation (see |2. [2.8] on page |97). Assume we use words 
with N bits. We cannot (for N > 2) obtain all N! permutations as we can choose between only 2%~1 
control words. Now set the word length to N := 2”. The reachable permutations are those where the 
intervals [k- 27, ..., (k +1) - 2 — 1] contain all numbers [p- 27, ..., (p + 1) - 2? — 1] for all 7 <n and 
0 < k < 2”-/, choosing p for each interval arbitrarily (0 < p < 2”~/). For example, the lower half of 
the permuted array must contain a permutation of either the lower or the upper half (j = n — 1) and 
each pair day, @2y41 must contain two elements 2z, 27+ 1 (j = 1). The bit-reversal can be obtained 
using a control word with all bits set. Alas, the (important!) zip permutation (bit-zip, see section [1.14] 
on page [35) is unreachable. 


The inverse permutation is achieved by changing a single line: 
for (long s=1; s<n; s+=s) 


A machine instruction could choose between the two routines via the highest bit in the control word. 


[fxtbook draft of 2008-January-19] 


1.32: Permutations via primitives 83 


A general method 


All permutations of N = 2” elements can be obtained using n control words of N bits. Assume we have 
a machine instruction that collects bits according to a control word. An eight bit example: 


a 
x 


abcdefgh input data 


..1.11.1 control word (dots for zeros) 
cefh bits of a where x has a one 
abdg bits of a where x has a zero 


abdgcefh result, bits separated according to x 


We need n such instructions that work on all length-2" sub-words for 1 < k <n. For example, the 
instruction working on half words of a 16-bit word would work as 


a = abcdefgh ABCDEFGH input data 
xe lig dh Pet Ti Tes: control word (dots for zeros) 
ce ABCD bits of a where x has a one 
abdg EFGH bits of a where x has a zero 


abdgcefh EFGHABCD result, bits separated according to x 


Note the bits of the different sub-words are not mixed. Now all permutations can be reached if the control 
word for the 2*-bit sub-words have exactly 2*~1 bits set in all ranges [j- 2", ..., (j +1) - 2"). 


A control word together with the specification of the instruction used defines the action taken. The 
following leads to a swap of adjacent bit pairs 


120 a et ea k= 1 (2-bit sub-words) 
while this 
Led ehh the tO al et ade k= 5 (32 bit sub-words) 


results in gathering the even and odd indexed bits in the halfwords. 


A complete set of permutation primitives for 16-bit words and their effect on a symbolic array of bits 
(split into groups of four elements for readability) is 


0123 4567 89ab cdef 


at at et et bs eee = 4 ==> 89ab cdef 0123 4567 
1141 EL i. = 3 ==> cdef 89ab 4567 0123 
11..11..11..11.. = 2 ==> efcd ab89 6745 2301 
ded Ltd. beled. = 1 ==> fedc ba98 7654 3210 


The top primitive leads to a swap of the left and right half of the bits, the next to a swap of the halves of 
the half words and so on. The obtained permutation is array reversal. Note that we use array notation 
(least index left) here. 


The resulting permutation depends on the order in which the primitives are used. Starting with full 
words 


0123 4567 89ab cdef 


dediee Dede Til s deed = 4 ==> 1357 Qbdf 0246 8ace 
teteo del. tots. ted. = 3 ==> 37bf 159d 26ae 048c 
ted, tt. dele Ded. =2 ==> 7£3b 5d19 6e2a 4c08 
Pade Dt: eds. Lod. =1 ==> £7b3 d591 e6a2 c480 


The result is different when starting with 2-bit sub-words: 
0123 4567 89ab cdef 


ddss dT the bd =1 ==> 1032 5476 98ba dcfe 
eds. Lets Teds Leds =2 ==> 0213 4657 8a9b cedf 
take: dee TG De) dea d.s = 3 ==> 2367 0145 abef 89cd 
Pele: Aele tele. Leds = 4 ==> 3715 bf9d 2604 ae8c 


There are () possibilities to have z bits set in a 22-bit word. There are 2”~* length-2* sub-words in a 
2”-bit word so the number of valid control words for that step is 


(ey 


The product of the number of valid words in all steps gives the number of permutations: 
n 9k gk 
2")! = ff ea) (1.32-1) 


[fxtbook draft of 2008-January-19] 


84 Chapter 1: Bit wizardry 
1.33 CPU instructions often missed 


Essential 


e Bit-shift and bit-rotate instructions that work properly for shifts greater or equal to the word length: 
the shift instruction should zero the word, the rotate instruction should take the shift modulo word 
length. The C-language standards leave the results for these operations undefined and compilers 
simply emit the corresponding assembler instructions. The resulting CPU dependent behavior is 
both a source of errors and makes certain optimizations impossible. 

e A bit-reverse instruction. A fast byte-swap mitigates the problem, see section on page 

e Instructions that return the index of highest or lowest set bit in a word. 

e Fast conversion from integer to float and double (both directions). 


e A fused multiply-add instruction for floats. 


e Instructions for the multiplication of complex floating point numbers. For example, with 128-bit 
(SIMD) registers and 64-bit floats: 
// Here: R1 == A, B; R2 ==C, D; 
CMUL Ri, R2; 
// Here: R2 == A*C-B*¥D, A*D+B*C; 
e A sum-diff instruction, such as: 
// Here: Ri == A; R2 ==B; 
SUMDIFF Ri, R2; 
// Here: Ri == A+B; R2 == A-B; 
It serves as a primitive for fast orthogonal transforms. 


e An instruction to swap registers. Even better, a conditional version of that. 


Nice to have 


e A parity bit for the complete machine word. The parity of a word is the number of bits modulo 
two, not the complement of it. Even better would be an instruction for the inverse Gray code, see 


section on page 
e A bit-count instruction, see section [I.8]on page [19] This would also give the parity at bit zero. 
e A random number generator: LHCAs (see section [39.7] on page [842} may be candidates. 
e A conditional version of more than just the move instruction, possibly as an instruction prefix. 


e An instruction to detect zero bytes in a word, see section [1.21]on page[54| The C-convention is to 
use a zero byte as string terminator. Performance of the string related functions in the C-library 
could thereby be increased significantly. Ideally the instruction should exist for different word sizes: 
4-byte, 8-byte and 16-byte (possibly using SIMD extensions). 


e A bit-zip and a bit-unzip instruction, see section on page[35} Note this is polynomial squaring 
over GF (2). 


e A bit-gather and a bit-scatter instruction, see [FXT: bits/bitgather.h) and [FXT: bits/bitseparate.h). 


This would include bit-zip and its inverse. 
e Primitives for permutations of bits, see section on page 


e Multiplication corresponding to XOR as addition. That is, a multiplication without carries, the 
one used for polynomials over GF(2). See section on page and [FXT: bitpol_mult() in 


bpol/bitpol-arith.hi. 


[fxtbook draft of 2008-January-19] 


85 


Chapter 2 


Permutations 


In this chapter we first study several special permutations that are used as part of other algorithms like 
the revbin permutation used in radix-2 FFT algorithms. Then permutations in general together with the 
operations on them, like composition and inversion, are described. 


Algorithms for the generation of all permutations of a given number of objects are given in chapter [10] 
The connection to mixed radix numbers in factorial base is given in section 


2.1 The revbin permutation 


oO: [ * ] 

i: [ * ] 

2: [ * ] 

3: [ * ] 

a: [ * ] 

5: [ * ] 

6: [ * ] 

7: [ * J 

8: [ * ] oO: [ * ] 

9: [ * ] aie. * ] 

1o: [ * ] 2: [ * ] 

Lis of * J 32 [ * ] 

49%: 'L * ] 4: [ * ] oO: [ * ] 
13: [ * ] 5: [ * ] i: [ x J 
14: [ * ] 6: [ * J 2: [ * ] 
15: [ x ] 7: [ x ] 3: [ * ] 


Figure 2.1-A: Permutation matrices of the revbin permutation for sizes 16, 8 and 4. The permutation 
is self-inverse. 


The permutation that swaps elements whose binary indices are mutual reversals is called revbin permu- 
tation (sometimes also bit-reversal- or bitrev permutation). For example, for length n = 256 the element 
with index x = 4319 = 001010112 is swapped with the element whose index is 7 = 110101002 = 21240. 
Note that z depends on both x and on n. Pseudo code for a naive implementation is 


procedure revbin_permute(a[], n) 
// alO..n-1] input,result 


{ 
for x:=0 to n-1 
r := revbin(x, n) 
if r>x then swap(alx], alr]) 
} 
} 


[fxtbook draft of 2008-January-19] 


86 Chapter 2: Permutations 


The condition r>x before the swap() statement makes sure that the swapping is not undone later when 
the loop variable x has the value of the present r. The key ingredient for a fast permutation routine 


is the observation that we only need to update as bit-reversed values. Given we can compute o+l 
efficiently. Methods to do this are given in section |1.13.3} A faster routine will be of the form 


procedure revbin_permute(a[], n) 
// alO..n-1] input,result 


{ 
if n<=2 return 
r :=0 // the reversed 0 
for x:=1 to n-1 
r := revbin_upd(r, n/2) // inline me 
if r>x then swap(alx], alr]) 
} 
} 


A method to generate all revbin pairs via linear feedback shift registers is given in section on page 


About (n—./n)/2 swap ()-statements will be executed with the revbin permutation of n elements. That 
is, almost every element is moved for large n, as there are only few numbers with symmetric bit patterns: 


n: | 24 swaps # symm. pairs 
2: 0 2 
4: 2 2 
8: 4 4 
16: 12 4 
32: 24 8 
64: 56 8 
210: 992 32 
279: | 0.999 - 270 a 
oO: n-V/n Jn 


The sequence 
0, 2, 4, 12, 24, 56, 112, 238, 480, 992, 1980, 4032, 8064, 16242, 32512, 65280, 


is entry |A045687 of (214). 


Optimizations using the symmetries of the permutation 

The following symmetry can be used for further optimization: if for even x < $ there is a swap (for 
the pair x, #) then there is also a swap for the pairn —1—a,n—1—4. Asa < $ and & < $ one 
hasn—l—a# >} andn—1—2Z> 4. That is, the swaps are independent. A routine that uses these 
observations is 


procedure revbin_permute(a[], n) 


{ 
if n<=2 return 
nh :=n 
rie // the reversed 0 
while x<nh 
// x odd: 
roi= yr +_nh 
swap(alx], a[r]) 
x:=xti 
// x even: 
r := revbin_upd(r,n/2) // inline me 
a r>x then 
swap(a[x], alr]) 
swap(a[n-1-x], al[n-1-r]) 
xr=xti 
} 
} 


[fxtbook draft of 2008-January-19] 


2.1: The revbin permutation 87 


The code above can be used to derive an optimized version for zero padded data: 


procedure revbin_permuteO(a[], n) 


{ 


if n<=2 return 
nh := n/2 
r :=0 // the reversed 0 


x := 1 
pot x<nh 


// x even: 
r := revbin_upd(r, n) // inline me 
if r>x then swap(alx], alr]) 
// Omit swap of a[n-1-x] and a[n-1-r] as these are zero 
xi=xt+i 
} 
} 


One can carry the scheme further, distinguishing whether x mod 4 = 0, 1, 2 or 3. This is done in the 


actual C++ implementation [FXT: revbin_permute() in perm/revbinpermute.h,. The parameters 


#define RBP_SYMM 4 // 1, 2, 4 (default is 4) 
#define FAST_BIT_SCAN // define if machine has fast bit scan 


determine how much of the symmetry is used (RBP_SYMM) and which flavor of the revbin-update routine 
is chosen (FAST_BIT_SCAN). With a fast bit-scan instruction the table driven version is slightly faster. 
We further define a convenient macro to swap elements: 


#define idx_swap(k, r) { ulong kx=(k), rx=(r); swap2(f[kx], f[rx]); } 


The main routine uses unrolled versions of the revbin permutation for small values of n. These are given 
in [FXT: perm/shortrevbinpermute.h. For example, the unrolled routine for n = 16 is 


template <typename Type> 
inline void revbin_permute_16(Type *f) 


{ 
swap2(f[1], f£[8]); 
swap2(£[2], £[4]); 
swap2(f£[3], £[12]); 
swap2(f£[5], £[10]); 
swap2(£[7], £[14]); 
swap2(f[11], £[13]); 

} 


The code was generated with the program [FXT: perm/cycles-demo.cc , see section |2.11.3]/on page 


The routine revbin_permute_le_64(f,n) that is called for n < 64 selects the correct routine for the 
parameter n: 


template <typename Type> 
void revbin_permute(Type *f, ulong n) 


if ( n<=64 ) 
{ 


revbin_permute_le_64(f, n); 
return; 
} 
} 


If the table driven update is used, the table has to be initialized and, depending on the amount of 
symmetry used, also some auxiliary variables: 


const ulong nh = (n>>1); 
#ifdef FAST_BIT_SCAN 
make_revbin_upd_tab(nh) ; 


#endif 
#if ( RBP_SYMM >= 2 ) 
const ulong ni =n - 1; // = 11111111 
#if ( RBP_SYMM >= 4 ) 
const ulong nxi = nh - 2; // = 01111110 
const ulong nx2 = ni - nx1; // = 10111101 


#endif // ( RBP_SYMM >= 4 ) 


[fxtbook draft of 2008-January-19] 


88 


#endif 


// ( RBP_SYMM >= 2 ) 


Chapter 2: Permutations 


In what follows we set RBP_SYMM to 4 and omit the corresponding preprocessor statements. The cryptic 


and powerful main loop is 


ulong k = 0, r = 0; 
while ( k<n/RBP_SYMM 
{ 


|] ~---- KA == 
a ( r>k ) 


) 


idx_swap(k, r); 


idx_swap(n1i*k, ni*r); 
idx_swap(nx1°k, nx1r); 
idx_swap(nx2°k, nx2r); 


} 

r “= nh; 

++k; 

// ----- k/4 == 

if ( r>k ) 

{ 
idx_swap(k, r); 
idx_swap(ni*k, ni*r); 

} 


#ifdef FAST_BIT_SCAN 
r = revbin_tupd(r, k); 


#else 
#endif 


// n>=16, n/2>=8, n/4>=4 


// <oh, <nh 11 


// <nh, >nh 10 


r = revbin_upd(r, nh); 


|] ~---- Kh4 == 
if ( r>k ) 
{ 


idx_swap(k, 
idx_swap(n1 


} 

r “= nh; 

++k 

// ----- k/4 == 

if ( r>k ) 

{ 
idx_swap(k, r); 
idx_swap(nx1*k, nx1r); 

} 


#ifdef FAST_BIT_SCAN 
r = revbin_tupd(r, k); 


#else 
#endif 


} 
} // end revbin_permute() 


xr); 
“k, ni*r); // >nh, >nh 00 


// <oh, <nh 11 


// <nh, >nh 10 


r = revbin_upd(r, nh); 


++k; 


// >nh, >nh 00 
// <nh, <nh 11 
// >nh, >nh 00 


// >nh, <nh O01 


// <noh, >nh 10 


It turns out that the routine takes, for large n, about six times of the simple reverse() operation that 
swaps elements k with n —k —k. Much of the time is spend waiting for memory which suggests that 
further optimizations would best be attempted with special (machine) instructions to bypass the cache 
or with non-temporal writes. 


The routine [FXT: revbin_permute0() in perm/revbinpermute0.h) is a specialized version optimized for 
zero padded data. Some memory access can be avoided for that case. For example, revbin-pairs with 
both indices larger than n/2 need no processing at all. Therefore the routine is faster than the general 


version. 


If, for complex data, one works with separate arrays for the real and imaginary parts one can remove 
half of the bookkeeping as follows: 


procedure revbin_permute(al[], b[], n) 


if 
r 


n<=2 return 


for x:=1 to n-1 


:= 0 // the reversed 0 


[fxtbook draft of 2008-January-19] 


2.2: The radix permutation 89 


r := revbin_upd(r, n/2) // inline me 
if r>x then 


swap(alx], alr]) 
swap(b[x], b[r]) 


} 


If both real and imaginary part fit into level-1 cache the method can lead to a speedup. However, for 
large arrays the routine can be drastically slower than two separate calls of the simple method: typically 
the real and imaginary element for the same index lie apart in memory by a power of two, leading to one 
hundred percent cache miss for large array sizes. 


2.2 The radix permutation 


The radiz permutation is the generalization of the revbin permutation to arbitrary radices. Pairs of 
elements are swapped when their indices, written in radix r are reversed. For example, in radix 10 and 
n = 1000 the elements with indices 123 and 321 will be swapped. The radix permutation is self-inverse. 


C++ code for the radix r permutation of the array f[] is given in [FXT: |perm/radixpermute.h). The 


routine must be called with n a perfect power of the radix r. Using radix r = 2 gives the revbin 
permutation. 

extern ulong radix_permute_nt[]; // == 9, 90, 900, ... for r=10 

extern ulong radix_permute_kt[]; // == 1, 10, 100, ... for r=10 


#define NT radix_permute_nt 
#define KT radix_permute_kt 


template <typename Type> 
void radix_permute(Type *f, ulong n, ulong r) 


‘ ulong x = 0; 
NT(O] = r-1; 
KT[O] = 1; 
mle (1) 
ulong z = KT[x] * r; 
if ( z>n ) break; 
++X 5 
KT[x] = z; 
NT([x] = NT[x-1] * r; 
// here: n == p**x 
for (ulong i=0, j=0; i <n-1; i++) 
if ( i<j ) swap2(f[il, f[3]); 
ulong t = x - 1; 
ulong k = NT[t]; // == k= (r-1) *n/r; 
while ( k<=j ) 
{ 
j= By 
: k = NT[--t]; // == k /=1; 
j t= KT[t]; // ="= j t= (k/(r-1)); 
} 


2.3. In-place matrix transposition 


Transposing a matrix is easy when it is not done in-place. The simple routine [FXT: transpose() in 
aux2/transpose.h| does the job: 


[fxtbook draft of 2008-January-19] 


90 Chapter 2: Permutations 


template <typename Type> 
void transpose(const Type * restrict f, Type * restrict g, ulong nr, ulong nc) 
// Transpose nr x nc matrix f[] into an nc x nr matrix g[]. 


{ 
for (ulong r=0; r<nr; r++) 
{ 
ulong isrc = r * nc; 
ulong idst = r; 
for (ulong c=0; c<nc; ct+) 
{ 
glidst] = f[isrc]; 
isrc += 1; 
idst += nr; 
} 
} 
} 


Matters get more complicated for the in-place equivalent. We have to find the cycles (see section on 
page |104) of the underlying permutation. To transpose a n,; x m¢- matrix first identify the position 7 of 
the entry in row r and column c: 


i = r-nete (2.3-1) 
After the transposition the element will be at position 7’ in the transposed n/. x n/.- matrix 


{ = rented (2.3-2) 


Obviously, r’ =c, ¢ =r, ni. =n, and ni, = ny, so: 


{ = cnpt+r (2.3-3) 
Multiply the last equation by n, 
UNe = Co Np Net: Ne (2.3-4) 
With n:=n,-n-. and r-ne =i-—c we get 
U-ne = e-n+i-ce (2.3-5) 
i = @-ne—e-(n-1) (2.3-6) 
Take the equation modulo n — 1 to get 
i = @-ne mod (n—-1) (2.3-7) 


That is, the transposition moves the element 7 = i’ - n, to position 7’. Multiply by n,; to get the inverse: 


i-Np = U-Ne- Np (2.3-8) 
i-n, = @-(n-1+4+1) (2.3-9) 
ist, = i (2.3-10) 


That is, element i will be moved to i’ =i-n, mod (n-— 1). 


The routine [FXT: transpose() in aux2/transpose.h| uses the a bit-array to keep track of the elements 


that have been processed so far: 


#define SRC(k) (((unsigned long long) (k)*nc)%n1) 

template <typename Type> 

void transpose(Type *f, ulong nr, ulong nc, bitarray *ba=0) 
// In-place transposition of an nr X nc array 

// that lies in contiguous memory. 


{ 
if ( 1>=nr ) return; 
if ( 1>=nc ) return; 


if ( nr==nc ) transpose_square(f, nr); 


[fxtbook draft of 2008-January-19] 


2.4: Revbin permutation and matrix transposition * 91 


else 


const ulong ni = nr * nc - 1; 
bitarray *tba = 0; 
if ( 0O==ba ) tba 
else tba 
tba->clear_all(); 


for (ulong k=1; k<ni; k=tba->next_clear(+t+k) ) // O and ni are fixed points 


new bitarray(n1) ; 
ba; 


// do a cycle: 
ulong ks = SRC(k); 
ulong kd = k; 
tba->set (kd) ; 

Type t = f[kd]; 
date (ks !=k ) 


f[kd] = flks]; 


kd = ks; 
tba->set (kd) ; 
ks = SRC(ks); 
} 
f[kd] = t; 


} 
if ( 0==ba ) delete tba; 


} 


Note that one should take care of possible overflows in the calculation 7-n,.. For the case that n is a 
power of two (and so are both n,. and n.) the multiplications modulo n — 1 are cyclic shifts. Thus any 
overflow can be avoided and the computation is also significantly cheaper. A C++ implementation is 


given in [FXT: jaux2/transpose2.hi. 


2.4 Revbin permutation and matrix transposition * 


How would you rotate an (length-n) array by s positions (left or right), without using any scratch space. 
If you do not know the solution then try to find it before reading on. 


The trick is to use reverse() three times as in the following [FXT: rotate_left() in perm/rotate.h': 


template <typename Type> 

void rotate_left(Type *f, ulong n, ulong s) 
// Rotate towards element #0 

// Shift is taken modulo n 


{ 
if ( s==0 ) return; 
if ( s>=n ) 
if (n<2) return; 
s Z= n; 
} 
reverse (f, s); 
reverse(f+s, n-s); 
reverse (f, n); 
} 


The technique is usually called the triple reversion trick. For example left-rotating an 8-element array 
by 3 positions is achieved by the following steps: 


[12345678] 


[32145678] reverse first 3 elements 
[32187654] reverse last 8-3=5 elements 
[45678123] reverse whole array 


Similarly for the other direction. A right rotation of an n-element array by s positions is identical to a 
left rotation by n — s positions: 


[12345678] 
[54321678] reverse first 8-3=5 elements 
[54321876] reverse last 3 elements 


[fxtbook draft of 2008-January-19] 


92 Chapter 2: Permutations 


[67812345] reverse whole array 


template <typename Type> 

void rotate_right (Type *f, ulong n, ulong s) 
// Rotate away from element #0 

v Shift is taken modulo n 


if ( s==0 ) return; 
if ( s>=n ) 


if (n<2) return; 


s Z= n; 
} 
reverse(f, n-s); 
reverse(ftn-s, s); 
reverse (f, n); 


} 


What this has to do with our subject? When transposing an n, x n, matrix whose size is a power of two 
(thereby both n, and n, are also powers of two) the above mentioned rotation is done with the indices 
(written in base two) of the elements. We know how to do a permutation that reverses the complete 
indices and reversing a few bits at the least significant end is not any harder: 


template <typename Type> 

void revbin_permute_rows(Type *f, ulong ldn, ulong ldnc) 

// Revbin-permute the length 2**ldnc rows of f£[0..2**1dn-1] 
v (£[] considered as an 2**(ldn-ldnc) x 2**ldnc matrix) 


ulong n = 1UL<<ldn; 
ulong nc = 1UL<<ldnc; 
for (ulong k=0; k<n; kt=nc) revbin_permute(ftk, nc); 


} 
And there we go: 


template <typename Type> 
void transpose_by_rbp(Type *f, ulong ldn, ulong ldnc) 
// Transpose f[] considered as an 2**(ldn-ldnc) x 2**ldnc matrix 


revbin_permute_rows(f, ldn, ldnc); 

ulong n = 1UL<<ldn; 

revbin_permute(f, n); 

revbin_permute_rows(f, ldn, ldn-ldnc); // ... that is, columns 
} 


The triple-reversion trick can also be used to swap two blocks in an array: first reverse the three ranges 
(first blocks, range between block, last block), then reverse the range that consists of all three. This is 


the quadruple reversion trick. The corresponding code is given in [FXT: perm/swapblocks.h): 


template <typename Type> 

void swap_blocks(Type *f, ulong x1, ulong ni, ulong x2, ulong n2) 
// Swap the blocks starting at indices x1 and x2 

// ni and n2 are the block lengths 


if ( x1>x2 ) { swap2(x1,x2); swap2(ni,n2); } 


ulong n = x2 + n2; 
reverse(f, ni); 
reverse(f+ni, n-ni-n2); 
reverse (f+x2, n2); 
reverse(f, n); 


The elements before x1 and after x2+n2 are not accessed. An example [FXT: perm/swap-blocks-demo.cc’: 


vvvvyv vvvv <--= want to swap these blocks 
[01234 abcde78wxyz NN] orig. data 
[01234 edcba78wxyz NN] _ reverse first block 
[01234 edcba87wxyz NN] _ reverse range between blocks 
[01234 edcba87zyxw NN] _ reverse second block 
[01234 wxyz78abcde NN] _ reverse whole range 


oe Re <--= the swapped blocks 


[fxtbook draft of 2008-January-19] 


2.5: The zip permutation 93 


The effect of swap_blocks(f, x1, nl, x2, n2) can be undone via 
swap_blocks(f, x1, n2, x2+n2-n1, n1). 


2.5 The zip permutation 


oO: [ * ] oO: [ * J 
1: [ * ] oleae E * ] 
2: [ * J 2: [ * J 
3: [ * 1 3: [ * J 
4: [ * J 4: [ * J 
5: [ * 1 5: [ * J 
6: [ * J 6: [ * J 
Te. * ] 7: [ * J 
8: [ * ] 8: [ * ] 
9: [ * ] 9: [ * J 
10: [ * ] 10: [ * J 
11: [ * ] 11: [ * J 
12: [ * ] 12: [ * J 
13: [ * J 13: [ * J 
14: [ * ] 14: [ * J 
15: [ * ] 15: [ * | 


Figure 2.5-A: Permutation matrices of the zip permutation (left) and its inverse, the unzip permutation 
(right). The zip permutation moves the lower half of the array to the even indices and the upper half to 
the odd indices. 


The zip permutation moves the elements from the lower half to the even indices and the elements from 
the upper half to the odd indices. Symbolically, 

[TabcdABCD] |--> LaAbBcCdD] 
The size of the array must be even. A routine for the permutation is 


template <typename Type> 
void zip(const Type * restrict f, Type * restrict g, ulong n) 


ulong nh = n/2; 
for (ulong k=0, k2=0; k<nh; ++k, k2t+=2) g[k2] 
for (ulong k=nh, k2=1; k<n; ++k, k2+=2) g[k2] 


f[k]; 
f[k]; 


} 


When the array size is a power of two we can use a special case of the ‘transposition by revbin permutation’ 
idea to do the operation in-place [FXT: zip in perm/zip.hi: 


template <typename Type> 
void zip(Type *f, ulong n) 
{ 


ulong nh = n/2; 
revbin_permute(f, nh); revbin_permute(f+nh, nh); 
revbin_permute(f, n); 


} 


If we have a type Complex consisting of two doubles lying contiguous in memory we can optimize the 
procedure: 


void zip(double *f, long n) 
{ 
revbin_permute(f, n); 
revbin_permute((Complex *)f, n/2); 
} 


The inverse of the zip permutation is the unzip permutation. We only give the in-place version based on 
the revbin permutation, the array size must be a power of two: 


template <typename Type> 
void unzip(Type *f, ulong n) 
{ 


[fxtbook draft of 2008-January-19] 


94 Chapter 2: Permutations 


ulong nh = n/2; 
revbin_permute(f, n); 
revbin_permute(f, nh); revbin_permute(f+nh, nh); 
} 
The routine can for the type double again be optimized as 


void unzip(double *f, long n) 


revbin_permute((Complex *)f, n/2); 
revbin_permute(f, n); 


Connection to matrix transposition 
For arrays whose size n is not a power of two the in-place zip permutation can be obtained by transposing 
the data as a 2 x n/2 matrix: 

transpose(f, 2, n/2); // == zip(f, n) 


The routines for in-place transposition are given in section[2.3]on page[89} The inverse is clearly obtained 
by transposing the data as a n/2 x 2 matrix: 


transpose(f, n/2, 2); // ="= unzip(f, n) 
Oo: [ * ] Oo: [ * J 
1: [ * J pea * J 
2: [ * J 2: [ * J 
3: [ * J 3: [ * J 
4: [ * ] 4: [ * ] 
5: [ * J 5: [ * J 
6: [ * J 6: [ * J 
7: 0 * ] te. * J] 
8: [ * 1 8: [ * J 
9: [ * ] 9: [ * J 
10: [ * ] 10: [ * J 
143° * J 11: [ * J 
12: [ * J 12: [ * J 
13: [ * J 13: [ * J 
14: [ * J 14: [ * J 
15: [ * ] 15: [ * | 


Figure 2.5-B: Revbin permutation matrices that, when multiplied together, give the zip permutation 
and its inverse. Let L and R be the permutations given on the left and right side, respectively. Then 
Z=RLand Z-'=LR. 


While the above mentioned technique is usually not a gain for doing a transposition it may be used 
to speed up the revbin permutation itself. We operator-ize the idea to see how. Let R be the revbin 
permutation revbin_permute(), T(n,, 7.) the transposition of the n, xn, matrix and R(n,) the operation 
done by revbin_permute_rows() (see section [2.4] on page|91). Then 

T(nr,Me) = R(n,)-R- R(ne) (2.5-1) 
The R-operators are their own inverses while T’ is in general not self inversq!| 


R = R(n,)-T(n-, ne) + R(ne) (2.5-2) 


There is a degree of freedom in this formula: for fixed n = n, x n- one can choose one of n, and n, (only 
their product is given). 


1For nr = ne it of course is. 


[fxtbook draft of 2008-January-19] 


2.6: The reversed zip permutation 95 


2.6 The reversed zip permutation 


A permutation closely related to the zip permutation is the reversed zip permutation. It moves the lower 
half of an array to the even indices and the upper half to the odd indices in reversed order. Symbolically, 


[abcdABCD] |-> LaDbCcBdaA] 


A C++ routine is [FXT: zip_rev() in |perm/ziprev.h!: 


template <typename Type> 
void zip_rev(const Type * restrict x, Type * restrict y, ulong n) 
// n must be even 


const ulong nh = n/2; 


for (ulong k=0, k2=0; k<nh; k++, k2+=2) y([k2] = x(k]; 
for (ulong k=nh, k2=n-1; k<n; k++, k2-=2) y(k2] = x[k]; 
} 

Oo: [ * ] Oo: [ * J 
die * J te * J 
2: [ * J 2: [ * J 
3: [ x J 3: [ * ] 
4: [ * J 4: [ * J 
5: [ * ] 5: [ * J 
6: [ * ] 6: [ * ] 
7: [ * ] eL * J 
8: [ * J 8: [ * | 
9: [ * ] 9: [ * J 
10: [ * ] 10: [ * J 
11: [ * ] 11: [ * J 
12: [ * J 12: [ * J 
13: [ * J 13: [ * J 
14: [ * ] 14: [ * J 
15: [ * J 15: [ * J 


Figure 2.6-A: Permutation matrices of the reversed zip permutation (left) and its inverse (right). 


The in-place version can, if the array length is a power of two, be implemented as 


template <typename Type> 
void zip_rev(Type *x, ulong n) 
// n must be a power of two 


{ 
const ulong nh = n/2; 
reverse(x+nh, nh); 
revbin_permute(x, nh); revbin_permute(x+nh, nh); 
revbin_permute(x, n); 
} 


The inverse permutation [FXT: unzip_rev() in perm/ziprev.h| can be implemented as 


template <typename Type> 
void unzip_rev(const Type * restrict x, Type * restrict y, ulong n) 
// n must be even 


const ulong nh = n/2; 
for (ulong k=0, k2=0; k<nh; k++, k2+=2) ylk] 
for (ulong k=nh, k2=n-1; k<n; k++, k2-=2) y([k] 


x[k2]; 
x[k2]; 


} 
The in-place version is 


template <typename Type> 
void unzip_rev(Type *x, ulong n) 
// n must be a power of two 


{ 

const ulong nh = n/2; 

revbin_permute(x, n); 

revbin_permute(x, nh); revbin_permute(x+nh, nh); 
; reverse(x+nh, nh); 


[fxtbook draft of 2008-January-19] 


96 Chapter 2: Permutations 


The given permutation is used in an algorithm where the cosine transform is computed using the Hartley 
transform, see section |24.11]on page 


We write Z and Z~! for the zip permutation and its inverse, Z and Z~! for the reversed zip permutation 
and its inverse, and R for the revbin permutation. Then the following relations hold: 


Z = RZOC1RH= ZZ 'Z (2.6-1a) 

2s R2>°Ra22 2 (2.6-1b) 

Z = RZR= 7 *7ZzZ* (2.6-1c) 

Lo = He Sa Be (2.6-1d) 

2.7 The XOR permutation 
0: [ * ] .— * ] * ] . ] 
1: — * ] .* } * ] * ] 
2: [ * } * ] .* ] .— * ] 
3: [ * 1. * ] .— * ] .* ] 
4: [ * I * ] * ] +] 
5: . 1 if * ] *] * J 
6: [ * ] © +] OC . ] * ] 
7 +] OC * ] © * ] * ] 
x =0 x=l x=2 x=3 
o: [ * ] * ] * ] © +] 
1: 0 . Til . ] *] * J 
2: [ * 4 out +] OC * ] * ] 
3: [ +] * ] © * ] * ] 
4: [ * Toh ] * ] . ] 
5: — * ] Cx } * ] * ] 
6: [ * ] * ] .* ] .[— * ] 
7: * } * 1 oc # ] .* ] 
x=4 x=5 x=6 x= 7 


Figure 2.7-A: Permutation matrices of the XOR permutation for length 8 with parameter z = 0...7. 
Compare to the table for the dyadic convolution shown in figure on page [446] 


The XOR permutation may be explained most simply by its trivial implementation: [FXT: 
xor_permute() in|perm/xorpermute.h): 


template <typename Type> 
void xor_permute(Type *f, ulong n, ulong x) 


if ( O==x ) return; 
for (ulong k=0; k<n; ++k) 


ulong r = k*x; 
if ( r>k ) swap2(f[r], f[k]); 


} 


The XOR permutation is evidently self-inverse. The array length n must be divisible by the smallest 
power of two that is greater than x: for example, n must be even if x = 1, n must be divisible by four if 
x = 2 or x = 3. With n a power of two and x < n one is on the safe side. 


The XOR permutation contains a few other permutations as important special cases (for simplicity assume 
that the array length n is a power of two): when the third argument x equals n — 1 then the permutation 
is the reversion, with « = 1 neighboring even and odd indexed elements are swapped, with « = n/2 the 
upper and the lower half of the array are swapped. 


[fxtbook draft of 2008-January-19] 


2.8: The Gray code permutation 97 


One has 
X_Xp = XypXq = Xe where c=aXORD (2.7-1) 


For the special case a = b the relation expresses the self-inverse property as Xo is the identity. The XOR 
permutation often occurs in relations between other permutations where we will use the symbol X,, the 
subscript denoting the third argument. 


2.8 The Gray code permutation 


Oo: [ * ] Oo: [ * J 
4: [ * J ae * J 
2: [ * ] 2 * ] 
3: [ * J 3: [ * J 
4: [ * J 4: [ * J 
5: [ * J 5: [ * J 
6: [ * J 6: [ * J 
7: [ * J 7: * J 
8: [ * ] 8: [ * J 
9: [ * J 9: [ * ] 
10: [ * ] 10: [ * | 
11: [ * J 11: [ * J 
12: [ * ] 12: [ * J 
13: [ * ] 13: [ * J 
14: [ * J 14: [ * J 
15: [ * J 15: [ * J 


Figure 2.8-A: Permutation matrices of the Gray code permutation (left) and its inverse (right). 


The Gray code permutation (or simply Gra Frtefon vege Be reorders (length-2”) arrays according to 
36 


the binary Gray code described in section |1. (ee 1.15} on page |36} A routine for the permutation is [FXT: 
perm/graypermute.h : 


template <typename Type> 
inline void gray_permute(const Type *f, Type * restrict g, ulong n) 
// Put Gray permutation of f[] to gl], i.e. glgray_code(k)] == f[k] 


for (ulong k=0; k<n; ++k) glgray_code(k)] = f[k]; 
} 
Its inverse is 
template <typename Type> 
inline void inverse_gray_permute(const Type *f, Type * restrict g, ulong n) 
// Put inverse Gray permutation of f[] to gl], i.e. glk] == f[gray_code(k)] 


// (same as: g[inverse_gray_code(k)] == f[k]) 
{ 


} 


for (ulong k=0; k<n; ++k) glk] = flgray_code(k)]; 


We again use calls to gray_code() because they are cheaper than the computation of 
inverse_gray_code(). 


We now give in-place versions of the above routines that offer very good performance. It is necessary to 
identify the cycle leaders (see section on page}104) of the permutation and find an efficient way to 
generate them. 


2.8.1 Cycles of the permutation 


It is instructive to study the complementary masks that occur for cycles (see section on page |104) 
of different lengths. The cycles of the Gray code permutation for length 128 are shown in figure 


No structure is immediately visible. 


[fxtbook draft of 2008-January-19] 


98 Chapter 2: Permutations 


0: ( 2, 3) #=2 

1: ( 4, 7, 5, 6) #54 

2: ( 8, 15, 10, 12) #=4 

3: ( 9, 14, 11, 13) #=4 

4: ( 16, 31, 21, 25, 17, 30, 20, 24) #58 
5: ( 18, 28, 23, 26, 19, 29, 22, 27) #=8 
6: ( 32, 63, 42, 51, 34, 60, 40, 48) #=8 
7: ( 33, 62, 43, 50, 35, 61, 41, 49) #58 
8: ( 36, 56, 47, 53, 38, 59, 45, 54) #=8 
9: ( 37, 57, 46, 52, 39, 58, 44, 55) #=8 
10: ( 64,127, 85,102, 68,120, 80, 96) #=8 
11: ( 65,126, 84,103, 69,121, 81, 97) #=8 
12: ( 66,124, 87,101, 70,123, 82, 99) #=8 
13: ( 67,125, 86,100, 71,122, 83, 98) #=8 
14: ( 72,112, 95,106, 76,119, 90,108) #=8 
15: ( 73,113, 94,107, 77,118, 91,109) #=8 
16: ( 74,115, 93,105, 78,116, 88,111) #=8 
17: ( 75,114, 92,104, 79,117, 89,110) #=8 


126 elements in i8 nontrivial cycles. 
cycle lengths: aera 8 
2 fixed points: [0. 1] 


Figure 2.8-B: Cycles of the Gray code permutation of length 128. 


However, one can generate the cycle maxima as follows: for each range 2*...2*+! — 1 generate a bit- 
mask z that is obtained from the k + 1 leftmost bits of the infinite word that has bits set at positions 
Oye Aes ecu ls cust 


[111010001000000010000000000000001000 ...] 


An example: for k = 6 we have z =[1110100]. Then take v to be k +1 leftmost bits of the complement, 
v =[0001011] in our example. Now the set of words c= z+ s where s is a subset of v contains exactly 


one element of each cycle in the range 2"... 2*+! = 64...127: 


117 = .111.1,1 
118 = .111.11. 
119 = .111,111 
124 = .11111.. 
125 = .11111.1 
126 = .111111. 
127 = .1111111 
lie. = 11... 
maxima = z XOR subsets(v) where 
z= .111,1.. 
ve=.....1.11 


The words obtained are actually the cycle maxima. The list can be generated with the program 
FXT: perm/permgray-leaders-demo.cc) which uses [FXT: class gray_cycle_leaders in comb/gray- 
eycle-leaders.h 


class gray_cycle_leaders 
// Generate cycle leaders for Gray code permutation 
// where highest bit is at position ldn. 


{ 

public: 
bit_subset b_; 
ulong za_; // mask for cycle maxima 
ulong zi_; // mask for cycle minima 


ulong len_; // cycle length 
ulong num_; // number of cycles 


public: 
gray_cycle_leaders(ulong ldn) // O0<=ldn<BITS_PER_LONG 
: b_(O) 
init (1dn) ; 


~gray_cycle_leaders() {;} 


void init(ulong 1dn) 
{ 


za_ = 1; 
ulong cz = 0; // “z 


[fxtbook draft of 2008-January-19] 


2.8: The Gray code permutation 99 


len_ = 1; 
num_ = 1; 
for (ulong ldm=1; ldm<=ldn; ++ldm) 
{ 
za_ <<= 1; 
cz <<= 1; 
if ( is_pow_of_2(ldm) ) 
++Za_; 
len_ <<= 1; 
} 
else 
++cz; 
num_ <<= 1; 
} 


zi_ = iUL << ldn; 


b_.first (cz); 
} 


ulong current_max() const { return b_.current() | za_; } 
ulong current_min() const { return b_.current() | zi_; } 


next () 
return ( 0!=b_.next() ); 
ulong num_cycles() const { return num_; } 


ulong cycle_length() const ‘{ return len_; } 
}; 


The implementation uses the bit-subset class described in section on page [63] 


2.8.2 In-place routines 


For the in-place versions of the permutation routines are obtained by inlining the generation of the cycle 


leaders. The forward version is [FXT:|perm/graypermute.h : 


template <typename Type> 
void gray_permute(Type *f, ulong n) 
{ 


ulong z = 1; // mask for cycle maxima 
ulong v = 0; // ~z 

ulong cl = 1; // cycle length 

for (ulong ldm=1, m=2; m<n; ++ldm, m<<=1) 


z <<= 1; 
v <<= 1; 
if ( is_pow_of_2(1ldm) ) 


F#Z5 
cl <<= 1; 


else +ttv; 


bit_subset b(v); 


do 
{ 
// --- do cycle: --- 
ulong i =z | b.next(); // start of cycle 
Type t = f[il; // save start value 
ulong g = gray_code(i); // next in cycle 
for (ulong k=cl-1; k!=0; --k) 
{ 
Type tt = flg]; 
f[g] = t; 
t = tt; 
g = gray_code(g) ; 
} 
f[g] = t; 
// --- end (do cycle) --- 
} 


[fxtbook draft of 2008-January-19] 


100 


while ( b.current() ); 
} 


Chapter 2: Permutations 


The function is_pow_of_2() is described in section [1.7] on page The inverse routine differs only in 


the block that processes the cycles: 


template <typename Type> 
void inverse_gray_permute(Type *f, ulong n) 


{ 
[--snip--] 
// --- do cycle: --- 
ulong i = z | b.next(); // start of cycle 
Type t = f[il; // save start value 
ulong g = gray_code(i); // next in cycle 
for (ulong k=cl-1; k!=0; --k) 
{ 
£[i] = fle]; 
i=; 
g = gray_code(i); 
} 
f[i] = t; 
// --- end (do cycle) --- 
[--snip--] 
} 


2.8.3. Performance of the routines 


How fast is the Gray code permutation? We use the convention that the speed of the trivial (and 


) reverse() is 1.0, our hereby declared 


completely cache-friendly, therefore running at memory bandwidth 
time unit for comparison [FXT: perm/reverse.h). A little benchmark gives, for large (16 MB) arrays: 


arg 1: 21 == 1ldn [Using 2**ldn elements] default=21 
arg 2: 10 == rep [Number of repetitions] default=10 


Memsize = 16384 kiloByte == 2097152 doubles 
reverse(f,n); dt= 0.0103524 MB/s= 
revbin_permute(f,n) ; dt= 0.0674235 MB/s= 
revbin_permute0(f ,n) ; dt= 0.061507 MB/s= 
gray_permute(f ,n) ; dt= 0.0155019 MB/s= 
inverse_gray_permute(f,n) ; dt= 0.0150641 MB/s= 
reverse(f,n); dt= 0.0104008 MB/s= 


1546 
237 
260 

1032 

1062 

1538 


rel= 
rel= 
rel= 
rel= 
rel= 
rel= 


1 
6.51282 
5.94131 
1.49742 
1.45512 
1.00467 


We timed reverse() twice to get an impression how much we can trust the observed numbers. 


While the revbin permutation takes about 6 units (due to its memory access pattern that is very prob- 
lematic with respect to cache usage) the Gray code permutation needs only 1.50 units. The difference 
gets bigger for machines with relatively (to the CPU) slow memory. The Gray code permutation can 
be used to speed up fast transforms of large lengths a power of two, notably the Walsh transform, see 


chapter [22]on page [429] 


The bandwidth of the reverse() is about 1500 MB/sec which should be compared to the output of a 
memory testing program, revealing that it actually runs at about the bandwidth of copying via a simple 


loop using pointers to doubles: 


avg: 16777216 [ 0]"memcpy" 2522. 
avg: 16777216 [ 1]"char *" 471. 
avg: 16777216 [ 2]"short *" 711. 
avg: 16777216 [ 3]"int *" 956. 
avg: 16777216 [ 4]"long *" 1514. 
avg: 16777216 [ 5]"long * (4x unrolled)" 1330. 
avg: 16777216 [ 6]"int64 *" 1329. 
avg: 16777216 [ 7]"double *" 1329. 
avg: 16777216 [ 8]"double * (4x unrolled)" 1325. 


084 
873 
853 
682 
360 
786 
902 
507 
437 


MB/s 
MB/s 
MB/s 
MB/s 
MB/s 
MB/s 
MB/s 
MB/s 
MB/s 


// <-- 


The relative speeds are quite different for small arrays. Using a size of 16 kB (2048 doubles) we obtain 


arg 1: 11 == 1ldn [Using 2**ldn elements] default=21 
arg 2: 100000 == rep [Number of repetitions] default=51 


[fxtbook draft of 2008-January-19] 


2 


2.9: The reversed Gray code permutation 101 


Memsize = 16 kiloByte == 2048 doubles 
reverse(f,n); dt=1.88726e-06 MB/s= 8279 rel= 1 
revbin_permute(f,n); dt=3 .22166e-06 MB/s= 4850 = rel= 1.70706 
revbin_permute0(f ,n) ; dt=2.69212e-06 MB/s= 5804 rel= 1.42647 
gray_permute(f,n); dt=4.75155e-06 MB/s= 3288 rel= 2.51769 
inverse_gray_permute(f ,n) ; dt=3 .69237e-06 MB/s= 4232 rel= 1.95647 
reverse(f,n); dt=1.88833e-06 MB/s= 8275 = rel= 1.00057 


due to the small size, the cache problems are gone. 


The memory benchmark gives for that size 


avg: 16384 [ 0]"memcpy" 3290.353 MB/s 
avg: 16384 [ 1]"char *" 572.922 MB/s 
avg: 16384 [ 2]"short *" 973.552 MB/s 
avg: 16384 [ 3]"int *" 1495.920 MB/s 
avg: 16384 [ 4]"long *" 3560.506 MB/s 
avg: 16384 [ 5]"long * (4x unrolled)" 3220.792 MB/s 
avg: 16384 [ 6]"int64 *" 2498.137 MB/s 
avg: 16384 [ 7]"double *" 2498.285 MB/s // <--= 
avg: 16384 [ 8]"double * (4x unrolled)" 3219.784 MB/s 


2.9 The reversed Gray code permutation 


Oo: [ * J Oo: [ * ] 
1: [ * J 1: [ * ] 
2: [ * ] 23) [ * ] 
3: [ * ] ok * ] 
4: [ * J 4: [ * ] 
5: [ * J 5: [ * J 
6: [ * J 6: [ * ] 
7: [ * ] 7: OE * ] 
8: [ * ] 8: [ * ] 
9: [ * ] 9: [ * | 
10: [ * J 10: [ * J 
11: [ * ] 41: [ * ] 
12: [ * J 12: [ * J 
13: [ * ] 13: [ * i 
14: [ * ] 14: [ * ] 
15: [ * ] 15: [ * ] 


Figure 2.9-A: Permutation matrices of the reversed Gray code permutation (left) and its inverse (right). 


If the length-n array is permuted in the way the upper half of the length-2n array would be permuted by 
gray_permute() then all cycles are of the same length. The resulting permutation is equivalent to the 
reversed Gray code permutation: 


template <typename Type> 

inline void gray_rev_permute(const Type *f, Type * restrict g, ulong n) 
// gray_rev_permute() =7= 

// { reverse(); gray_permute(); } 

{ 


} 


The routine, its inverse and in-place versions are given in [FXT: perm/grayrevpermute.h). 


All cycles have the same length, gray_rev_permute(f, 64) gives: 


for (ulong k=0, m=n-1; k<n; ++k, --m) gl[gray_code(m)] = f[k]; 


0: (€ O, 63, 21, 38, 4, 56, 16, 32) #=8 
1: ( 1, 62, 20, 39, 5, 57, 17, 33) #=8 
2: ( 2, 60, 23, 37, 6, 59, 18, 35) #=8 
3: ( 3, 61, 22, 36, 7, 58, 19, 34) #=8 
4: ( 8, 48, 31, 42, 12, 55, 26, 44) #=8 
5: (€ 9, 49, 30, 43, 13, 54, 27, 45) #=8 
6: ( 10, 51, 29, 41, 14, 52, 24, 47) #=8 


[fxtbook draft of 2008-January-19] 


102 Chapter 2: Permutations 


7: ( 11, 50, 28, 40, 15, 53, 25, 46) #=8 
64 elements in 8 nontrivial cycles. 
cycle length is == 

No fixed points. 


If 64 is added to the indices then the cycles in the upper half of the array as in gray_permute(f, 128) 
are reproduced (by construction). 


Let G denote the Gray code permutation, G the reversed Gray code permutation. Symbolically one can 
write 


G(n) = {..., G(n/8), G(n/4), G(n/2)} (2.9-1a) 
Gh(n) = {...,G@*(n/8), G7"(n/4), G7*(n/2)} (2.9-1b) 


Now let r be the reversion and hf the permutation that swaps the upper and the lower half of an array. 
Then 


G = Gr=hG (2.9-2a) 
G* = rq! (2.9-2b) 
G'G = G'@=r= Xnei (2.9-2c) 
GG* = GG*=h = Ke (2.9-2d) 


Throughout it is assumed that the array length n is a power of two. 


2.10 Decomposing permutations * 


In this section we will see some algorithms that use a certain type of decomposition (factorization in 
term of matrices) of some of the permutations we have studied so far. The resulting algorithms involve 
proportional n-log(n) computations for length-n arrays. This might seem to render the schemes worthless 
as one can always obtain a permutation with work proportional to n. There are, however, situations 
where one can use the algorithms advantageously. Firstly, with bit manipulations, where the whole 
binary words are modified in one or a few statements. The corresponding algorithms are therefore 
only proportional log(n). Secondly, when the algorithm can be used implicitly in order to integrate the 
permutation in a fast transform. The work can sometimes be reduced to zero in that case. 


Array reversal 


The most simple example might be the reversion via 


template <typename Type> 
void permi(Type *f, ulong n) 
// From shorter to longer sub-arrays. 


for (ulong k=2; k<=n; k*=2) 
for (ulong j=0; j<n; j+=k) func(ft+j, k); 
} 
where func() swaps the upper and lower half of an array: 


template <typename Type> 
void func(Type *f, ulong ldn) { swap(f, f+n/2, n/2); } 


This idea has been exploited in section on page [30] in order to obtain a bit-reversal routine. The 
reversal is a self-inverse operation. Therefore one can alternatively execute the steps in reverse order and 
still get the same permutation: 


[fxtbook draft of 2008-January-19] 


2.10: Decomposing permutations * 103 


template <typename Type> 
void perm2(Type *f, ulong n) 
// From longer to shorter sub-arrays. 


: for (ulong k=n; k>=2; k/=2) // k == n, n/2, n/4, ... , 4, 2 
: for (ulong j=0; j<n; jt+=k) func(ft+j, k); 

: } 

Note that func() in turn can be obtained via 


reverse(f, n); 
reverse(f, n/2); reverse(f+n/2, n/2); 


or the same statements in reversed order. 


Gray code permutation 


Let us try a less obvious example, use perm1() with func() defined to swap the third and fourth quarter: 
swap(f+n/2, f+n/2+n/4, n/4); // quarters: [0,1,2,3]-->[0,1,3,2] 
The resulting permutation is the Gray permutation. The other way round (using perm2()) one obtains 
the inverse Gray permutation. 
Using func() defined as 
reverse(ftn/2, n/2); 
one gets the Gray permutation through perm2(), its inverse through perm1(). This idea has been used 


in the core-routine for the sequency-ordered Walsh transform described in section on page The 
work for the Gray permutation has been completely vaporized there. 


Note that the routine that swaps the halves of the upper half array could be obtained as either of 


inverse_gray_permute(f, n); 
gray_permute(f, n/2); gray_permute(f+n/2, n/2); 


or 


inverse_gray_permute(f, n/2); inverse_gray_permute(f+n/2, n/2); 
gray_permute(f, n); 


Similarly, the routine that reverses the upper half can be obtained as either of 


gray_permute(f, n/2); gray_permute(f+n/2, n/2); 
inverse_gray_permute(f, n); 


or 


gray_permute(f, n); 
inverse_gray_permute(f, n/2); inverse_gray_permute(f+n/2, n/2); 


The corresponding routines to Gray-permute the bits of a binary word are given in [FXT: 


bits/bitgraypermute.h. 


Zip and revbin permutation 


Using func() defined to swap the second and third quarter 
swap(ftn/4, f+n/2, n/4); // quarters: [0,1,2,3]-->[0,2,1,3] 


Then with perm2() one gets the zip permutation, perm1() gives the inverse. This idea has been used for 
the bit-wise zip shown in section on page 
Using func() to cycle the second, third and fourth quarter: 

// quarters: [0,1,2,3]-->[0,2,3,1] 


which was obtained using 


[fxtbook draft of 2008-January-19] 


104 Chapter 2: Permutations 


zip_rev(f, n); 
unzip_rev(f, n/2); unzip_rev(f+n/2, n/2); 


both the reversed zip permutation and its inverse can be computed in the now hopefully obvious way. 


The revbin permutation can be generated through the zip permutation or its inverse. However, the zip 
permutation is the more complicate one, so absorbing the revbin permutation into fast transforms does 
not seem to be easy. The other way round it makes more sense: 


revbin_permute(f, n/2); revbin_permute(ftn/2, n/2); 
revbin_permute(f, n); 


Is a convenient (though not the most effective) way to compute the zip permutation. 


Clearly, the idea presented here is in analogy with the decomposition of linear transforms. Finally the 
permutations are (very simple forms of) linear transforms. See also section on page[81| 


2.11 General permutations and their operations 


So far we treated special permutations that occurred as part of other algorithms. It is instructive to 
study permutations in general with the operations (as composition and inversion) on them. 


2.11.1 Basic definitions and operations 


A straightforward way to represent a permutation is to consider the array of indices that for the original 
(unpermuted) data would be the length-n canonical sequence 0, 1, 2, ..., 7 — 1. The mentioned trivial 
sequence represents the ‘do-nothing’ permutation or identity. The concept is best described by the routine 


that applies a given permutation x on an array of data f: after the routine has finished the array g will 
contain the elements of f reordered according to « [FXT: apply_permutation() in|perm/permapply.h': 
template <typename Type> 

void apply_permutation(const ulong *x, const Type *f, Type * restrict g, ulong n) 


// Apply the permutation x[] on f[] 
// i.e. set glk] <-- flx[k]] \forall k 


for (ulong k=0; k<n; ++k) gI[k] = f[x[k]]; 
} 


An example using strings (arrays of characters): the permutation represented by 
t=[76325104] 

and the input data 
f=CABadcCafeJ]_ would produce 
g=LefdaaBAC] 


Routines that test various properties of permutations are given in [FXT: perm/permq.h). To check 
whether a given permutation is the identity is trivial: 


bool is_identity(const ulong +f, ulong n) 
// Return whether f[] is the identical permutation, 
// i.e. whether f[k]==k for all k= 0...n-1 


for (ulong k=0; k<n; ++k) if ( f[k] !=k) return false; 
return true; 
} 
A fixed point of a permutation is an index where the element is not moved: 


ulong count_fixed_points(const ulong *f, ulong n) 
// Return number of fixed points in f[] 


{ 
ulong ct = 0; 
for (ulong k=0; k<n; ++k) if ( f[k] == k) ++ct; 
return ct; 

} 


[fxtbook draft of 2008-January-19] 


2.11: General permutations and their operations 105 


A derangement is a permutation that has no fixed points. To check whether a permutation is a derange- 
ment of identity use: 


bool is_derangement (const ulong *f, ulong n) 
// Return whether f[] is a derangement of identity, 
// i.e. whether f[k]!=k for all k 


for (ulong k=0; k<n; ++k) if ( f[k] == k) return false; 
return true; 


Whether two arrays are mutual derangements can be determined by: 


bool is_derangement(const ulong *f, const ulong *g, ulong n) 
// Return whether f[] is a derangement of g[], 
// i.e. whether f[k]!=g[k] for all k 


{ 
for (ulong k=0; k<n; ++k) if ( f[k] == glk] ) return false; 
return true; 


} 


To check whether a given array really describes a valid permutation one has to_verify that each index in 
the valid range appears exactly once. The bitarray class described in section [4.6] on page allows us 
to do the job without modification of the input: 


bool 

is_valid_permutation(const ulong *f, ulong n, bitarray *bp/*=0*/) 
// Return whether all values 0...n-1 appear exactly once, 

// i.e. whether f represents a permutation of [0,1,...,n-1]. 


{ 


// check whether any element is out of range: 
for (ulong k=0; k<n; ++k) if ( f[k]>=n ) return false; 


// check whether values are unique: 

bitarray *tp = bp; 

if ( 0O==bp ) tp = new bitarray(n); // tags 
tp->clear_all(); 


ulong k; 
for (k=0; k<n; ++k) 
{ 


if ( tp->test_set(f[k]) ) break; 
} 


if ( 0O==bp ) delete tp; 


return (k==n); 


} 


We note two rather trivial operations for permutation, computing the complement [FXT: 
perm/permcomplement.h 


inline void make_complement(const ulong *f, ulong *g, ulong n) 
// Set (as permutation) g to the complement of f. 
// Can have f==g. 


for (ulong k=0; k<n; ++k) glk] =n - 1 - f[k]; 
} 


and computing the reversal [FXT: perm/reverse.h| 


template <typename Type> 
inline void reverse(Type *f, ulong n) 
// Reverse order of array f. 


for (ulong k=0, i=n-1; k<i; ++k, --i) swap2(f[k], f[i]); 


2.11.2. Compositions of permutations 

One can apply several permutations to an array, one by one. The resulting permutation is called the 
composition of the applied permutations. The routines are given in [FXT: |perm/permq.cc.. As an 
example, the check whether some permutation g is equal to f applied twice, or f squared, use: 


[fxtbook draft of 2008-January-19] 


106 Chapter 2: Permutations 


bool is_square(const ulong +f, const ulong *g, ulong n) 
// Return whether f * f == g as a permutation 


for (ulong k=0; k<n; ++k) if ( g[k] != f[f[k]] ) return false; 
return true; 


} 


Note that in general f-g 4 g-f for f 4g, the operation of composition is not commutative. 
A permutation f is said to be the inverse of another permutation g if it undoes its effect, that is f-g = id: 


bool is_inverse(const ulong *f, const ulong *g, ulong n) 
// Return whether f[] is the inverse of g[] 


{ 
for (ulong k=0; k<n; ++k) if ( f[g[k]] !=k) return false; 
return true; 


} 


One has g- f = f - g = id, in a group the left-inverse is equal to the right-inverse and we can simply call 
g ‘the inverse’ of f. 


A permutation that is its own inverse (like the revbin permutation) is called an involution. Checking 
that is easy: 


bool is_involution(const ulong *f, ulong n) 
// Return whether max cycle length is <= 2, 
v i.e. whether f * f = id. 


for (ulong k=0; k<n; ++k) if ( f[f[k]] !=k) return false; 
return true; 


} 


The following routine computes the inverse of a given permutation [FXT: perm/perminvert.cc): 


void make_inverse(const ulong *f, ulong * restrict g, ulong n) 
// Set (as permutation) g to the inverse of f 


for (ulong k=0; k<n; ++k) gI[f[k]] = k; 


2.11.3 Representation as disjoint cycles 


If one wants to do the operation in-place a little bit of thought is required. The idea underlying all 
subsequent routines working in-place is that every permutation entirely consists of disjoint cycles. A 
cycle of a permutation is a subset of the indices that is rotated (by one) by the permutation. The term 
disjoint means that the cycles do not ‘cross’ each other. While this observation is pretty trivial it allows 
us to do many operations by following the cycles of the permutation, one by one, and doing the necessary 
operation on each of them. As an example consider the following permutation of an array originally 
consisting of the (canonical) sequence 0, 1, ..., 15. Extra spaces are inserted for readability: 


[0, 1, 3, 2, 7, 6, 4, 5, 15, 14, 12, 13, 8, 9, 11, 10 ] 
There are two fixed points (0 and 1) and these cycles: 


8 <-- 15 <-- 10 <-- 12 ) 


( 
ae 7 <-- 5 <-- 6) 
( 9 <-- 14 <-- 11 <-- 13 ) 


The cycles do ‘wrap around’, for example, the initial 4 of the second cycle goes to position 6, the last 
element of the second cycle. 
Note that the inverse permutation could formally be described by reversing every arrow in each cycle: 
(2--> 3) 
(4--> 7--> 5 --> 6) 
( 8 --> 15 --> 10 --> 12 ) 
( 9 --> 14 --> 11 --> 13 ) 


Equivalently, one can reverse the order of the elements in each cycle: 


[fxtbook draft of 2008-January-19] 


2.11: General permutations and their operations 107 


(3 <-- 2) 

(6 <-- 5<-- 7<-- 4) 
(12 <-- 10 <-- 15 <-- 8) 
(13 <-- 11 <-- 14 <-- 9) 


(2 <-- 3) 

(4 <-- 6<-- 5<-- 7) 
( 8 <-- 12 <-- 10 <-- 15 ) 
( 9 <-- 13 <-- 11 <-- 14 ) 


This form is obtained by reversing all alements except the first in each cycle of the (forward) permutation. 
The last three sets of cycles all describe the same permutation: 


[0, 1, 3, 2, 6, 7, 5, 4, 12, 13, 15, 14, 10, 11, 9, 8] 


The cycles above were printed with [FXT: print_cycles() in|perm/printcycles.cc 


ulong print_cycles(const ulong *f, ulong n, bitarray *bp=0) 
// Print the cycles of the permutation. 
// Return number of fixed points. 


{ 
bitarray *tp = bp; 
if ( 0==bp ) tp = new bitarray(n); // tags 
tp->clear_all(); 


ulong ct = 0; // # of fixed points 
for (ulong k=0; k<n; ++k) 
{ 


if ( tp->test_clear(k) ) continue; // already processed 


tp->set (k) ; 
// follow a cycle: 
ulong i = k; 
ulong g = f[il; // next index 
if ( g==i ) // fixed point ? 
++ct; 
continue; 


cout << "(" << setw(3) << i; 
while ( 0==(tp->test_set(g)) ) 


{ 
cout << " <-- " << setw(3) << g; 


g = fl[gl; 


cout << " )" << endl; 


} 
if ( 0O==bp ) delete tp; 
return ct; 


The bit-array (see section [4.6]on page for the implementation) is used to keep track of the elements 
already processed. 


A utility class to compute the decomposition of a permutation into cycles is [FXT: class cycles in 
perm/cycles.h|. A program that shows its usage is [FXT: perm/cycles-demo.cc), it prints the cycles 
Using: gray_permute(y, n) 
Computing cycles: 
0: (€ 2, 3) #=2 
1: (¢€ 4, 7, 5, 6) #=4 
2: ( 8, 15, 10, 12) #=4 
3: ( 9, 14, 11, 13) #=4 
14 elements in 4 nontrivial cycles. 
cycle lengths: 2... 4 
number of fixed points = 2 


and code for a permutation of given size 


template <typename Type> 

inline void foo_perm_16(Type *f) 
// unrolled version for length 16 
{ 


[fxtbook draft of 2008-January-19] 


108 Chapter 2: Permutations 


swap2(f[2], £[3]); 

{ Type t=f£(4]; £[4]=f£[7]; £[7]=f[5]; f[5]=£[6]; f[6]=t; } 

{ Type t=f[8]; £[8]=£015]; £[15]=£010]; £[10]=£[12]; £[12]=t; } 
{ Type t=£[9]; £[9]=£(14]; £[14]=£[11]; £[11]=£[13]; £[13]=t; } 


2.11.4 Cyclic permutations 


A permutation consisting of exactly one cycle is called cyclic. Whether a given permutation has this 
property can be tested with [FXT: is_cyclicQ in perm/perma.cc’: 
bool 


is_cyclic(const ulong +f, ulong n) 
// Return whether permutation is exactly one cycle. 


{ 

if ( n<=1 ) return true; 

ulong k = 0, e = 0; 

do { e=f[e]; ++k; } while ( e!=0 ); 
; return (k==n); 


The method used is to follow the cycle starting at position zero and counting how long it is. The 
permutation is cyclic exactly if the length found equals the array length. There are (n — 1)! cyclic 
permutations of n elements. 


2.11.5 Sign and parity of a permutation 


Every permutation can be written as a composition of transpositions (cycles of length two). This com- 
position is not unique, but its number modulo two is unique. The sign of a permutation is defined to 
be +1 the number is even and —1 if the number is odd. The minimal number of transpositions whose 
composition give a cycle of length J is 1 — 1. So the minimal number of transpositions for a permutation 
consisting of k cycles where the length of the j-th cycle is 1; equals Yj == (aa l;)—k. The sign 
corresponds to the homomorphic mapping into the group of the elements +1 and —1 with multiplication 
as group operation. If we count the transpositions modulo two (corresponding to the mapping into the 
additive group modulo two) we obtain what may be called the parity of a permutation. 


2.11.6 Inverse and square, in-place 


For the computation of the inverse we have to reverse each cycle [FXT: perm/perminvert.cc): 


void make_inverse(ulong *f, ulong n, bitarray *bp/*=0*/) 
// Set (as permutation) f to its own inverse. 
// In-place version. 


{ 
bitarray *tp = bp; 
if ( 0==bp ) tp = new bitarray(n); // tags 
tp->clear_all(); 


for (ulong k=0; k<n; ++k) 
{ 


if ( tp->test_clear(k) ) continue; // already processed 
tp->set(k) ; 


// invert a cycle: 

ulong i = k; 

ulong g = f[il; // next index 
while ( 0==(tp->test_set(g)) ) 


: ulong t = flgl]; 
f[g] = i; 
i=g 
B= t; 

} 


[fxtbook draft of 2008-January-19] 


2.11: General permutations and their operations 109 


flg] = i; 


if ( 0O==bp ) delete tp; 
} 


The extra array of tag bits can be avoided by using the highest bit of each word as tag bit. The scheme 
would fail if any word of the permutation array had the highest bit set. However, on byte-addressable 
machines such an array will not fit into memory at all (for word sizes of 16 or more bits). To keep the 
code similar to the version using the bit-array we define 


static const ulong sl 1UL << (BITS_PER_LONG - 1); // highest bit is tag bit 
static const ulong sO = ~s1; // all bits but tag bit 


static inline void SET(ulong *f, ulong k) { f[k&s0] |= s1; } 
static inline void CLEAR(ulong +f, ulong k) { f[k&s0] &= sO; } 
static inline bool TEST(ulong *f, ulong k) { return (0!=(f[k&s0]&s1)); } 


Note that we have to mask out the tag-bit when using the value ‘k’ as index. The routine can then be 
implemented as 

void 

make_inverse(ulong *f, ulong n) 

// Set (as permutation) f to its own inverse. 

// In-place version using highest bits of array as tag-bits. 


for (ulong k=0; k<n; ++k) 
{ 


if ( TEST(f, k) ) { CLEAR(f, k); continue; } // already processed 
SET(f, k); 


// invert a cycle: 

ulong i = k; 

ulong g = f[il; // next index 
while ( O==TEST(f, g) ) 


{ 
ulong t = flgl]; 
f[g] = i; 
SET(f, g); 
i = g; 
gat; 

} 

f(g] =i; 


CLEAR(f, k); // leave no tag bits set 


} 
} 


The extra CLEAR() statement at the end removes the tag-bit of the cycle minima. Its effect is that no 
tag-bits are set after routine has finished. The routine has about the same performance as the bit-array 


version. For the routine [FXT: |perm/permcompose.cc 


void make_square(const ulong *f, ulong * restrict g, ulong n) 
// Set (as permutation) g=f+*f 
{ 


} 


we obtain the following in-place version: 


for (ulong k=0; k<n; ++k) glk] = f[f[k]]; 


void make_square(ulong *f, ulong n, bitarray *bp/*=0*/) 
// Set (as permutation) f = f * f 
// In-place version. 


{ 
bitarray *tp = bp; 
if ( 0==bp ) tp = new bitarray(n); // tags 
tp->clear_all(); 


for (ulong k=0; k<n; ++k) 


{ 
if ( tp->test_clear(k) ) continue; // already processed 


tp->set (k) ; 


// square a cycle: 
ulong i ; 
ulong t 
ulong g 


cue // save 
f[i]; // next index 


[fxtbook draft of 2008-January-19] 


110 Chapter 2: Permutations 


while ( 0==(tp->test_set(g)) ) 


{ 
fli] = flgl; 
i=g 
g = fl[gl; 

} 

f[i] = t; 


} 
if ( 0O==bp ) delete tp; 


2.11.7 Powers of a permutation 


The e-th power of a permutation f is computed (and returned in g) by a version of the binary exponen- 
tiation algorithm described in section on page [537] [FXT: perm/permcompose.cc : 
void 
power(const ulong *f, ulong * restrict g, ulong n, long e, 
ulong * restrict t/*=0*/) 
// Set (as permutation) g = f ** e 


{ 
if ( e==0 ) 


for (ulong k=0; k<n; ++k) glk] =k; 
return; 


} 
if ( e==1 ) 


copy(f, g, n); 
return; 


} 
if ( e==-1 ) 
{ 
make_inverse(f, g, n); 


return; 


} 


// here: abs(e) > 1 
ulong x = e>0 ? e: -e; 


if ( is_pow_of_2(x) ) // special case x==2"n 


make_square(f, g, n); 
while ( x>2 ) { make_square(g, n); x /= 2; } 


} 
else 
ulong *tt = t; 
if ( O==t ) { tt = new ulong[n]; } 
copy(f, tt, n); 
int firstq = 1; 
cue Cl.) 
if ( x&1) // odd 
{ 
if ( firstq ) // avoid multiplication by 1 
{ 
copy(tt, g, n); 
firstq = 0; 
else compose(tt, g, n); 
if ( x==1 ) = goto dort; 
} 
make_square(tt, n); 
x /= 2; 
} 
dort: 


if ( 0O==t ) delete [] tt; 


if ( e<O ) make_inverse(g, n); 


[fxtbook draft of 2008-January-19] 


2.11: General permutations and their operations 111 


2.11.8 Applying permutations to data, in-place 


The in-place analogue for the routine 


template <typename Type> 

void apply_permutation(const ulong *x, const Type *f, Type * restrict g, ulong n) 
// Apply the permutation x[] to the array f[] 

// i.e. set glk] <-- flx[k]] \forall k 

{ 


} 


is [FXT: perm/permapply-h}: 


template <typename Type> 

void apply_permutation(const ulong *x, Type * restrict f, ulong n, bitarray *bp=0) 
// Apply the permutation x[] to the array f[] 

// i.e. set f[{k] <-- flx[k]] \forall k 

// In-place version. 


for (ulong k=0; k<n; ++k) glk] = fl[x[k]]; 


{ 
bitarray *tp = bp; 
if ( 0O==bp ) tp = new bitarray(n); // tags 
tp->clear_all(); 
for (ulong k=0; k<n; ++k) 
{ 
if ( tp->test_clear(k) ) continue; // already processed 
tp->set(k) ; 
// --- do cycle: --- 
ulong i=k; // start of cycle 
Type t = f[il; 
ulong g = x[il]; 
while ( 0==(tp->test_set(g)) ) // cf. inverse_gray_permute() 
{ 
f[il] = flgl; 
i = g; 
g = x[il; 
} 
fi] = t; 
// --- end (do cycle) --- 
} 
if ( 0==bp ) delete tp; 
} 


To apply the inverse of a permutation without actually inverting the permutation itself use 


template <typename Type> 

void apply_inverse_permutation(const ulong *x, const Type *f, Type * restrict g, ulong n) 
// Apply the inverse permutation of x[] to the array f[], 

// i.e. set g[x[k]] <-- f[k] \forall k 


for (ulong k=0; k<n; ++k) g[x[k]] = f[k]; 
} 


The in-place version is 


template <typename Type> 
void apply_inverse_permutation(const ulong *x, Type * restrict f, ulong n, bitarray *bp=0) 
// Apply the inverse permutation of x[] to the array f[] 
// i.e. set f[x[k]] <-- f[k] \forall k 
// In-place version. 
i bitarray *tp = bp; 
if ( 0O==bp ) tp = new bitarray(n); // tags 
tp->clear_all(); 


for (ulong k=0; k<n; ++k) 
{ 


if ( tp->test_clear(k) ) continue; // already processed 
tp->set (k) ; 


[fxtbook draft of 2008-January-19] 


112 Chapter 2: Permutations 


// --- do cycle: --- 

ulong i=k; // start of cycle 

Type t = f[il; 

ulong g = x[il; 

while ( 0==(tp->test_set(g)) ) // cf. gray_permute() 


{ 
Type tt = fg]; 
f[g] = t; 
t= tt; 
g = x[gl; 
} 
fig] =t; 
// --- end (do cycle) --- 


By 


if ( 0==bp ) delete tp; 
} 


When a permutation of the set S := {0,1,..., m— 1} is given as a function X (where X(S) = S) the 
permutation can be applied to an array f via [FXT: apply_permutation() in perm/permapplyfunc.h): 
template <typename Type> 

void apply_permutation(ulong (*x)(ulong), const Type *f, Type * restrict g, ulong n) 


// Set g[k] <-- f[x(k)] \forall k 
‘a Must have: O<=x(k)<n \forall k 


for (ulong k=0; k<n; ++k) gI[k] = f[x(k)]; 
} 


For example, the statement apply_permutation(inverse_gray_code, f, g, n) is equivalent to 
gray_permute(f, g, n). The inverse routine is 


template <typename Type> 

void apply_inverse_permutation(ulong (*x)(ulong), const Type *f, Type * restrict g, ulong n) 
// Set gl[x(k)] <-- f[k] \forall k 

// Must have: O<=x(k)<n \forall k 


for (ulong k=0; k<n; ++k) g[x(k)] = f[k]; 
} 


The in-place versions of these routines are identical to the routines that apply permutations given as 
arrays. Only a tiny change must be made in the processing of the cycles. For example, the fragment 


void apply_permutation(const ulong *x, Type * restrict f, ulong n, bitarray *bp=0) 
[--snip--] 
ulong i =k; // start of cycle 
Type t = f[il; 
ulong g = x[i]l; // <--= 
while ( 0==(tp->test_set(g)) ) 


{ 
f[i] = flgl; 
i = g; 
g=xfil; // <--= 
} 
f[i] =t; 
{[--snip--] 


must be changed to (replace ‘x[i]’ by ‘x(i)’) 


void apply_permutation(ulong (*x)(ulong), Type *f, ulong n, bitarray *bp=0) 
{[--snip--] 
ulong i=k; // start of cycle 
Type t = f[il; 
ulong g = x(i); // <--= 
while ( 0==(tp->test_set(g)) ) 


{ 
f[i] = flgl; 
i=g; 
; g=x(i); // <--= 
f [i] = t; 
[--snip--] 


[fxtbook draft of 2008-January-19] 


2.11: General permutations and their operations 113 


2.11.9 Random permutations 


Routines for random permutations are given in [FXT: perm/permrand.h). The following routine randomly 


permutes an array with arbitrary elements: 


template <typename Type> 
void random_permute(Type *f, ulong n) 


{ 
for (ulong k=1; k<n; ++k) 
{ 
ulong r = (ulong)rand(); 
r “= r>>16; // avoid using low bits of rand alone 
ulong i =r % (k+1); 
swap2(f[k], f[i]); 
} 
} 


The method is given in [102]. A random permutation can be obtained by applying the function to the 
canonical sequence: 


void random_permutation(ulong *f, ulong n) 
// Create a random permutation 


{ 
for (ulong k=0; k<n; ++k) f[k] =k; 
random_permute(f, n); 
} 
We note that a slight modification of the underlying idea can be used for a routine for random selection 
from a list with only one linear read. Let L be a list of n items Ly, ..., Dn. 


1. Set t= Ly, set k = 1. 

2. Setk=k+1. Ifk>n return t. 
3. With probability 1/k set t = Lr. 
4. Go to step 2. 


A routine to apply a random cyclic permutation (as defined in section |2.11.4}on page}108) to an array is 


template <typename Type> 
void random_permute_cyclic(Type *f, ulong n) 
// Permute the elements of f by a random cyclic permutation. 


for (ulong k=n-1; k>0; --k) 
{ 


ulong r = (ulong)rand() ; 
r “= r>>16; // avoid using low bits of rand alone 
ulong i=ri%k; 
swap2(f[k], f[i]); 
} 
} 


Finally, a random cyclic permutation can be obtained by applying a random cyclic permutation to the 
canonical sequence: 

inline void 

random_cyclic_permutation(ulong *f, ulong n) 

// Create a random permutation that is cyclic. 


for (ulong k=0; k<n; ++k) f[k] =k; 
random_permute_cyclic(f, n); 


} 


The cycle representation of a cyclic permutation can be obtained by applying a random permutation to 
all elements (of the identical permutation) except for the first element. 


[fxtbook draft of 2008-January-19] 


114 Chapter 2: Permutations 


[fxtbook draft of 2008-January-19] 


115 


Chapter 3 


Sorting and searching 


In this chapter some practical flavors of sorting algorithms are given. These include plain sorting, sorting 
index arrays, pointer sorting; all optionally with a supplied comparison function. Massive literature exist 
about the topic so we will not go into the algorithmic details. Very readable text are both [89] and 212), 
in-depth information can be found in [156]. The sorting algorithms used in this chapter are selection sort, 
quicksort, counting sort and radix sort. 


Some algorithms on sorted arrays like binary searching and determination of unique elements are included. 
Finally, some functions for scanning unsorted arrays are given. 


3.1 Sorting 


Selection sort 


n 
e 


BOO 
paeaa 
OoOnnunN 
o00000 
RARARARARA 
Metectctectctctct 


+t ct¢#tnnnooss 
x 
cl 


[ 
[ 
[ 
[ 
[ 
[ 
[ 
[ 
[ 
[ 
[ 


emnoors 


Figure 3.1-A: Sorting the string ‘nowsortme’ with the selection sort algorithm. 


There are a several algorithms for sorting that scale with ~ n? where n is the size of the array to be sorted. 
Here we use selection sort whose idea is to find the minimum of the array, swap it with the first element 
and repeat for all elements but the first. A demonstration of the algorithm is shown in figure [3.1-A] 
this is the output of [FXT: sort /selection-sort-demo.cc’. The implementation is straightforward |FXT: 


sort sort. 


template <typename Type> 
void selection_sort(Type *f, ulong n) 
// Sort £[] (ascending order). 
// Algorithm is proportional to O(n*n), use for short arrays only. 
{ 
for (ulong i=0; i<n; ++i) 
{ 
Type v = f[il; 
ulong m = i; // position of minimum 
ulong j n; 


[fxtbook draft of 2008-January-19] 


116 Chapter 3: Sorting and searching 


while ( --j >i) // search (index of) minimum 
if ( f[jl<v ) 
{ 


m 
Vv 


J; 

fin]; 
} 

} 


swap2(f[i], f[m]); 
} 


A verification routine is always handy: 


template <typename Type> 

bool is_sorted(const Type *f, ulong n) 

// Return whether the sequence f[0], f[1], ..., f[n-1] 
// is sorted in ascending order. 


{ 
for (ulong k=1; k<n; ++k) if ( f[k-1] > f[k] ) return false; 
return true; 


A test for descending order is 
template <typename Type> 
bool is_falling(const Type *f, ulong n) 


for (ulong k=1; k<n; ++k) if ( f[k-1] < f[k] ) return false; 
return true; 


Quicksort 


The quicksort algorithm scales ~ nlog(n) (in the average case). It does not just obsolete the more simple 
schemes because for arrays small enough the ‘simple’ algorithm is usually the fastest method because 
of its minimal bookkeeping overhead, and it can be used inside the quicksort for lengths below some 
threshold. 


The main ingredient of quicksort is to partition the array. The corresponding routine reorders the array 
and returns an pivot index p so that max(fo,..., fp—1) < min(fp,.--, fn—1) [FXT:|sort/sort.h]: 


template <typename Type> 
ulong partition(Type *f, ulong n) 


// Avoid worst case with already sorted input: 
const Type v = median3(f[0], f[n/2], fln-1]); 


ulong i = OUL - 1; 

ulong j = n; 

gale (1) 
do { ++i; } while ( flil<v ); 
do {--j; } while ( f[j]>v ); 


if ( i<j ) swap2(f[a]l, f[j]); 
else return j; 


} 
} 


The function median3() is defined in [FXT: |sort/minmaxmed23.h!: 


template <typename Type> 

static inline Type median3(const Type &x, const Type &y, const Type &z) 
// Return median of the input values 

{ return x<y ? (y<z ? yy: (x<z ? za: x)) : (2<y ? yy: (2<x ? z: x)); } 


The function does 2 or 3 comparisons, depending on the input. One could simply use the element f [0] 
as pivot. However, the algorithm will be ~ n? (that is, quadratic) when the array is already sorted. 


Quicksort calls partition on the whole array, then on the two parts left and right from the partition 
index, then for the four, eight, ... parts, until the parts are of length one. Note that the sub-arrays are 


[fxtbook draft of 2008-January-19] 


3.2: Binary search 117 


usually of different lengths. 


template <typename Type> 
void quick_sort (Type +f, ulong n) 


if ( n<=1 ) return; 

ulong p = partition(f, n); 

ulong ln = p + 1; 

ulong rn = n - ln; 

quick_sort(f, ln); // £[0] ... f[{1n-1] left 

quick_sort(ftln, rn); // f[ln] ... f[n-1] right 
} 


The actual implementation uses two optimizations: Firstly, when the size of the subproblems is smaller 
than a certain threshold selection sort is used. Secondly, the recursive calls are made for the smaller of 
the two sub-arrays, thereby the stack size is bounded by [log.(n)]. 


template <typename Type> 
void quick_sort (Type *f, ulong n) 


start: 
if ( n<8 ) // parameter: threshold for nonrecursive algorithm 


{ 
selection_sort(f, n); 
return; 


} 
ulong p = partition(f, n); 
p+; 
7 : 
if ( ln>rn ) 


{ 


// recursion for shorter sub-array 


quick_sort(f+ln, rn); // f[ln] ... f[n-1]_ right 
n = ln; 


else 
quick_sort(f, In); // f[0] ... f[1n-1] left 
n = rn; 
f += 1n; 

} 


goto start; 
} 


The quicksort algorithm will be quadratic with certain inputs. A clever method to construct such inputs 
is described in [179]. A heapsort algorithm is ~ n - log(n) also in the worst case, it is described in 
section [3.10]on page[134]| Inputs that lead to quadratic time for the quicksort algorithm with median-of-3 
partitioning are described in [185]. There it is suggested to use quicksort but detect problematic behavior 
during runtime and switch to heapsort if needed. The corresponding algorithm is called introsort (for 
introspective Sorting). 


3.2 Binary search 


The main reason for sorting may be that a fast search has to be performed repeatedly. The binary search 
algorithm works by the obvious subdivision of the data [FXT: bsearch() in|sort/bsearch.h : 

template <typename Type> 

ulong bsearch(const Type *f, ulong n, const Type v) 

// Return index of first element in f[] that equals v 

// Return ~O if there is no such element. 

// £[] must be sorted in ascending order. 

a Must have n!=0 


ulong nlo=0, nhi=n-1; 
one ( nlo != nhi ) 
ulong t = (nhitnlo)/2; 


if ( f[t] <v) nlo 
else nhi 


[fxtbook draft of 2008-January-19] 


118 Chapter 3: Sorting and searching 


} 
if ( f{mhi]==v ) return nhi; 
else return ~OUL; 


} 


The algorithm uses ~ log,(n) operations. For very large arrays the algorithm can be improved by 
selecting the new index t different from midpoint (nhi+nlo)/2, dependent of the value sought and the 
distribution of the values in the array. As a simple example consider an array of floating point numbers 
that are equally distributed in the interval [min(v), max(v)]. If the sought value equals v one would want 
to use the relation 

n — min(n) v —min(v) 


= (325) 


max(n) — min(n) max(v) — min(v) 


where n denotes an index, and min(n),max(n) denote the minimal and maximal index of the current 
interval. Solving for n gives the linear interpolation formula 


max(n) — min(n) 


(v — min(v)) (3.2-2) 


max(v) — min(v) 


The corresponding interpolation binary search algorithm would select the new subdivision index t ac- 
cording to the given relation. One could even use quadratic interpolation schemes for the selection of t. 
For the majority of practical applications the midpoint version of the binary search will be good enough. 


A simple modification of bsearch makes it search the first element greater than or equal to v: replace the 


operator == in the above code by >= and you have it: [FXT: bsearch_ge() in sort/bsearch.h|. Similar 


for the ‘<=’ relation: bsearch_le(). 


Approximate matches are found by [FXT: bsearch_approx() in |sort/bsearchapprox.h': 


template <typename Type> 

ulong bsearch_approx(const Type *f, ulong n, const Type v, Type da) 
// Return index of first element x in f[] for which |(x-v)| <= da 
// Return ~O0 if there is no such element. 

// £[] must be sorted in ascending order. 

// da must be positive. 


// 
// Makes sense only with inexact types (float or double). 


e Must have n!=0 


ulong k = bsearch_ge(f, n, v-da); 
if ( k<n ) k = bsearch_le(f+k, n-k, vtda); 
return k; 


3.3. Index sorting 


While the ‘plain’ sorting reorders an array f so that, after it has finished, fy, < f,41 the following routines 
sort an array of indices without modifying the actual data. The index-sort routines reorder the indices 
in an array x such that x applied to f as a permutation (in the sense of section |2.11.8]on page|111) will 


render f a sorted array [FXT: sort/sortidx.h): 


template <typename Type> 

void idx_selection_sort (const Type *f, ulong n, ulong *x) 

// Sort x[] so that the sequence 

// €(x(0l], f[x[1]], ... f[x{n-1]] 

// is sorted in ascending order. 

// Algorithm is proportional to O(n*n), use for short array only. 
{ 


for (ulong i=0; i<n; ++i) 


Type v = flx[il]; 
ulong m = i; // position-ptr of minimum 
ulong j n; 


[fxtbook draft of 2008-January-19] 


3.3: Index sorting 119 


while ( --j >i) // search (index of) minimum 
if ( fix[jll<v ) 
{ 


m 
Vv 


j 

f[x{m]]; 
} 

} 


swap2(x[i], x[m]); 
} 


Apart from the ‘read only’-feature the index-sort routines have the nice property to perfectly work on 
non-contiguous data. The verification code is 


template <typename Type> 
bool is_idx_sorted(const Type *f, ulong n, const ulong *X) 
// Return whether the sequence 


// f(xf0l], flx[1]], ... f[x{n-1]] 
// is sorted in ascending order. 
{ 


if ( O0==n ) return 1; 
mate (--n ) //n-1...1 


if ( flx[n]] < flx[n-1]] ) break; 
} 


return !n; 


} 
The transformation of the partition() routine is straightforward: 


template <typename Type> 

ulong idx_partition(const Type +f, ulong n, ulong *x) 

// rearrange index array, so that for some index p 

A max(f[x[0]] ... f[{x[p]]) <= min(f[x[pt+i]] ... flxfm-1]]) 


// Avoid worst case with already sorted input: 

const Type v = median3(*x[0], *x[n/2], *x[n-1], cmp); 
ulong i = OUL - 1; 

ulong j n; 

) 

do ++i; 

while ( f[x[ill<v ); 

do --j; 

while ( f[x[j]]>v ); 


if ( i<j ) swap2(x[il, x[j]); 
else return j; 


= 

=a 

B. 

H 

o 

=~ 
el 


} 
The index-quicksort itself deserves a minute of contemplation comparing it to the plain version: 


template <typename Type> 

void idx_quick_sort(const Type *f, ulong n, ulong *x) 
// Sort x[] so that the sequence 

// f€(xf0l], f[x[1]], ... f[x{n-1]] 


// is sorted in ascending order. 


eave: 
if ( n<8 ) // parameter: threshold for nonrecursive algorithm 
{ 
idx_selection_sort(f, n, x); 
return; 
} 
ulong p = idx_partition(f, n, x); 
ulong In = p + 1; 
ulong rn =n - ln; 
if ( ln>rn ) // recursion for shorter sub-array 
{ 
idx_quick_sort(f, rn, x+ln); // f[x[1n]] ... flx[m-1]] right 
n = ln; 


[fxtbook draft of 2008-January-19] 


120 Chapter 3: Sorting and searching 


} 


else 


idx_quick_sort(f, ln, x); // f[x[0]] ... f[x[ln-1]] left 
n = rn; 
x += ln; 
} 
goto start; 
} 


The index-analogues of the binary search algorithms are again straightforward, they are given in [FXT: 


sort /bsearchidx.h). 


3.4 Pointer sorting 


Pointer sorting is an idea similar to index sorting which is even less restricted than index sort: The data 
may be unaligned in memory. And overlapping. Or no data at all but port addresses controlling some 
highly dangerous machinery. Thereby pointer sort is the perfect way to highly cryptic and powerful 
programs that seg-fault when you least expect it. 


Just to make the idea clear, the array of indices is replaced by an array of pointers: 


template <typename Type> 

void ptr_selection_sort(/*const Type *f,*/ ulong n, const Type **x) 
// Sort x[] so that the sequence 

// *x(0], *x[1], ..., *x[n-1] 

// is sorted in ascending order. 

// Algorithm is proportional to O(n*n), use for short array only. 


{ 
for (ulong i=0; i<n; ++i) 
Type v = *x[i]; 
ulong m = i; // position-ptr of minimum 
ulong j =n; 
while ( --j >i) // search (index of) minimum 
if ( *x[jl<v ) 
{ 
m= j; 
v = *x[m]; 
} 
swap2(x[i], x{[m]); 
} 
} 


The first argument (const Type *f) is not necessary with pointer sorting. It is indicated as comment 
to make the argument structure clear. The verification routine is 


template <typename Type> 
bool is_ptr_sorted(/*const Type *f,*/ ulong n, Type const*const*x) 
// Return whether the sequence 


// *x(0], *x[1], ..., *x{n-1] 
// is sorted in ascending order. 
ze 


if ( O==n ) return 1; 
while ( --n ) //n-1... 1 


if ( *x[n] < *x[n-1] ) break; 


return !n; 


} 
Find the pointer sorting code in [FXT: |sort/sortptr.h}. The pointer versions of the search routines are 


given in [FXT: |sort/bsearchptr.h'. 


[fxtbook draft of 2008-January-19] 


3.5: Sorting by a supplied comparison function 121 


3.5 Sorting by a supplied comparison function 


The routines in [FXT: sort /sortfunc.h) are similar to the C-quicksort qsort that is part of the standard 


library. A comparison function cmp has to be supplied by the called so that compound data types can be 
sorted with respect to some key contained. Citing the manual page for qsort: 


The comparison function must return an integer less than, equal to, or greater than 
zero if the first argument is considered to be respectively less than, equal to, or 
greater than the second. If two members compare as equal, their order in the 
sorted array is undefined. 


Note that the numerous calls to cmp do have a negative impact on the performance. With C++ you can 
provide a comparison ‘function’ for compound data by overloading the operators <, <, <= and >= and use 
the plain version. That is, the comparisons are inlined an we are back in performance land. Isn’t C++ 
nice? As a prototypical example we give the selection sort routine: 


template <typename Type> 

void selection_sort(Type *f, ulong n, int (*cmp) (const Type &, const Type &)) 
// Sort £[] (ascending order) 

// with respect to comparison function cmp(). 

// Algorithm is proportional to O(n*n), use for short array only. 


for (ulong i=0; i<n; ++i) 


Type v = f[il; 

ulong m = i; // position of minimum 
ulong j : 
while ( --j >i) // search (index of) minimum 


m 
Vv 


} 
} 


swap2(f[i], f[m]); 
} 


The other routines are rather straightforward translations of the (plain-) sort analogues: replace the 
comparison operations as follows 


(a < b) cmp(a,b) < 0 
(a > b) cmp(a,b) > 0 
(a == b) cmp(a,b) == 0 
(a <= b) cmp(a,b) <= 0 
(a >= b) cmp(a,b) >= 0 


For example, the verification routine is 


template <typename Type> 

bool is_sorted(const Type *f, ulong n, int (*cmp)(const Type &, const Type &)) 
// Return whether the sequence 

// £[0], f[1], ..., f{n-1] 

// is sorted in ascending order 

// with respect to comparison function cmp(). 


if ( O==n ) return 1; 
while ( --n ) //n-1...1 


if ( cmp(f[n], f{m-1]) <0) _ break; 
r 


return !n; 


[fxtbook draft of 2008-January-19] 


122 Chapter 3: Sorting and searching 


3.5.1 Sorting complex numbers 


You want to sort complex numbers? Fine for me, but don’t tell your local mathematician. To see the 
mathematical problem we ask whether 7 is smaller or greater than zero. Assume i > 0: follows 7-i > 0 
(we multiplied with a positive value) which is —1 > 0 and that is false. So, is i < 0? Theni-1>0 
(multiplication with a negative value, as assumed). So —1 > 0, oops! The lesson is that there is no way 
to impose an arrangement on the complex numbers that would justify the usage of the symbols ‘<’ and 
‘>’ consistent with the rules to manipulate inequalities. 


Nevertheless we can invent a relation that allows us to sort: arranging (sorting) the complex numbers 
according to their absolute value (modulus) leaves infinitely many numbers in one ‘bucket’, namely all 
those that have the same distance from zero. However, one could use the modulus as the major ordering 
parameter, the angle as the minor. Or the real part as the major and the imaginary part as the minor. 
The latter is realized in 


static inline int 
cmp_complex(const Complex &f, const Complex &g) 


const double fr = f.real(), gr = g.real(); 
if ( fri=gr ) return (fr>gr ? +1 : -1); 


const double fi = f.imag(), gi = g.imag(); 
if ( fil=gi ) return (fi>gi ? +1 : -1); 
return 0; 


} 
This routine, when used as comparison with the function-sort, as in 


void complex_sort (Complex *f, ulong n) 
// major order wrt. real part 
// minor order wrt. imag part 


{ 


quick_sort(f, n, cmp_complex) ; 


can indeed be the practical tool you had in mind. 


3.5.2 Index and pointer sorting 


The index sorting routines that use a supplied comparison function are given in [FXT: sort /sortidxfunc.h): 


template <typename Type> 
void idx_selection_sort(const Type *f, ulong n, ulong *x, 
int (*cmp) (const Type &, const Type &)) 
// Sort x[] so that the sequence 
// €(xf0]], f[x[1]], ... f[x{m-1]] 
// is sorted in ascending order 
// with respect to comparison function cmp() 
// Algorithm is proportional to O(n*n), use for short array only. 


for (ulong i=0; i<n; ++i) 
Type v = flx[il]; 
ulong m = i; // position-ptr of minimum 
ulong j =n; 
while ( --j >i) // search (index of) minimum 


a ( emp(f[x[j]], v) <0) 


m 
Vv 


j 

f[xim]]; 
} 

} 


swap2(x[i], x[m]); 
} 


The verification routine is: 


[fxtbook draft of 2008-January-19] 


3.5: Sorting by a supplied comparison function 123 


template <typename Type> 

bool is_idx_sorted(const Type *f, ulong n, const ulong *x, 
int (*cmp) (const Type &, const Type &)) 

// Return whether the sequence 

// £(x(0l], f[x[1]], ... £[x{n-1]] 

// is sorted in ascending order 

// with respect to comparison function cmp() 


{ 
if ( O==n ) return 1; 
while ( --n ) //n-1...1 
if ( cmp(f[x[n]], flx[m-1]]) <0) break; 
} 
return !n; 
} 


The pointer sorting versions are given in [FXT: sort/sortptrfunc.h 


template <typename Type> 

void ptr_selection_sort(/*const Type *f,*/ ulong n, const Type **x, 
int (*cmp) (const Type &, const Type &)) 

// Sort x[] so that the sequence 

// *x(0], *x[1], ..., *x[n-1] 

// is sorted in ascending order 

// with respect to comparison function cmp(). 

// Algorithm is proportional to O(n*n), use for short array only. 


for (ulong i=0; i<n; ++i) 
Type v = *x[i]; 
ulong m = i; // position-ptr of minimum 
ulong j : 
while ( --j >i) // search (index of) minimum 


if ( cmp(*x[j],v)<0 ) 
{ 


m 
Vv 


j3 
*x[m]; 


} 
} 


swap2(x[i], x[m]); 


The verification routine is: 


template <typename Type> 

bool is_ptr_sorted(/*const Type *f,*/ ulong n, Type const*const*x, 
int (*cmp) (const Type &, const Type &)) 

// Return whether the sequence 

// *x(0], *x[1], ..., *x[n-1] 

// is sorted in ascending order 

// with respect to comparison function cmp(). 


if ( O0==n ) return 1; 
male (--n ) //n-1...1 


if ( cmp(*x[n] ,*x[n-1])<0O ) break; 
} 


return !n; 


The corresponding versions of the binary search algorithm are given in [FXT: sort /bsearchidxfunc.h| and 
[FXT: \sort /bsearchptrfunc.h. 


[fxtbook draft of 2008-January-19] 


124 Chapter 3: Sorting and searching 


3.6 Determination of unique elements 


We present functions that check whether values in a sorted array are repeated or unique. All routines 
are taken from [FXT: sort /unique.h). To test whether all values are unique, use 


template <typename Type> 

ulong test_unique(const Type +f, ulong n) 

// For a sorted array test whether all values are unique 

// (i.e. whether no value is repeated). 

// Return 0 if all values are unique else return index of the second 
// element in the first pair found. 


for (ulong k=1; k<n; ++k) 


if ( f[k] == f[k-1] ) return k; //k !=0 


return 0; 


} 


template <typename Type> 
ulong is_unique(const Type *f, ulong n) 
// Return true if all values are unique, else return false. 


return ( 0==test_unique(f, n) ); 


} 
Counting the elements that appear just once: 


template <typename Type> 

int unique_count(const Type *f, ulong n) 

// For a sorted array return the number of unique values 
// the number of (not necessarily distinct) repeated 

// values is n - unique_count(f, n); 


{ 
if ( 1>=n ) return n; 
ulong ct = 1; 
for (ulong k=1; k<n; ++k) 
if ( f[k] != f[k-1] ) ++ct; 
return ct; 
} 


Removing repeated elements: 


template <typename Type> 

ulong unique(Type *f, ulong n) 

// For a sorted array squeeze all repeated values 

// and return the number of unique values. 

// Example: [1, 3, 3, 4, 5, 8, 8] --> [1, 3, 4, 5, 8] 

// The routine also works for unsorted arrays as long 

// as identical elements only appear in contiguous blocks. 
// Example: [4, 4, 3, 7, 7] --> [4, 3, 7] 

// The order is preserved. 


{ 
ulong u = unique_count(f, n); 
if ( u==n ) return n; // nothing to do 
Type v = f£[0]; 
for (ulong j=1, k=1; j<u; ++j) 
while ( f[k]==v ) ++k; // search next different element 
v = f[j] = flkl; 
} 
return u; 
} 


The inner while-loop does never access an element out of bounds as it is executed only as long as there 
is at least one remaining change of value inside the array. 


[fxtbook draft of 2008-January-19] 


3.7: Unique elements with inexact types 125 
3.7 Unique elements with inexact types 


Determination of unique elements with inexact types (floats) is a bit tricky as one cannot rely that 
elements that should be identical are exactly equal. A solution to the problem is to allow for a maximal 
(absolute) difference within which two contiguous elements will still be considered equal can be provided 


as additional parameter. We replace equality conditions with a call to [FXT: sort /uniqueapprox.h 


template <typename Type> 

inline bool approx_equal(Type x1, Type x2, Type da) 
// Return whether abs(x2-x1) <= da 

e Must have da>=0 


Type d = x2 - x1; 

if ( d<=0 ) d= -d; 

if ( d <= da) return true; 
else return false; 


} 


The verification routine is 


template <typename Type> 

ulong test_unique_approx(const Type *f, ulong n, Type da) 

// For a sorted array test whether all values are 

// unique within some tolerance (i.e. whether no value is repeated). 
// Return 0 if all values are unique, 

// else return index of the second element in the first pair found. 
// Makes mostly sense with inexact types (float or double) 


if ( da<x=0 ) da =-da; // want positive tolerance 


for (ulong k=1; k<n; ++k) 


if ( approx_equal(f[k], f[k-1], da) ) return k; // k !=0 
} 


return 0; 


One subtle point is that the values can slowly ‘drift away’ unnoticed by this implementation: consider 
a long array where each difference computed has the same sign and is just smaller than da, say it is 
d =0.6-da. The difference of the first and last value then is 0.6 - (n — 1) - d which is greater than da for 
n> 3. 


The number of unique elements can be counted as follows: 


template <typename Type> 

ulong unique_approx_count(const Type *f, ulong n, Type da) 
// For a sorted array return the number of unique values 
// the number of (not necessarily distinct) repeated 

// values is n - unique_approx_count(f, n, da); 


4 
if ( 1>=n ) return n; 
if ( da<x=0 ) da =-da; // Must have positive tolerance 
ulong ct = 1; 
for (ulong k=1; k<n; ++k) 
if ( approx_equal(f[k], f[k-1], da) ) +t+ct; 
return ct; 
} 


The following routine removes duplicates: 


template <typename Type> 

ulong unique_approx(Type *f, ulong n, Type da) 

// For a sorted array squeeze all repeated (within tolerance da) values 
// and return the number of unique values. 

// Example: [1, 3, 3, 4, 5, 8, 8] --> [1, 3, 4, 5, 8] 

// The routine also works for unsorted arrays as long 

// as identical elements only appear in contiguous blocks. 

// Example: [4, 4, 3, 7, 7] --> [4, 3, 7] 

// The order is preserved. 


ulong u = unique_approx_count(f, n, da); 


[fxtbook draft of 2008-January-19] 


126 Chapter 3: Sorting and searching 


if ( u==n ) return n; // nothing to do 


if ( da<x=0 ) da =-da; // Must have positive tolerance 
Type v = f[0]; 

for (ulong j=1, k=1; j<u; ++j) 

{ 


// search next different element: 
while ( approx_equal(f[k], v, da) ) 


v = f[k]; // avoid problem with slowly drifting values 
++k; 
} 
v = f[j] = flkl; 
} 


return u; 


A useful preprocessing step (before using test_unique_approx()) is to quantize the elements of an array 
[FXT: quantize() in sort /quantize.h): 


template <typename Type> 

void quantize(Type +f, ulong n, double q) 

// In £[] set each element x to q*floor(1/q*(x+q/2) ) 
// E.g.: g=1 ==> round to nearest integer 


// g=1/1000 ==> round to nearest multiple of 1/1000 
// For inexact types (float or double). 
{ 


Type gh = q * 0.5; 
Type qi = 
male ( n-- ) 
f[n] = q * floor( qi * (f[n]+qh) ); 
} 


One should use a quantization parameter q that is greater than the value used for da. 


A simple demonstration is given in [FXT: \sort/unique-demo.cc : 


Random values: 
0: Q.9727750243 
1: Q.2925167845 
2: Q.7713576982 
3: Q.5267449795 
4: Q.7699138366 
5: 0.4002286223 
Quantization with q=0.01 
Quantized & sorted : 
0: Q.2900000000 
1: Q.40000000Q00 
2: Q.5300000000 
3: Q.7700000000 
4: ea araeneteseretetete 
5: 0.9700000000 
First REPEATED value at index 4 (and 3) 
Unique’d array: 
0: Q.2900000000 
1: Q.40000000Q00 
2: Q.5300000000 
3: Q.7700000000 
4: 0.9700000000 


The routine quantize() turns out to be also useful for the conversion of imprecise data to symbols. For 
example, the array of floating point values on the left corresponds to the symbolic (numbers used as 
symbols) table on the right: 


1.3133 -1.0101 0.79412 -0.71544 9 2 6 3 
0.29064 0.99173 -1.4382 0.79412 5 7 O 6 
-1.1086 1.2521 0.99173 -1.0101 1 8 7T 2 
-0.18003 -1.1086 0.29064 1.3133 4 1 5 9 


In this example values were considered identical when their absolute difference is less than 10-3. The 


symbolic representation can be helpful to recognize structure in imprecise data. The routine is [FXT: 
sort /symbolify-h): 


template <typename Type> 
ulong symbolify_by_size(const Type *f, Type * restrict g, ulong n, 
Type eps=1e-6, ulong *ix=0) 


[fxtbook draft of 2008-January-19] 


3.8: Determination of equivalence classes 127 


// From £[] compute an array of ’symbols’ g[] (i.e. numbers) 

// that represent the different values. 

// Values are considered identical if their absolute difference 
// is less than eps. 

// Symbols are given with respect to sort-order. 

// Return number of different values found (after quantize). 

// Optionally supply x[] (scratch space for permutations). 


{ 

ulong *x = ix; 
if ( O==ix ) x = new ulong[n]; 
set_seq(x, n); 
idx_quick_sort(f, n, x); 
apply_permutation(x, f, g, n); 
quantize(g, n, eps); 
eps *= 0.5; // some val <1.0 
ulong nsym = 1; 
ulong z = 0; 
Type s = 0.0; 
Type el = glz], lel; 
giz] = s; 
for(ulong k=zt+1; k<n; ++k) 
{ 

lel = el; 

el = gIk]; 

if ( fabs(el-lel) > eps ) 

++nsym; 
s t= 1.0; 

} 

glk] = s; 
} 
apply_inverse_permutation(x, g, n); 
if ( O0==ix ) delete [] x; 
return nsym; 

} 


The example shown was created with the program [FXT: |sort/symbolify-demo.cc). The routines 
apply_permutation() and apply_inverse_permutation() are given in section|2.11.8]}on page 


3.8 Determination of equivalence classes 


Let S be a set and C := S x S the set of all ordered pairs (2, y) with z,y € S. A binary relation Ron S 
is a subset of C. An equivalence relation is a binary relation that has three additional properties: 


e reflexive: c= xV«a. 
e symmetric: r=y => y=. 
e transitive: L=Yy, y= —> L=zZ. 
Here we wrote « = y for (x,y) € R where z,y € S. 


We want to determine the equivalence classes: an equivalence relation partitions a set into l<q<n 
subsets £1, H2,..., Eq so that « = y whenever both x and y are in the same subset but « ¥ y if « and 
y are in different subsets. 


For example, the usual equality relation is an equivalence relation, with a set of (different) numbers each 
number is in its own class. With the equivalence relation that x = y whenever x — y is a multiple of 
some fixed integer m and the set Z of all natural numbers we obtain m subsets and x = y if and only if 
x = ymod m. 


Let n be the number of elements in S and Q be a set so that, on termination of the algorithm, Q, = 7 if 
j is the least index so that S; = 5; (note that we consider the sets to be in a fixed but arbitrary order 


[fxtbook draft of 2008-January-19] 


128 Chapter 3: Sorting and searching 


here). 

We proceed as follows: 
1. Put each element in its own equivalence class: Q, :=k for alO<k<n 
2. Set & := 1 (index of the second element). 


3. Search downwards for an equivalent element: for j = k—1,..., 0 test whether S, = Sj. If so (at 
position 7), set Q, = Q,; and goto step 4. 


4. Set k:=k+1 and if k < n goto step 3, else terminate. 


We can terminate the search with the first equivalent element found because, if j is the index of the 
equivalent, the Q; is already minimal. 


The lower and upper bounds for the computational cost are n and n?, respectively: the algorithm needs 
proportional n operations when all elements are in the same equivalence class and n? operations when 
each element lies in its own class. 


A C++ implementation is [FXT: equivalence_classes() in sort/equivclasses.h). The equivalence rela- 
tion must be supplied as a function equiv_q() that returns true when its arguments are equivalent. 


template <typename Type> 

void equivalence_classes(const Type *s, ulong n, bool (*equiv_q) (Type,Type), ulong *q) 
// Given an equivalence relation ’==’ (as function equiv_q()) 

// anda set s[] with n elements, 

// write into q[k] (0<=k<n) the index j of the 

// first element s[j] so that s[k]==s[j]. 

// For the complexity C: n<=C<=n*n 

// C=n*n if each element is in its own class 

// C=n if all elements are in the same class 


{ 
for (ulong k=0; k<n; ++k) ql[k] =k; // each in own class 
for (ulong k=1; k<n; ++k) 
ulong j = k; 
while ( j-- 
if ( equiv_q(s[j], s[k]) ) 
{ 
q[k] = q[jl; 
break; 
} 
} 
} 
} 


3.8.1 Examples for equivalence classes 
3.8.1.1 Integers modulo m 


Choose an integer m > 2 and let any two integers a and b be equivalent if a — b is a integer multiple of 
m. We can choose the numbers 0, 1 ..., m—1 as representatives of the m classes obtained. Now we can 
do computations with those classes via the modular arithmetic as described in section [37.1]on page 
This is easily the most important example of all equivalence classes. 


We note that the concept still make sense with a real (that is, possibly non-integral) modulus m. We 
still put two numbers a and 6 into the same class if a—b is a integer multiple of m. Finally, the modulus 
zero leads to the equivalence relation ‘equality’. 


[fxtbook draft of 2008-January-19] 


3.8: Determination of equivalence classes 129 


3.8.1.2 Binary necklaces 


The set S of n-bit binary words a the equivalence relation so that two words x and y are equivalent 
when there is a cyclic shift hy(x 0 <k <n positions so that hy(a) = y. The relation is supplied as 


the function [FXT: sort / oe necklaces-demo.cc’: 


static ulong b; // number of bits 
bool n_equiv_q(ulong x, ulong y) // necklaces 
{ 


ulong d = bit_cyclic_dist(x, y, b); 
return (0==d); 


With n = 4 we obtain the following list of equivalence classes: 


case [21] 
Tiss. atid sacdy Sotte « FHE4] 
1..14 44.. ..41 114. [#=4] 


1.1 4.1. [#=2] 

141.14 4141. 4.41 1.141 [#=4] 
15: 1111 [#=1] 

# of equivalence classes = 6 


NOWRO 


These correspond to the binary necklaces of length 4. One usually chooses the cyclic minima (or maxima) 
among equivalent words as representatives of the classes. 


3.8.1.3 Unlabeled binary necklaces 


Same set but the equivalence relation is defined to identify two words x and y when there is a cyclic shift 
hy(x) by 0 < k < 6 positions so that either hy(a) = y or hy (x) = Y where Y is the complement of y: 


static ulong mm; // mask to complement 
bool nu_equiv_q(ulong x, ulong y) // unlabeled necklaces 
{ 

ulong d = bit_cyclic_dist(x, y, b); 

if ( O!=d ) d = bit_cyclic_dist(mm*x, y, b); 

return (0==d) ; 


With n = 4 we obtain: 


0: 14111 .... [#2] 

1: 414. 411.1 1.141 1... 411 ...14 0.1. .1..  Et=8] 
3: e412. 41..1 41. ..11 [+4] 

5: 4.1. 1.1.  [#=2] 


# of equivalence classes = 4 


These correspond to the unlabeled binary necklaces of length 4. 


3.8.1.4 Binary bracelets 


The binary bracelets are obtained by identifying two words that are identical up to rotation and possible 
reversion. The corresponding comparison function is 


bool b_equiv_q(ulong x, ulong y) // bracelets 


{ 
ulong d = bit_cyclic_dist(x, y, b); 
if ( O!=d ) d= bit_cyclic_dist(revbin(x,b), y, b); 
return (0==d); 


There are six binary bracelets of length 4: 


0: ee [a= _ 

1: Liss wd... [#=4] 
3: 1..4 if 14.11. [#4] 
5: -t.1 4.1. [#=2] 

7 144.4 441. 4.41 1411 [#=4] 
15: 1111 9 [#=1] 


[fxtbook draft of 2008-January-19] 


130 Chapter 3: Sorting and searching 


The unlabeled binary bracelets are obtained by additionally allowing for bit-wise complementation: 


bool bu_equiv_q(ulong x, ulong y) // unlabeled bracelets 


{ 
ulong d = bit_cyclic_dist(x, y, b); 
x “= mm; 
if ( O!=d ) d= bit_cyclic_dist(x, y, b); 
x = revbin(x,b); 
if ( O!=d ) d= bit_cyclic_dist(x, y, b); 
x “= mm; 
if ( O!=d ) d= bit_cyclic_dist(x, y, b); 
return (0==d); 
} 
There are four unlabeled binary bracelets of length 4: 
0 1111 [#=2] 
1 141. 41.1 4.11 41... .111 ...14 ..1. .1.. [#8] 
3 .i1. 4..1 11.. 11 [#=4] 
5 .1.1 1.1. [#=2] 


The shown functions are given in [FXT: sort /equivclass-bracelets-demo.cc| which can be used to produce 


listings of the equivalence classes. 


3.8.1.5 The number of necklaces and bracelets 


We give the number of binary necklaces ‘N’, bracelets ‘B’, unlabeled necklaces ‘N/U’ and unlabeled bracelets 
‘B/U’. The second row gives the sequence number of [214]. 


n: N B N/U B/U 
ety 
ile 2 2 1 1 
2: 3 3 2 2 
3: 4 4 2 2 
4: 6 6 4 4 
5: 8 8 4 4 
6: 14 13 8 8 
C 20 18 10 9 
8: 36 30 20 18 
9: 60 46 30 23 
10: 108 78 56 44 
11 188 126 94 63 
12 352 224 180 122 
13 632 380 316 190 
14 1182 687 596 362 
15 2192 1224 1096 612 


3.8.1.6 Binary words with reversion and complement 


The set S of n-bit binary words and the equivalence relation identifying two words x and y whenever 
they are mutual complements or bit-wise reversals. 


For example, the equivalence classes with 3-, 4- and 5-bit words are shown in figure The sequence 
of numbers of equivalence classes for word-sizes n is (entry A005418| of [214]) 


n: 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 165, s2. 
#: 1, 2, 3, 6, 10, 20, 36, 72, 1386, 272, 528, 1056, 2080, 4160, 8256, 16512, ... 


The equivalence classes can be computed with the program [FXT: sort /equivclass-bitstring-demo.cc). 


[fxtbook draft of 2008-January-19] 


3.9: Determination of monotonicity and convexity * 131 


3 classes with 3-bit words: 10 classes with 5-bit words: 
O: ere O: 11111 ..... 
1s wt 440642. °¢« 12-2 a, 1111. 41.... 1441 ....1 
2: tel ad. 2 ss Bs Us Uns Us Ds Res Ue mn 
3 1i1.. ...11 411 14. 
4 wd... 11.11 
6 classes with 4-bit words: 5 tay Dedae .1.1  .1.11 
0: shi es is ee 6 wth. slte.° Dhecd de stt 
1: ole es eae a st Ree 9 eli. oe 14... 1..1 1..1 
2: cele whee tt dat 10 sheds 2.4.1 
3% Tie «edt 14 Teaedk <1 11 
5: 1.1. .1.1 
6: eddy Lead 


Figure 3.8-A: Equivalence classes of binary words where words are identified if either their reversals or 
complements are equal. 


We have chosen examples where the resulting equivalence classes can be verified by inspection. For 
example, we could create the subsets of equivalent necklaces by simply rotating a given word and marking 
the so far visited words. Such an approach, however, is not possible in general when the equivalence 
relation does not have an obvious structure. 


3.8.2 The number of equivalence relations for a set of n elements 


The sequence B(n) of the number of possible partitionings (and thereby equivalence relations) for the set 
{1, 2,..., n} starts as (n > 1): 


1, 2, 5, 15, 52, 203, 877, 4140, 21147, 115975, 678570, 4213597, 


These are the Bell numbers, sequence A000110 of . They can be computed easily as indicated in the 
following table: 


Oo: (€£ 1] 

1: [41, 2] 

2: [—2, 3, 5] 

3: £5, 7, 10, 15] 

4: [15, 20, 27, 37, 52] 

5: [52, 67, 87, 114, 151, 203] 
n: [B(n), ] 


The first element in each row is the last element of the previous row, the remaining elements are the sum 
of their left and upper left neighbors. As pari/gp code: 


N=7; v=w=b=vector(N); v([1J]=1; 
{ for(n=1,N-1, 


bin] = v[il; 

print(n-1, ": ", v); \\ print row 

w[1] = vin]; 

for (k=2,n+1, wlk]=w[k-1]+v[k-1]) ; 
ae 


An implementation in C++ is given in [FXT: comb/bell-number-demo.cc}. An alternative way to compute 


the Bell Numbers is shown in section on page 


3.9 Determination of monotonicity and convexity * 


A sequence is called monotone if it is either purely ascending or purely descending. This includes the case 
where subsequent elements are equal. Whether a constant sequence is considered ascending or descending 
in this context is a matter of convention. 

A routine to check for monotonicity is [FXT: |sort/monotone.h : 


template <typename Type> 
int is_monotone(const Type *f, ulong n) 


[fxtbook draft of 2008-January-19] 


132 Chapter 3: Sorting and searching 


// Return 

// +1 for ascending order 
//  -1 for descending order 
// else 0 


if ( 1>=n ) return +1; 


ulong k; 
for (k=1; k<n; ++k) // skip constant start 


if ( £[k] != f[k-1] ) break; 


if ( k==n ) return +1; // constant is considered ascending here 
int s = ( f[k] > fl[k-i] ? +1: -1); 
if ( s>0 ) // was: ascending 


4 


// scan for descending pair: 
for ( ; k<n; ++k) if ( f[k] < f[k-1] ) return 0; 


else // was: descending 


// scan for ascending pair: 
for ( ; k<n; ++k) if ( f[k] > f[k-1] ) return 0; 


return s; 


} 


A strictly monotone sequence is a monotone sequence that has no identical pairs of elements. The test 
turns out to be slightly easier: 


template <typename Type> 

int is_strictly_monotone(const Type *f, ulong n) 
// return 

// +1 for strictly ascending order 


//  -1 for strictly descending order 
v else 0 


if ( 1>=n ) return +1; 

ulong k = 1; 

if ( £[k] == f[k-1] ) return 0; 

int s = ( f[k] > f[k-1] ? +1: -1); 
if ( s>0 ) // was: ascending 


{ 
// scan for descending pair: 
for ( ; k<n; ++k) if ( f[k] <= f[k-1i] ) return 0; 


else // was: descending 


// scan for ascending pair: 
for ( ; k<n; ++k) if ( f[k] >= f[k-1] ) return 0; 
} 


return Ss; 


} 


A sequence is called convex if it starts with an ascending part and ends with a descending part. A concave 
sequence starts with a descending and ends with an ascending part. Whether a monotone sequence is 
considered convex or concave again is a matter of convention (you have the choice to consider the first 


or the last element as extremum). Lacking a term that contains both convex and concave the following 
routine is called is_convex() [FXT: sort /convex.h): 


template <typename Type> 
long is_convex(Type *f, ulong n) 


// Return 

// +wval for convex sequence (first rising then falling) 
//  -val for concave sequence (first falling then rising) 
// else 0 

// 


// val is the (second) index of the first pair at the point 
// where the ordering changes; val>=n iff seq. is monotone. 


// Note: a constant sequence is considered any of rising/falling 


[fxtbook draft of 2008-January-19] 


3.9: Determination of monotonicity and convexity * 


} 


if ( 1>=n ) return +1; 
ulong k = 1; 
for (k=1; k<n; ++k) // skip constant start 


if ( £[k] != f[k-1] ) break; 


if ( k==n ) return +n; // constant is considered convex here 
int s = ( f[k] > flk-i] ? +1: -1); 
if ( s>0 ) // was: ascending 

// scan for strictly descending pair: 


for ( ; k<n; ++k) if ( f[k] < f[k-1] ) break; 
s = +k; 


else // was: descending 


{ 
// scan for strictly ascending pair: 
for ( ; k<n; ++k) if ( f[k] > f[k-1i] ) break; 
s = -k; 

} 


if ( k==n ) return s; // sequence is monotone 


// check that the ordering does not change again: 
if ( s>0 ) // was: ascending --> descending 


// scan for strictly ascending pair: 
for ( ; k<n; ++k) if ( f[k] > f[k-1] ) return 0; 


else // was: descending 


// scan for strictly descending pair: 
for ( ; k<n; ++k) if ( f[k] < f[k-1] ) return 0; 


return s; 


The test for strictly conver (or concave) sequences is: 


template <typename Type> 
long is_strictly_convex(Type *f, ulong n) 


// Return 

//  +wval for strictly convex sequence 

// (i.e. first strictly rising then strictly falling) 
//  -wval for strictly concave sequence 

// (i.e. first strictly falling then strictly rising) 
// else 0 

// 


// val is the (second) index of the first pair at the point 
// where the ordering changes; val>=n iff seq. is strictly monotone. 


{ 


if ( 1>=n ) return +1; 


ulong k = 1; 
if ( f[k] == f[k-1] ) return 0; 


int s = ( f[k] > fl{k-i] ? +1: -1); 
if ( s>0 ) // was: ascending 
// scan for descending pair: 


for ( ; k<n; ++k) if ( f[k] <= f[k-1] ) break; 
s = +k; 


else // was: descending 


{ 
// scan for ascending pair: 
for ( ; k<n; ++k) if ( f[k] >= f[k-1] ) break; 
s = -k; 

} 


if ( k==n ) return s; // sequence is monotone 
else if ( f[k] == f[k-1] ) return 0; 


// check that the ordering does not change again: 


[fxtbook draft of 2008-January-19] 


133 


134 Chapter 3: Sorting and searching 


if ( s>0 ) // was: ascending --> descending 


{ 


// scan for ascending pair: 
for ( ; k<n; ++k) if ( f[k] >= f[k-1i] ) return 0; 


else // was: descending 


// scan for descending pair: 
for ( ; k<n; ++k) if ( f[k] <= f[k-1i] ) return 0; 


return s; 


3.10 Heapsort 


The heapsort algorithm uses the heap data structure introduced in section on page A heap can 
be sorted by swapping the first (and biggest) element with the last and ‘repairing’ the array of size n — 1 


by a call to heapify1Q. Applying this idea recursively until there is nothing more to sort leads to the 
routine [F XT: |sort/heapsort.h): 


template <typename Type> 

void heap_sort_ascending(Type *x, ulong n) 

// Sort an array that has the heap-property into ascending order. 
// On return x[] is _not_ a heap anymore. 


{ 
Type *p =x - 1; 
for (ulong k=n; k>1; --k) 
{ 
swap2(p[1], p[k]); // move largest to end of array 
--n; // remaining array is one element less 
heapify1(p, n, 1); // restore heap-property 
} 
} 


that needs time O(n log(n)). That is, a call to 


template <typename Type> 
void heap_sort(Type *x, ulong n) 


build_heap(x, n); 
heap_sort_ascending(x, n); 


} 
will sort the array x[] into ascending order. Note that sorting into descending order is not any harder: 


template <typename Type> 

void heap_sort_descending(Type *x, ulong n) 

// Sort an array that has the heap-property into descending order. 
// On return x[] is _not_ a heap anymore. 


{ 
Type *p = x - 1; 
for (ulong k=n; k>1; --k) 
{ 
t++p;  --n; // remaining array is one element less 
heapify1(p, n, 1); // restore heap-property 
} 


A program that demonstrates the algorithm is [FXT: sort /heapsort-demo.cc). 


3.11 Counting sort and radix sort 


Imagine you want to sort an n-element array F’ of (unsigned) 8-bit values. An sorting algorithm that 
only uses 2 passes through the data proceeds as follows: 


1. Allocate an array C' of 256 integers and set all its elements to zero. 


[fxtbook draft of 2008-January-19] 


3.11: Counting sort and radix sort 135 


2. Count: for k = 0,1, ...,m—1 increment C[F[K]]. 
Now C[a] contains how many bytes in F' have the value z. 


3. Set r=0. For j =0,1,..., 255 
set k = Clj] and write j to the elements F[r], F[r+1],..., F[r+k—1] then add k tor. 


For large values of n this method is significantly faster than any other sorting algorithm. Note that no 
comparisons are made between the elements of F’. Instead they are counted, the algorithm is the counting 
sort algorithm. 


It might seem that the idea applies only to very special cases but with a little care it can be used in more 
general situations. We modify the method so that we are able to sort also (unsigned) integer variables 
whose range of values would make the method impractical with respect to a subrange of the bits in each 
word. We need an array G that has as many elements as F: 


1. Choose any consecutive run of b bits, these will be represented by a bit mask m. Allocate an array 
C of 2° integers and set all its elements to zero. 


2. Let M be a function that maps the (2°) values of interest (the bits masked out by m) to the range 
O, 1, xuy Be 
3. Count: for k = 0, 1,..., 2 —1 increment C|M(F|&})]. 


Now C|z] contains how many values of M(F'.]) equal x. 


4, Cumulate: for j = 1, 2,..., 2° —1 (second to last) add C[j — 1] to Cj]. 
Now Cz] contains the number of values M(F'.]) less or equal to x. 
5. Copy: fork =n-—1,..., 2, 1, 0 (last to first) set « := M(F'k]), decrement C[az] then set ¢ = C[a], 
then set Gli] := Fla]. 
A crucial property of the algorithm is that it is stable: when we use it to sort with respect to a certain 


bitmask m and there is more than one element being mapped to the same value then the relative order 
between these elements is preserved. 


Input Counting sort wrt. two lowest bits 
TS! ieee 11 
QO: 11111.11< QO: ore y wee 
1: ashen Weaatea 13 .,1111.. 
2: wage ded 2: sb eae 
3: wa deg ae 3: reed ded 
4: ..-d,1111< 4: 1.01.31 
5: pe ie is ea 5: pe Freee 
6: -L.,1,,1 6: dds Td 
(: ~4,1.11, a 1i111,41< 
8: -i1,..11< 8: .,1.1111< 
9: ee eee 9: -11...11< 


Note that relative order of the three words ending with two set bits (marked with ‘<’) is preserved. 


A routine that verifies whether an array is sorted with respect to a bit range specified by the variable bO 


and m is [FXT: |sort/radixsort.cc|: 


bool 
is_counting_sorted(const ulong +f, ulong n, ulong bO, ulong m) 
// Whether f£[] is sorted wrt. bits b0O,...,b0+z-1 


// where z is the number of bits set in m. 
// m must contain a single run of bits starting at bit zero. 


{ 
m <<= b0; 
for (ulong k=1; k<n; ++k) 
{ 
ulong xm = (f[k-1] & m ) >> b0; 
ulong xp = (f[k] & m ) >> b0; 
if ( xm>xp ) return false; 
return true; 
} 


The function M is the combination of a mask-out and a shift operation. A routine that sorts according 
to bO and m is: 


void 
counting_sort_core(const ulong * restrict f, ulong n, ulong * restrict g, ulong b0O, ulong m) 


[fxtbook draft of 2008-January-19] 


136 


// Write to g[] the array f[] sorted wrt. bits b0,... 
// where z is the number of bits set in m. 
// m must contain a single run of bits starting at bit zero. 


{ 


,b0+z-1 


ulong nb = m+ 1; 
m <<= b0; 
ALLOCA(ulong, cv, nb); 


for (ulong k=0; k<nb; ++k) cvl[k] = 
// --- count: 
for (ulong k=0; k<n; ++k) 
{ 
ulong x = (f[k] & m ) >> b0; 
t++cvE x ]; 
} 
// --- cumulative sums: 
for (ulong k=1; k<nb; ++k) cv[k] += cv[k-1]; 
// --- reorder: 
ulong k = n; 


aoe ( k-- ) // backwards ==> stable sort 


ulong fk = f[k]; 
ulong x = (fk & m) >> b0; 


Chapter 3: Sorting and searching 


--cv[x]; 
ulong i = cv[x]; 
gli] = fk 
} 
} 
Input Stage 1 Stage 2 Stage 3 
m=....11 m= ..11 = il 
vv vv vv 
111.11 ee db fae i eee seeded’ 
tad ed 1144... ee wtdaeak 
ee cs eee 1.41 -1.4.1 
ere eld d pt. ded ot. T1., 
1.1111 soe dawd eleld. di des ds 
si i a ores ae ee Lsvcredd 
rc eg 1.11 jer decaese ll 1.1111 
elel ds 111.11 111.11 11. 
ers ll 1.1111 1111.. 114, ti 
Wl ees ars Lec td 1.1111 A111, 


Figure 3.11-A: Radix sort of 10 six-bit values when using two-bit masks. 


Now we can apply counting sort to a set of bit masks that cover the whole range. Figure shows 
an example with 10 six-bit values and 3 two-bit masks, starting from the least significant bits. This is 


the output of the program [FXT: |sort /radixsort-demo.cc). 


The routine [FXT: radix_sort() in|sort/radixsort.cc, uses 8-bit masks to sort unsigned (long) integers: 


void 

radix_sort(ulong *f, ulong n) 

{ 
ulong nb = 8; // Number of bits sorted with each step 
ulong tnb = BITS_PER_LONG; // Total number of bits 


ulong *fi = f; 


ulong *g = new ulong[n] ; 
ulong m = (1UL<<nb) - 1; 
for (ulong k=1, bO=0; bO<tnb; ++k, b0+=nb) 
{ 
counting_sort_core(f, n, g, bO, m); 
swap2(f, g); 
if ( f!=fi ) // result is actually in g[] 
{ 
swap2(f, g); 
for (ulong k=0; k<n; ++k) f[k] = gIkl]; 
} 
delete [] g; 


[fxtbook draft of 2008-January-19] 


3.12: Searching in unsorted arrays 137 
There is room for optimization. Using two arrays for counting and combining copying with counting for 
the next pass where possible will reduce the number of passes almost by a factor of two. 


A version of radix sort that starts from the most significant bits is given in [212). 


3.12 Searching in unsorted arrays 


We give an overview of the search functions for unordered arrays. 


3.12.1 Minimal and maximal elements in unsorted arrays 


Sorting an array only to determine the minimal (and/or maximal element) is obviously a bad idea because 
these can be found in linear time in the unsorted data. 


Corresponding to all flavors of the sorting routines a min() and max() routine is supplied. We exemplify 
by giving the versions that determine the minimum. 


UE the minimum in an unsorted array corresponding to the ‘plain’ sorting routine: [FXT: 


template <typename Type> 
Type inline min(const Type *f, ulong n) 
// Return minimum of array. 


{ 

Type v = f£[0]; 

while (n-- ) if ( ffnl<v) v =f); 
} return v; 


The index version: [FXT: 


template <typename Type> 
Type idx_min(const Type *f, ulong n, const ulong *x) 
// Return minimum (value) of array elements 


- {f(x(0]], f[xf1]], .. , f{xfn-1]]} 


Type v = f[x[0]]; 
while (n-- ) { if ( flx[n]]<v ) v = flx[n]]; } 
return Vv; 


} 


The pointer version: [FXT: sort/minmaxptr.h 


template <typename Type> 
Type ptr_min(/*const Type *f,*/ ulong n, Type const*const*x) 
// Return minimum (value) of array elements 


c {*x[0], *x[i], .. , *x[n-1]} 


Type v = *x[0]; 
while ( n-- ) { if ( *x[In]<v ) v = *x[n]; } 
return Vv; 


} 
The comparison function version: [FXT: sort/minmaxfunc.h 


template <typename Type> 

Type min(const Type *f, ulong n, int (*cmp)(const Type &, const Type &)) 
// Return minimum (value) of array elements 

// wrt. to comparison function 


{ 

Type v = f[0]; 

while (n-- ) { if ( cmp(ffm],v) <0) v= f{n]; } 
} return v; 


The comparison function with index version: [F XT: |sort/minmaxidxfunc.h 


[fxtbook draft of 2008-January-19] 


138 Chapter 3: Sorting and searching 


template <typename Type> 

Type idx_min(const Type *f, ulong n, const ulong *x, 
int (*cmp) (const Type &, const Type &)) 

// Return minimum (value) of array elements 


// {f£Exf0l], f[xf1]], .. , f[x[m-1]]} 
// with respect to comparison function cmp() 
{ 


Type v = f[x[0]]; 
while (n-- ) { if ( cmp(f[x[n]], v) <0) v = flxfnl]; } 
return vV; 


} 


The comparison function with pointer version: [FXT: |sort/minmaxptrfunc.h 


template <typename Type> 

Type ptr_min(/*const Type *f,*/ ulong n, Type const*const*x, 
int (*cmp) (const Type &, const Type &)) 

// Return minimum (value) of array elements 


// {*x[0], *x[1], .. , *x[n-1]} 
// with respect to comparison function cmp(). 
{ 


Type v = *x[0]; 
while (n-- ) { if ( cmp(*x[m],v)<O ) v = *x[n]; } 
return Vv; 


3.12.2 Searching for values 


To find the first occurrence of a certain value in an unsorted array one can use the routine [FXT: 


sort /usearch.h 


template <typename Type> 

inline ulong first_eq_idx(const Type *f, ulong n, Type v) 
// Return index of first element == v 

He Return n if all !=v 


ulong k = 0; 
while ( (k<n) && (f[k]!=v) ) kt; 
return k; 


} 


The functions first_ne_idx(), first_ge_idx() and first_le_idx() find the first occurrence of an 
element unequal (to v), greater or equal and less or equal, respectively. 


If the last bit of speed matters, one could (see [153] p.267]) replace the shown code by 


template <typename Type> 

inline ulong first_eq_idx(const Type *f, ulong n, Type v) 
// Return index of first element == v 

v Return n if all !=v 


Type s = f[n-1]; 

(Type *)f[n-1] =v; // guarantee that the search stops 
ulong k = 0; 

while ( f[k]!=v ) k++; 

(Type *)f[n-1] = s; // restore value 

if ( (k==n-1) && (v!=s) ) ++k; 

return k; 


} 
The speedup is due to the fact that there is only one branch in the inner loop. The technique is not 
applicable if the writes to the array ‘f[]’ can have any side effects. 


Replace the word first by last in the names to name the function that detect the last element satisfying 
the corresponding condition. For example, 


template <typename Type> 

inline ulong last_ge_idx(const Type *f, ulong n, Type v) 
// Return index of last element >= v 

// Return n if all <v 


ulong k = n-1; 


[fxtbook draft of 2008-January-19] 


3.12: Searching in unsorted arrays 139 


eas ( f[k]<v ) 


if ( O==k ) return n; 


return k; 


3.12.3 Counting values 
The functions in [FXT: sort/ucount.h) count certain elements in unordered arrays. 


template <typename Type> 
inline ulong eq_count(const Type *f, ulong n, Type v) 
// Return number of elements that are ==v 


ulong ct = 0; 
while ( n-- ) if ( f[nJ==v ) ++ct; 
return ct; 


} 


As above, replace eq_ in the function name with ne_, ge_ or le_ to count the number of occurrences of 
elements that are unequal (to v), greater or equal and less or equal, respectively. 


3.12.4 Searching matches 
The routines in [FXT: sort/usearchfunc.h| generalize the functions from [FXT: sort/usearch.h]: A sup- 


plied function implements the condition imposed. For example, 


template <typename Type> 

inline ulong first_idx(const Type *f, ulong n, bool (* func) (Type)) 
// Return index of first element for which func() returns true. 

// Return n if there is no such element. 


ulong k = 0; 
while ( (k<n) && (!func(f[k])) ) k++; 
return k; 


} 


and last_idx() that scans beginning from the greatest index. 


The functions 


template <typename Type> 
inline ulong next_idx(const Type *f, ulong n, bool (* func) (Type), ulong kO) 
te Like first_idx() but start from k0. 

ulong k = kO; 

while ( (k<n) && (!func(f[k])) ) k++; 

return k; 


} 


and previous_idx() determine the next matching element in forward or backward direction. 


3.12.5 Selecting matches: grep 


The routines from [FXT: |sort/grep.h| count or select elements from an unordered array for which a 
condition implemented by a supplied function is true. 
The following function counts the matching elements: 


template <typename Type> 
inline ulong count(const Type *f, ulong n, bool (* func) (Type)) 
// Return number of elements for which func() returns true. 


ulong ct = 0; 


for (ulong k=0; k<n; ++k) if ( func(f[k]) ) ct++; 
return ct; 


[fxtbook draft of 2008-January-19] 


140 Chapter 3: Sorting and searching 


} 
Discard all non-matches using 


template <typename Type> 

inline ulong grep(Type *f, ulong n, bool (* func) (Type) ) 
// Delete elements for which func() returns false. 

// Return number of elements kept. 


{ 
ulong k, j; 
for (k=0,j=0; j<n; ++k,++j) 
{ 
f[k] = £[j]; 
if ( func(f[j]) ) --k; 
return k; 
} 


Record the values of the matches using 


template <typename Type> 

inline ulong grep(const Type *f, ulong n, bool (* func) (Type), Type *g) 
// Make g[] the sequence of values for which func() returns true. 

// Return number of ’matching’ elements found. 


{ 
ulong ct = 0; 
for (ulong k=0; k<n; ++k) if ( func(f[k]) ) glct++] = f[k]; 
return ct; 

} 


Finally, recording the indices of the matches can be done with 


template <typename Type> 

inline ulong grep_idx(const Type *f, ulong n, bool (* func) (Type), ulong *x) 
// Make x[] the sequence of indices for which func() returns true. 

// Return number of ’matching’ elements found. 


{ 
ulong ct = 0; 
for (ulong k=0; k<n; ++k) if ( func(f[k]) ) xl[ct++] =k; 
return ct; 

} 


[fxtbook draft of 2008-January-19] 


141 


Chapter 4 


Data structures 


This chapter presents implementations of the operations on selected data structures like LIFO, FIFO, 
deque and heap. 


4.1 Stack (LIFO) 


A stack (or LIFO for last-in, first-out) is a data structure that supports the operations: push to saves an 
entry and pop to retrieve and remove the entry that was entered last. The occasionally useful operation 
peek retrieves the same element as pop but does not remove it. Similarly, poke modifies the last entry. 
An implementation with the option to let the stack grow when necessary is [FXT: class stack in 


ds/stack.h): 


template <typename Type> 
class stack 


public: 
Type *x_; // data 
ulong s_; // size 


ulong p_; // stack pointer (position of next write), top entry @ p-1 
ulong gq_; // grow gq elements if necessary, 0 for "never grow" 


public: 
stack(ulong n, ulong growq=0) 
s_ =n; 
x_ = new Typel[s_]; 
p._ = 0; // stack is empty 
gq_ = growq; 


~stack() { delete [] x_; } 


private: 

stack & operator = (const stack &); // forbidden 
public: 

ulong num() const 

// return number of entries 


return p_; 


} 
ulong push(Type z) 
// return size of stack, zero on stack overflow 
// if gq_ is nonzero the stack grows 
if ( p_ >= s_ ) 
{ 


if ( 0==gq_ ) return 0; // overflow 
grow() ; 


[fxtbook draft of 2008-January-19] 


142 Chapter 4: Data structures 


ulong pop(Type &z) 

// read top entry and remove it 

// return number of entries at function start 
// if empty return zero and z is undefined 


ulong ret = p_; 


if ( O!=p_) {--p_; z= x_[p_l]; } 
return ret; 


ulong poke(Type z) 

// modify top entry 

// return number of entries 

// if empty return zero and nothing is done 


if ( O!=p_) x_[p_-1] =z; 
return p_; 


} 


ulong peek(Type &z) 

// read top entry (without removing it) 

// return number of entries 

// if empty return zero and z is undefined 


if ( O!=p_) z= x_[p_-1]; 
return p_; 


[--snip--] 
The growth routine is implemented as 
[--snip--] 


private: 
void grow() 


ulong ns = s_ + gq_; // new size 
x_ = ReAlloc<Type>(x_, ns, s_); 
S_ = ns; 


} 
3; 


here we used the function that imports the C function realloc(). 


% man realloc 
#include <stdlib.h> 


void *realloc(void *ptr, size_t size); 


realloc() changes the size of the memory block pointed to by ptr to size 
bytes. The contents will be unchanged to the minimum of the old and new 
sizes; newly allocated memory will be uninitialized. If ptr is NULL, the 
call is equivalent to malloc(size); if size is equal to zero, the call is 
equivalent to free(ptr). Unless ptr is NULL, it must have been returned by 
an earlier call to malloc(), calloc() or realloc(). 


Usage of the C function realloc() can be disabled globally in [FXT: realloc.h): 


#define USE_C_REALLOC // comment out to disable use of realloc() 


#ifdef USE_C_REALLOC 
#include <cstdlib> // realloc() 
#endif 


#ifdef USE_C_REALLOC 
template <typename Type> 


inline Type *ReAlloc(Type *p, ulong n, ulong /*nold*/) 
{ 


return (Type *)realloc((void *)p, n*sizeof(Type)); 
} 
#else 


template <typename Type> 
inline Type *ReAlloc(Type *p, ulong n, ulong nold) 


[fxtbook draft of 2008-January-19] 


4.2: Ring buffer 143 


Type *np = new Type[n]; 

ulong nc = (nold <n ? nold : n); 

for (ulong k=0; k<nc; ++k) npl[k] = pl[k]; 
delete [] p; 

return np; 


} 
#endif 


push( 1) 
push( 2) 
push( 3) 
push( 4) 
push( 5) 
push( 6) 
push( 7) 
pop== 7 
pop== 6 
push( 8) 
pop== 8 
pop== 5 
push( 9) 
pop== 9 
pop== 4 
push(10) 
pop==10 
pop-— 
push(11) 
pop==11 
Pop== 
push (12) 
pop==12 
pop-— 
push(i3) 13 - - - - - - - 
pop==13  - - - - - - = = 
pop== et Ae es a: 
(stack was empty) 
push(14) 14 - - - 
pop==14 - 
pop== pes. tele ee oe ek te 
(stack was empty) 
push(i5) 15 - - - - - - - #=1 


1OIlaADOD 1 
I 
I 


IALADA AAA AAD | 
Lolrnnananan 


10 


IWwwWWwWwWwWwwwwwwwwww ! 


11 - - - - - 


INMNNNNNNNNNNNNNNNNNNDND I! 


a 
ie) 
( 

(| 
' 

I 
I 
I 


PRP RPRBPRP BRP RBPRP BRR RB R BPR RRR BE 


I 

l 

I 
HHHHHHHHH HHH HHH HHH HHH HHH HH OH 
Vind bbb db hb bb td bob db bod ob nb nb ab ow on not 
SCOR OCORPNENWNWKWKHABIHDAAMNATOPWNHE 


! 

' 

' 

I 

I 

l 

l 
EOE HE 
ou tl 
oor 


Figure 4.1-A: Inserting and retrieving elements with a stack. 


A program that shows the working of the stack is [FXT: |ds/stack-demo.cc). An example output where 
the initial size is 4 and the growths-feature enabled (in steps of 4 elements) is shown in figure 


4.2 Ring buffer 


A ring buffer is a array plus read- and write operations that wrap around. That is, if the last position of 
the array is reached writing continues at the begin of the array, thereby erasing the oldest entries. The 
read operation should start at the oldest entry in the array. 


The implementation is [FXT: class ringbuffer in ds/ringbuffer.h|: 


template <typename Type> 
class ringbuffer 


{ 
public: 
Type *x_; // data (ring buffer) 
ulong s_; // allocated size (# of elements) 
ulong n_; // current number of entries in buffer 
ulong wpos_; // next position to write in buffer 
ulong fpos_; // first position to read in buffer 
public: 


[fxtbook draft of 2008-January-19] 


144 


bad 
noua 


“ringbuf 


Chapter 4: Data structures 


ringbuffer(ulong n) 
n; 


new Type[s_]; 


fer() { delete [] x_; } 


ulong num() const { return n_; } 


void insert(const Type &z) 
{ 
x_[wpos_] = z; 
if ( ++wpos_>=s_ ) wpos_ = 0; 
if (n_<s_) +t; 
else fpos_ = wpos_; 
} 
ulong read(ulong n, Type &z) const 
// read entry n (that is, [(fpos_ + n)%s_]) 
// return 0 if entry #n is last in buffer 
v else return n+1 
if ( n>=n_ ) return 0; 
ulong j = fpos_ + n; 
if ( j>=s_) j -= s_; 
z= x_[jl; 
return n+ 1; 
} 

}; 

Reading from the ring buffer goes like: 
ulong k = 0; 

Type z; // type of entry 
while ( (k = f.read(k, z)) ) 

// do something with z 
} 

A program demonstrating the ring buffer is [FXT: ds/ringbuffer-demo.cc), its output is 
insert( 1) 1 #=1 r=1 w=0 
insert( 2) 1 2 #=2 r=2 w=0 
insert( 3) 1 2 8 #=3 r=3 w=0 
insert( 4) 1 2 3 4 #=4 r=0  w=0 
insert( 5) 2 3 4 5 #54 r=1 wet 
insert( 6) 3 4 5 6 #°4 r=2 w=2 
insert( 7) 4 5 6 7 #54 r=3 w=3 
insert( 8) 5 6 7 8 #=4 r=0  w=0 
insert( 9) 6 7 8 9 #54 r=1 wet 


Ring buffers 


can be useful for storing a constant amount of history-data such as for logging purposes. 


For that purpose one would enhance the ringbuffer class so that it uses an additional array of (fixed 
width) strings. The message to log would be copied into the array and the pointer set accordingly. A 
read should then just return the pointer to the string. 


4.3. Queue (FIFO) 


A queue (or FIFO for first-in, first-out) is a data structure that supports two operations: push saves an 
entry and pop retrieves (and removes) the entry that was entered the longest time ago. The occasionally 


useful operat 


ion peek retrieves the same element as pop but does not remove it. 


A utility class with the optional feature of growing if necessary is [FXT: class queue in ds/queue.h): 


template <ty 
class queue 


ee 
public: 


pename Type> 


[fxtbook draft of 2008-January-19] 


4.3: Queue (FIFO) 


Type *xX_; 
ulong s_; 
ulong n_; 
ulong wpos_; 
ulong rpos_; 


// pointer to data 

// allocated size (# of elements) 

// current number of entries in buffer 
// next position to write in buffer 
// next position to read in buffer 


145 


ulong gq_; // grow gq elements if necessary, 0 for "never grow" 
public: 
explicit queue(ulong n, ulong growq=0) 
S_ =n; 
x_ = new Typel[s_]; 
n_ = 0; 
wpos_ = 0; 
rpos_ = 0; 
&° = growq; 


“~queue() { delete [] x_; } 
ulong num() const { return n_; } 


ulong push(const Type &z) 

// Return number of entries. 

// Zero is returned on failure 

// (i.e. space exhausted and 0==gq_) 


{ 


if ( n_ >= s_ ) 


if ( 0O==gq_ ) return 0; // growing disabled 
grow(); 


x_[wpos_] = z; 

++wpos_; 

if ( wpos_>=s_ ) wpos_ = 0; 
+4+n_; 

return n_; 


} 


ulong peek(Type &z) 
// Return number of entries. 
// if zero is returned the value of z is undefined. 


z = x_[rpos_]; 
return n_; 


ulong pop(Type &z) 

// Return number of entries before pop 

// i.e. zero is returned if queue was empty. 

// If zero is returned the value of z is undefined. 


ulong ret = n_; 


if ( O!=n_ ) 

{ 
z = x_[rpos_]; 
++Ypos_; 
if ( rpos_ >= s_) rpos_ = 0; 
--n_; 

} 

return ret; 

} 
private: 


void grow() 


ulong ns = s_ + gq_; // new size 
// move read-position to zero: 
rotate_left(x_, s_, rpos_); 
x_ = ReAlloc<Type>(x_, ns, s_); 
wpos_ = s_; 
rpos_ = 0; 
S_ = ns; 
} 
Nee 


Its working is demonstrated by the program [FXT: \ds/queue-demo.cc]. An example output where the 


[fxtbook draft of 2008-January-19] 


146 Chapter 4: Data structures 


push( 1) 1 - - #=1 r=0 wel 
push( 2) 1 2 - - #=2 r=0 w=2 
push( 3) 1 2 3 - #=3 r=0 8 w=3 
push( 4) 1 2 3 4 #=4  r=0 w=0 
push( 5) 12 3 45 - - - #=5  r=0 w=5 
push( 6) 12 3 4 5 6 - - #=6 r=0 w=6 
push( 7) 12 3 4 5 6 7 - #=7 r=0 w=7 
pop== i - 23 45 6 7 - #=6 r=1 w=7 
pop== 2 - - 3 45 6 7 - #=5 r=2 w=7 
push( 8) - - 3 4 5 6 7 8 #=6 r=2 w=0 
pop== 3 - - - 4 5 6 7 8 #=5 r=3 w=0 
pop==4 - - - - 5 6 7 8 #=4 r=4 w=0 
push( 9) 9 - - - 5 6 7 8 #=5  r=4 wel 
pop== 5 Ss SoS = 6° 8 #=4 r=5 wi 
pop== 6 Soe eS a Ss T 8 #=3 0 «r=6 wi 
push(i0) 910 - - - 7 8 #=4  r=6 w=2 
pop== 910 = = = - 8 #=30 r=7 w=2 
pop== 9:10) = = SS #=2 xr=0 w=2 
push(i1) 91011 - - - - - #=30 0 «r=0) 8 w=3 
pop== = 10-12 = = S-= = #=2 r=1 w=3 
pop==10 = = 11 = = = = = #=1 r=2  w=3 
push(i2) - - 1112 - - - - #=2 r=2 w=4 
pop==11 = Sede SS SS #=1 r=3w=4 
pop==12 SR 2S OS) Sr SS #=0 r=4 w=4 
push(13) - - - -13 - - - #=1 r=4 w=5 
pop==13 oH I GaSe RP ee #=0 r=5 w=5 
pop== SS So See eS #=0 r=5 w=5 
(queue was empty) 
push(14) - - - - - 14 - - #=1 r=5 w=6 
pop==14 - - - - = = = = #=0 r=6 w=6 
pop== = Sy ee St SS oe #=0 r=6 w=6 
(queue was empty) 
push(i5) - - - - - -15 - #=1 r=6 w=7 


Figure 4.3-A: Inserting and retrieving elements with a queue. 


initial size is 4 and the growths-feature enabled (in steps of 4 elements) is shown in figure Compare 
to the corresponding figure for the stack, figure [4.1-A]on page 


4.4 Deque (double-ended queue) 


A deque (for double-ended queue) combines the data structures stack and queue: insertion and deletion 
is possible both at the first- and the last position, all in time-O(1). An implementation with the option 
to let the stack grow when necessary is [FXT: class deque in ds/deque.h 

template <typename Type> 

class deque 


{ 
public: 
Type *x_; // data (ring buffer) 
ulong s_; // allocated size (# of elements) 
ulong n_; // current number of entries in buffer 
ulong fpos_; // position of first element in buffer 
// insert_first() will write to (fpos-1)%n 
ulong lpos_; // position of last element in buffer plus one 
// insert_last() will write to lpos, n==(lpos-fpos) (mod s) 
// entries are at [fpos, ... , lpos-1] (range may be empty) 
ulong gq_; // grow gq elements if necessary, 0 for "never grow" 
public: 
explicit deque(ulong n, ulong growq=0) 
: S_ =n; 
x_ = new Type[s_]; 
n_ = 0; 
fpos_ = 0; 


[fxtbook draft of 2008-January-19] 


4.4: Deque (double-ended queue) 147 


gq_ = growq; 
} 


“deque() { delete [] x_; } 
ulong num() const { return n_; } 


ulong insert_first(const Type &z) 

// returns number of entries after insertion 
// zero is returned on failure 

// (i.e. space exhausted and 0==gq_) 


{ 
if ( n_>=s_ ) 
if ( 0==gq_ ) return 0; // growing disabled 
grow(); 
--fpos_; 
if ( fpos_ == -1UL ) fpos_ = s_ - 1; 
x_[fpos_] = z; 
+4+n_; 
return n_; 
} 


ulong insert_last(const Type &z) 
// returns number of entries after insertion 
// zero is returned on failure 

(i.e. space exhausted and 0==gq_) 


{ 
if ( n_ >= s_ ) 
if ( 0==gq_ ) return 0; // growing disabled 
grow(); 
x_[lpos_] = z; 
++lpos_; 
if ( lpos_>=s_ ) Ilpos_ = 0; 
+4+n_; 
return n_; 
} 


ulong extract_first(Type & z) 
// return number of elements before extract 
// return 0 if extract on empty deque was attempted 


{ 
if ( 0==n_ ) return 0; 
z = x_[fpos_]; 
++fpos_; 
if ( fpos_ >= s_) fpos_ = 0; 
--n_; 
return He ds 
} 


ulong extract_last(Type & z) 
// return number of elements before extract 
// return 0 if extract on empty deque was attempted 


{ 
if ( 0O==n_ ) return 0; 
--lpos_; 
if ( lpos_ == -1UL ) lpos_ = s_ - 1; 
z = x_[lpos_]; 
--n_; 
return n_ + 1; 
} 


ulong read_first(Type & z) const 
// read (but don’t remove) first entry 
// return number of elements (i.e. on error return zero) 


if ( 0==n_ ) return 0; 


z = x_[fpos_]; 
return n_; 


ulong read_last(Type & z) const 
// read (but don’t remove) last entry 


[fxtbook draft of 2008-January-19] 


148 Chapter 4: Data structures 


// return number of elements (i.e. on error return zero) 


return read(n_-1, z); // ok for n_== 


ulong read(ulong k, Type & z) const 

// read entry k (that is, [(fpos_ + k)%s_]) 
// return 0 if k>=n_ 

// else return k+1 


if ( k>=n_ ) return 0; 
ulong j = fpos_ + k; 

if ( j>=s_) j -= s_; 
z= x_[jl; 

return k +1; 


} 
private: 

void grow() 

{ 
ulong ns = s_ + gq_; // new size 
// Move read-position to zero: 
rotate_left(x_, s_, fpos_); 
x_ = ReAlloc<Type>(x_, ns, s_); 
fpos_ = 0; 
lpos_ = n_; 
S_ = ns; 

} 

}; 

insert_first( 1) 1 
insert_last (51) 1 51 
insert_first( 2) 2 151 
insert_last (52) 2 151 52 
insert_first( 3) 3 2 151 52 
insert_last (53) 3 2 1 51 52 53 
extract_first()= 3 2 151 52 53 
extract_last()= 53 2 151 52 
insert_first( 4) 4 2 151 52 
insert_last (54) 4 2 151 52 54 
extract_first()= 4 2 151 52 54 
extract_last()= 54 2 151 52 
extract_first()= 2 151 52 
extract_last()= 52 1 51 
extract_first()= 1 51 
extract_last()= 51 
insert_first( 5) 5 
insert_last (55) 5 55 
extract_firstQ= 5 55 


extract_last()= 55 
extract_first()= (deque is empty) 
extract_last()= (deque is empty) 
insert_first( 7) 7 
insert_last (57) 7 57 


Figure 4.4-A: Inserting and retrieving elements with a queue. 


Its working is shown in figure which was created with the program [FXT: ds/deque-demo.cc). 


4.5 Heap and priority queue 


A binary heap is a binary tree where the left and right children are smaller than or equal to their parent 
node. The following function determines whether a given array is a heap [FXT: \ds/heap.hi: 


template <typename Type> 

ulong test_heap(const Type *x, ulong n) 

// return 0 if x[] has heap property 

// else index of node found to be bigger than its parent 


{ 
const Type *p = x - 1; 
for (ulong k=n; k>1; --k) 


[fxtbook draft of 2008-January-19] 


4.5: Heap and priority queue 149 


ulong t = (k>>1); // parent (k) 
if ( p[t]<p[k] ) return k; 


} 
return 0; // has heap property 
} 


It turns out that a unordered array of size n can be reordered to a heap in O(n) time, see p.145]. 
The routine 


template <typename Type> 
void build_heap(Type *x, ulong n) 
// reorder data to a heap 


for (ulong j=(m>>1); j>0; --j) heapify1(x-1, n, j); 
} 


does the trick. It uses the following subroutine that runs in time O(log n): 


template <typename Type> 

void heapify1(Type *z, ulong n, ulong k) 

// subject to the condition that the trees below the children of node 
// k are heaps, move the element z[k] (down) until the tree below node 
// k is a heap. 


// 
// data expected in z[1..n] (!) 


: ulong m = k; 
ulong 1 = (k<<1); // left(k); 
if ( (1 <= n) && (z[1] > z[k]) ) m=1; 
ulong r = (k<<1) + 1; // right(k); 
if ( (r <= n) && (z[r] > z[m]) ) mer; 
if (m!=k) 
swap2(z[k], z[m]); 
heapifyi(z, n, m); 
} 
} 


Heaps are useful to build a so-called priority queue. This is a data structure that supports insertion of an 
element and extraction of the maximal element it contains both in an efficient manner. A priority queue 
can be used to ‘schedule’ a certain event for a given point in time and return the next pending event. 


A new element can be inserted into a heap in O(log(n)) time by appending it and moving it towards the 
root (that is, the first element) as necessary: 


bool heap_insert (Type *x, ulong n, ulong s, Type t) 

// with x[] a heap of current size n 

// and max size s (i.e. space for s elements allocated) 
// insert t and restore heap-property. 


// Return true if successful 
else (i.e. space exhausted) false 


// 
// Takes time \log(n) 
{ 


if (n> s ) return false; 
+4n; 


Type *xl = x - 1; 
ulong j = n; 


{ 
ulong k = (j>>1); // k==parent(j) 
if ( xifk] >= +t) break; 
x1[j] = x1[k]; 
j =k; 
xifj] = t; 


return true; 


} 
Similarly, the maximal element can be removed in time O(log(n)): 


template <typename Type> 


[fxtbook draft of 2008-January-19] 


150 Chapter 4: Data structures 


Type heap_extract_max(Type *x, ulong n) 
// Return maximal element of heap and 
// restore heap structure. 

// Return value is undefined for O0==n 


Type *x1 =x - 1; 

xif1] = x1t[nl; 

=-n; 

heapify1(x1, n, 1); 
} 


// else error 
return m; 


} 


Two modifications seem appropriate: firstly, replacement of extract_max() by a extract next (), leaving 
it as an (compile time) option whether to extract the minimal or the maximal element. This is achieved 
by changing the comparison operators at a few strategic places so that the heap is built either as described 
above or with its minimum as first element: 

#if 1 

// next() is the one with the smallest key 


// i.e. extract_next() is extract_min() 
#define _CMP_ < 

#define _CMPEQ_ <= 

#else 

// next() is the one with the biggest key 
// i.e. extract_next() is extract_max() 
#define _CMP_ > 

#define _CMPEQ_ >= 

#endif 


Secondly, augmenting the elements used by a event description that can be freely defined. [FXT: class 
priority_queue in|ds/priorityqueue.hi: 


template <typename Typel, typename Type2> 
class priority_queue 


or 

public: 
Typel *t1_; // time: t1[1..s]  one-based array! 
Type2 *e1_; // events: e1[1..s]  one-based array! 


ulong s_; // allocated size (# of elements) 

ulong n_; // current number of events 

ulong gq_; // grow gq elements if necessary, 0 for "never grow" 
public: 


priority_queue(ulong n, ulong growq=0) 


S_ =n; 


ti_ = new Typeil[s 
e1_ = new Type2[s 


al = 1s 

el ie 
n_ = 0; 

} gq_ = growq; 


~priority_queue() 


delete [] (t1i_+1); 
delete [] (e1_+1); 


ulong num() const { return n_; } 


Typel get_next_t() const { return t1_[1]; } 
Type2 get_next_e() const { return e1_[1]; } 


Typel get_next(Type2 &e) const 
// No check if empty 


{ 
e = el_[1]; 
return ti_[1]; 


Type1 extract_next(Type2 ke) 


Typel m = get_next(e) ; 


[fxtbook draft of 2008-January-19] 


4.5: Heap and priority queue 151 


if (0 !=n_ ) 
{ 


ti_[1] = ti_m_]; e1_[1] = ei_fm_]; 
--n_; 
heapify1(1); 


// else error 
return m; 


} 


bool insert(const Type1 &t, const Type2 ke) 

// Insert event e at time t 

// Return true if successful 

// else (i.e. space exhausted and 0==gq_) false 


{ 
if (n_>=s_) 
if ( 0==gq_ ) return false; // growing disabled 
grow(); 
+4+n_; 
ulong j = n_; 
while (j>1) 
{ 
ulong k = (j>>1); // k==parent(j) 
if ( t1_[k] _CMPEQ_ t )_ break; 
ti_[j] = t1_[k]; e1_[j] = e1_[kl; 
j =k; 
ti_(j] = t; 
e1i_[j] =e; 
return true; 
} 


The member function reschedule_next() is more efficient than the sequence extract_next(); 
insert ();, as it calls heapify1() only once: 


void reschedule_next(Type1 t) 
ti_[1] =t; 
heapify1(1); 
The heapify1() function is tail recursive, so we make it iterative: 


private: 
void heapify1(ulong k) 


ulong m = k; 
hstart: 
ulong 1 = (k<<1); // left(k); 
ulong r= 1+ 1; // right(k); 
if ( (1 <= n_) && (ti_[1] _cCMP_ ti_[k]) ) m=1; 
if ( (re <= n_) && (ti_[r] _CMP_ ti_[m]) ) me=vr; 


if (m !=k) 
{ 


swap2(ti_[k], t1_[m]); swap2(e1_[k], e1_[m]); 
// heapify1(m) ; 
k = . 


=m; 
goto hstart; // tail recursion 


} 

[--snip--] 
The second argument of the constructor determines the number of elements added in case of growth, it 
is disabled (equals zero) by default. 


[--snip--] 
private: 
void grow() 


ulong ns = s_+ gq; // new size 

ti_ = ReAlloc<Type1>(t1_+1, ns, s_) - 1; 
e1_ = ReAlloc<Type2>(e1_t+1, ns, s_) - 1; 
S_ = ns; 


[fxtbook draft of 2008-January-19] 


152 Chapter 4: Data structures 


3; 


Inserting into piority_queue: Extracting from piority_queue: 

# : event @ time # : event @ time 
O: @ 0.840188 9: @ 0.197551 
1: @ 0.394383 8: I @ 0.277775 
2: C @ 0.783099 re G @ 0.335223 
3: D @ 0.79844 6: B @ 0.394383 
4: E @ 0.911647 5: J @ 0.55397 
5: F @ 0.197551 4: H @ 0.76823 
6: G @ 0.335223 3: C @ 0.783099 
7: H @ 0.76823 2: D @ 0.79844 
8: I @ 0.277775 1: A @ 0.840188 
9: J @ 0.55397 O: E @ 0.911647 

Figure 4.5-A: Insertion of events labeled ‘A’, ‘B’, ..., ‘J’ scheduled for random times into a priority 


queue (left) and subsequent extraction (right). 


The program [FXT: ds/priorityqueue-demo.cc] inserts events at random times 0 < t < 1, then extracts 
all of them. It gives the output shown in figure A more typical usage would intermix the insertions 
and extractions. 


4.6 Bit-array 


The use of bit-arrays should be obvious: an array of tag values (like ‘seen’ versus ‘unseen’) where all 
standard data types would be a waste of space. Besides reading and writing individual bits one should 
implement a convenient search for the next set (or cleared) bit. 


The class [FXT: class bitarray in ds/bitarray.h) is used, for example, for lists of small primes [FXT: 
, for in-place transposition routines [FXT: aux2/transpose.h| (see section [2.3]on page [89) 
and several operations on permutations (see section on page |111). 


class bitarray 
// Bit-array class mostly for use as memory saving array of boolean values. 
// Valid index is 0...nb_-1 (as usual in C arrays). 


al 
public: 
ulong *f_; // bit bucket 
ulong n_; // number of bits 
ulong nfw_; // number of words where all bits are used, may be zero 
ulong mp_; // mask for partially used word if there is one, else zero 


// (ones are at the positions of the _unused_ bits) 
bool myfq_; // whether f[] was allocated by class 
[--snip--] 


The constructor allocates memory by default. If the second argument is nonzero it must point to an 
accessible memory range: 


bitarray(ulong nbits, ulong *f=0) 
// nbits must be nonzero 


ulong nw = ctor_core(nbits) ; 
if ( f!=0 ) 


f_ = (ulong *)f; 
myfq_ = false; 


else 


f_ = new ulong[nw] ; 
myfq_ = true; 


} 
The public methods are 


[fxtbook draft of 2008-January-19] 


4.6: Bit-array 153 


// operations on bit n: 
ulong test(ulong n) const // Test whether n-th bit set 


void set(ulong n) // Set n-th bit 

void clear(ulong n) // Clear n-th bit 

void change(ulong n) // Toggle n-th bit 

ulong test_set(ulong n) // Test whether n-th bit is set and set it 


ulong test_clear(ulong n) // Test whether n-th bit is set and clear it 
ulong test_change(ulong n) // Test whether n-th bit is set and toggle it 


// Operations on all bits: 


void clear_all() // Clear all bits 
void set_all() // Set all bits 
int all_set_q() const; // Return whether all bits are set 


int all_clear_q() const; // Return whether all bits are clear 


// Scanning the array: 
// Note: the given index n is included in the search 
ulong next_set_idx(ulong n) const // Return index of next set or value beyond end 
ulong next_clear_idx(ulong n) const // Return index of next clear or value beyond end 


Combined operations like ‘test-and-set-bit’, ‘test-and-clear-bit’, ‘test-and-change-bit’ are often needed 
in applications that use bit-arrays. This is underlined by the fact that modern CPUs typically have 
instructions implementing these operations. 


The class does not supply overloading of the array-index operator [] because the writing variant 
would cause a performance penalty. One might want to add ‘sparse’-versions of the scan functions 
(next_set_idx() and next_clear_idx()) for large bit-arrays with only few bits set or unset. 


On the AMD64 architecture the corresponding CPU instructions are used [FXT: bits/bitasm-amd64.h]: 


static inline ulong asm_bts(ulong *f, ulong i) 
C Bit Test and Set 


ulong ret; 
asm ( "btsq 42, %1 \n" 
"sbbq %0, %0" 
"=r" (ret) 
"Mm" (*£), Wy (i) ); 
return ret; 


} 
If no specialized CPU instructions are available the following two macros are used: 


#define DIVMOD(n, d, bm) \ 
ulong d = n / BITS_PER_LONG; \ 
ulong bm = 1UL << (n % BITS_PER_LONG) ; 


#define DIVMOD_TEST(n, d, bm) \ 

ulong d = n / BITS_PER_LONG; \ 

ulong bm = 1UL << (n % BITS_PER_LONG); \ 
ulong t = bm & f_[d]; 


An example: 
ulong test_set(ulong n) // Test whether n-th bit is set and set it. 


{ 
#ifdef BITS_USE_ASM 
return asm_bts(f_, n); 


#else 
DIVMOD_TEST(n, d, bm); 
f_[d] |= bm; 
return t; 

ponent 


Performance is still good in that case as the modulo operation and division by BITS_PER_LONG (a power 
of two) are replaced with cheap (bit-and and shift) operations. On the machine described in appendix [A] 
on page both versions give practically identical performance. 

How out of bounds are handled can be defined at the beginning of the header file: 

#define CHECK 0 // define to disable check of out of bounds access 


//#define CHECK 1 // define to handle out of bounds access 
//#define CHECK 2 // define to fail with out of bounds access 


[fxtbook draft of 2008-January-19] 


154 Chapter 4: Data structures 


4.7 Finite-state machines 


A finite-state machine (FSM) (or state-engine) in its simplest form can be described as a program that 
has finite set of valid states and for each state a certain action is taken. In C-syntax: 


void state_engine(int state) 


{ 
ere ( state != end ) 
// valid states are: sti ... stn (and end) 
oe ( state ) 
case sti: state = funci(); break; 
case st2: state = func2(); break; 
case st3: state = func3();_ break; 
[--snip--] 
case stn: state = funcn(); break; 
default: blue_smoke(); // invalid state 
} 
} 
rae main() 
// initialize: 
int state = start; 
state_engine( state ); 
return 0; 
} 


As an example we show a state engine that transforms a linear coordinate t into the corresponding pair 
(a and y) of coordinates of Hilbert’s space-filling curve. 


Apart from two bits of internal state the FSM processes at each step two bits of input. The array htab[] 
serves as lookup table for the next state plus two bits of the result. 


The function ([FXT: lin2hilbert () in bits/hilbert.cc ) implements a FSM as suggested in [30], item 115: 


void 
lin2hilbert(ulong t, ulong &x, ulong &y) 
// Transform linear coordinate t to Hilbert x and y 


{ 
ulong xv = 0, yv = 0; 
ulong cO1 = (0<<2); // (2<<2) for transposed output (swapped x, y) 
for (ulong i=0; i<(BITS_PER_LONG/2); ++i) 
{ 
ulong abi = t >> (BITS_PER_LONG-2) ; 
t <<= 2; 
ulong st = htab[ (c01<<2) | abi ]; 
cO1 = st & 3; 
yv <<= 1; 
yv |= ((st>>2) & 1); 
xv <<= 1; 
xv |= (st>>3); 
} = XV; y = yv; 
} 


The table used is defined (see figure|4.7-A) as 


static const ulong htab[] = { 
#define HT(xi,yi,c0,c1) ((xi<<3)+(yi<<2)+(c0<<1)+(c1)) 
// index == HT(c0,c1,ai,bi) 


HT( 0, 0, 1,0), 

HT( 0, 1, 0,0), 

HTC 1, 1, 0,0), 

HT( 1, 0, 0,1), 
{[--snip--] 

HT( 0, 0, 1,1), 

HT( 0, 1, 1, 0) 


3; 


As indicated in the code the table maps every four bits cO,c1,ai,bi to four bits xi,yi,c0,c1. The 
table for the inverse function (again, see figure |4.7-A) is 


[fxtbook draft of 2008-January-19] 


4.7: Finite-state machines 


155 


OLD NEW NEW OLD 
xX A 


PRERREEEROOOOOO0O0O 
FPEEEFOCOCORPFPEHOOOO 
FPROOFPFOORRFOOFRFOO 
FRORORORORORORORO 
CORPFPORKROROORHH OO 
RPOORPRFROOCOCORRORHO 
FPEREORRROOCOOROOOR 
OR PEROCOORHEHOOO 
PRERREEREROOOOO0O00 
FEREOOOCOREHKHOOOO 
RPROORROORROORFOO 
FORPOFPORPORPOFPOFRFOFO 
COPRFPROROORORBREHOO 
OP FPOOFPRFPOORFROOFRFHO 
ORPEBREBHOROOCOCOOH 


FPROROOFRORORPFROROO 


Figure 4.7-A: The original table from for the finite state machine for the 2-dimensional Hilbert 
curve (left). All sixteen 4-bit words appear in both the ‘OLD’ and the ‘NEW’ column. So the algorithm is 
invertible. Swap the columns and sort numerically to obtain the two columns at the right, the table for 


the inverse function. 


static const ulong ihtab[] = { 

#define IHT(ai,bi,c0,c1) ((ai<<3)+(bi<<2)+(c0<<1)+(c1)) 
// index == HT(c0,c1,xi,yi) 
IHT( 0, 0, » 0), 
IHT( 0, 1, ) 
IHT( 1, 1, 
IHT( 1, 0, 

{[--snip--] 

IHT( 0, 1, 1 
IHT( 0, 0, O, 


. 
); 


—s 


); 
) 
ae 


The words have to be processed backwards: 


ulong 
hilbert2lin(ulong x, ulong y) 
// Transform Hilbert x and y to linear coordinate t 


ulong t = 0; 
ulong c01 = 0; 
for (ulong i=0; i<(BITS_PER_LONG/2); ++i) 


t <<= 2; 
ulong xi 
xi &= 1; 
ulong yi 
yi & 1; 
ulong xyi = (xi<<1) | yi; 
x <<= 1; 

y <<= 1; 


ulong st = ihtab[ (c01<<2) | xyi ]; 
cO1 = st & 3; 


t l= (st>>2); 


x >> (BITS_PER_LONG/2-1) ; 


y >> (BITS_PER_LONG/2-1) ; 


return t; 


A method to compute the a (left, right, up or down) at the n-th move of the Hilbert curve is 


given in section[I.19]on page The computation of a function yee series coefficients are 
according to the Hilbert curve is described in section [36.9] on page [712] 


[fxtbook draft of 2008-January-19] 


1 and 


1 


156 Chapter 4: Data structures 


4.8 Emulation of coroutines 


Sometimes it is possible to find an recursive algorithm for solving some problem that is not easily solved 
iteratively. However the recursive implementations might produce the results in midst of its calling graph. 
When a utility class providing the results one by one with some next call is required there is an apparent 
problem (with most programming languages): there is only one stack available for function calls. We do 
not have ‘offline’ functions or coroutines. 


As an example consider the following recursive code (given by Glenn Rhoads) 


int n = 4; 
int aln+i], q[2*nt+1]; 


int main() 


paren(0, 0); 
return 0; 
} 
void paren(long i, long s) 
long k, t; 
if ( i<n ) 
{ 
for (k=0; k<=i-s; ++k) 
{ 
ali-1] =k; 
t =s + af[i-i]; 
q[t +i] = 70; 
paren(i + 1, t); // recursion 
q(t + i] = ’)?’; 
} 
} 
else 
afi-1] =n-s; 
Visit(); // next set of parens available 
} 


} 


It generates following output (the different ways to group four pairs of parenthesis): 


((CQ22) 
(CQO) 
(CQ) 0) 
(COO 
CQO)? 
CQQO) 
CQO)DQ 
CQ) CO) 
COIXQQ 
Q¢CO2) 
QCQO) 
QCOIO 
QQCO) 
OO00 


A reasonable way to create coroutines is to rewrite the function as a state engine and use a class [FXT: 
class coroutine in ds/coroutine.h) that provides two stacks, one for local variables (including argu- 
ments) and one for the state of the function: 


template <typename Type> 
class coroutine 


public: 
ulong *t_; // sTate stack 
ulong tp_; // sTate stack Pointer 
Type *d_; // Data stack 
ulong dp_; // Data stack Pointer 


ulong n_; // size of stacks 
public: 

coroutine(ulong maxdepth) 

a 


n_ = maxdepth; 


[fxtbook draft of 2008-January-19] 


4.8: Emulation of coroutines 157 


t_ = new ulong[n_]; 
d_ = new Type[n_]; 
init; 


~coroutine() 


delete [] d_; 
delete [] t_; 


void init() { dp_=0; tp_=0; } 

// --- state stack: 

void stpush(ulong x) { chk_tp(); t_[tp_] = x; ++tp_; } 
ulong stpeek() const { chk_tp(1); return t_[tp_-i]; } 
void stpoke(ulong x) { chk_tp(1); t_[tp_-1] = x; } 
void stpop(ulong ct=1) { tp_-=ct; } 

void stnext() { chk_tp(1); ++t_[tp_-i]; } 

void stnext(ulong x) { chk_tp(1); t_I[tp_-1] = x; } 

bool more() const { return (tp_!=0); } 


// --- stack for variables and args: 

void push(Type x) { chk_dp(Q); d_[dp_] =x; ++dp_; } 
Type &peek() { chk_dp(1); return d_[dp_-1]; } 

void pop(ulong ct=1) { dp_-=ct; } 


private: 
coroutine & operator = (const coroutine &); // forbidden 


5 
The functions chk_tp() andchk_dp() either check for stack overflow or do nothing, as defined by 
#define CHECK_STACKS // define to detect stack overflow 


Rewriting the function in question (as part of a utility class, given in [FXT: ds/coroutine-paren-demo.cc]) 


only requires the understanding of the language, not of the algorithm. e process is straightforward 
but needs a bit of concentration: 

int 

paren: :next_recursion() 


{ 
redo: 
vars &V = cr_->peek(); 


int &i=V.i, &s=V.s; // args 

int &k=V.k, &t=V.t; // locals 
loop: 

switch ( cr_->stpeek() ) 

{ 


case 0: 
if ( i>=n ) 
x[i-1] =n- s; 
cr_->stnext( ST_RETURN ); return 1; 
cr_->stnext(); 


case 1: 
// loop end ? 


if ( k>i-s ) { break; } // shortcut: nothing to do at end 
cr_->stnext(); 


case 2: // start of loop body 


{ ae 
long ii =i - 1; 
x[ii] =k; 
t=s +k; 
str[tt+i] = ’?(?; // OPEN_CHAR; 
cr_->stnext(); 
CORO_CALL( iti, t, 0, 0); 
goto redo; 
} 
case 3: 
str[tt+i] = ’)’; // CLOSE_CHAR; 
++k; 


// loop end ? 


[fxtbook draft of 2008-January-19] 


158 Chapter 4: Data structures 


if ( k>i-s ) { break; } // shortcut: nothing to do at end 
cr_->stpoke(2); goto loop; // shortcut: back to loop body 
default: ; 
} 


CORO_RETURN() ; 


if ( cr_->more() ) goto redo; 


return 0; 
} 
The following #define was used: 
// args=(i, s) (k, t)=locals 


#define CORO_CALL(vi, vs, vk, vt) \ 
{ vars V_; V_.i=vi; V_.s=vs; V_.k=vk; V_.t=vt; \ 
cr_->push(V_); cr_->stpush(ST_INIT); } 


The constructor pushes the needed variables and parameters on the data stack and the initial state on 
the state stack: 


paren: :paren(int nn) 
{ 

n = (nn>0 ? nn: 1); 

= new int[n+1]; 
str = new char[2*n+1]; 
i = 0: 

for ( ; i<n ; ++i) str{[il 
for ( ; i<2*n; ++i) str[il 
str[2*n] = 0; 


cr_ = new coroutine<vars>(n+1); 


// i, s, k, t 
CORO_CALL( 0, 0, 0, 0 ); 
idx = 0; 

q = next_recursion(); 


?>(?; // OPEN_CHAR; 
>)’; // CLOSE_CHAR; 


} 
The method next () of the paren class lets the offline function advance until the next result is available: 


int paren: :next() 


if ( 0==q ) return 0; 
else 


q = next_recursion() ; 
return (q ? +tidx : 0 ); 


} 


Performance-wise the coroutine-rewritten functions are close to the original: state engines are fast and 
the stack operations are cheap. 


The shown method can also be applied when the recursive algorithm consists of more than one function 
by merging the functions into one state engine. 


Further, investigating the contents of the data stack can be of help in the search of a iterative solution. 


The code of the converted functions is admittedly ugly but without a generic support of coroutines it 
seems hard to du much better. One could also use threads for the emulation of coroutines. This approach, 
however, adds portability problems. 


An iterative algorithm for the generation of valid pairings or parenthesis is given in chapter[I3]on page 


[fxtbook draft of 2008-January-19] 


Part II 


Combinatorial generation 


[fxtbook draft of 2008-January-19] 


159 


161 


Chapter 5 


Conventions and considerations 


We give algorithms for the generation of all combinatorial objects of certain types such as for the gener- 
ation of combinations, compositions, subsets, permutations, integer partitions, set partitions, restricted 
growth strings and necklaces. Finally, we give some constructions for Hadamard and conference matri- 
ces. Several (more esoteric) combinatorial objects that are found via searching in directed graphs are 
presented in chapter [19] 


The routines are useful in situations where an exhaustive search over all configurations of a certain kind 
is needed. Combinatorial algorithms are also fundamental with many programming problems and finally 
they can simply be fun! 


5.1 About representations and orders 


For a set of n elements we will always take either {0,1,...,2.—1} or {1,2,...,n}. Our convention for 
the set notation is to always start with the smallest element. Often there is more than one useful way 
to represent a combinatorial object. For example the subset {1,4,6} of the set {0,1,2,3,4,5,6} can also 
be written as a delta set [0100101]. Some sources use the term bit string. We often write dots for zeros 
for readability: [.1..1.1]. Note that in the delta set we put the first element to the left side (array 
notation), this is in contrast to the usual way to print binary numbers, where the least significant bit (bit 
number zero) is shown on the right side. 


For most objects we will give an algorithm for generation in lexicographic (or simply lex) order. In 
lexicographic order a string X = [x9,21,...] precedes another string Y = [yo, yi,...] if for the smallest 
index & where the strings differ we have x, < yz. Further, the string X precedes X.W (the concatenation 
of X with W) for any nonempty string W. The ordering obtained by reversing the lexicographic order is 
sometimes called relez order. The co-lexicographic (or simply colex) order is obtained by the lex order 
of the reversed strings. The order sometimes depends on the representation that is used, see figure [8.1-A] 


on page [I9]] 


In a minimal-change order the amount of change between successive objects is the least possible. Such an 
order is also called a (combinatorial) Gray code. There is in general more than one such order. Often one 
can impose even stricter conditions, like that (with permutations) the changes are between neighboring 
positions. The corresponding order is a strong minimal-change order. A very readable survey of Gray 


codes in given in [235], see also [206]. 


[fxtbook draft of 2008-January-19] 


162 Chapter 5: Conventions and considerations 
5.2 Ranking, unranking, and counting 


For a particular ordering of combinatorial objects (say, lexicographic order for permutations) one can ask 
which position in the list a given object has. An algorithm for finding the position is called a ranking 
algorithm. An method to determine the object, given its position, is called an unranking algorithm. 


Given both ranking and unranking methods one can compute the successor of a given object by computing 
its rank r and unranking r+ 1. While this method is usually slow the idea can be used to find more 
efficient algorithms for computing the successor. In addition the idea often suggests interesting orderings 
for combinatorial objects. 


We sometimes give ranking or unranking methods for numbers in special forms such as factorial represen- 
tations for permutations. Ranking and unranking methods are implicit in generation algorithms based 
on mixed radix counting given in section on page [244] 


A simple but surprisingly powerful way for the discovery of isomorphisms (one-to-one correspondences) 
between combinatorial objects is counting them. If the sequences of numbers of two kinds of objects are 
identical chances are good to find a conversion routine between the corresponding objects. For example, 
there are 2” permutations of n elements such that no element lies more than one position to the right 
of its original position. From this observation an algorithm for generating these permutations via binary 


counting can be found, see section }10.15.2/on page [270] 


The representation of combinatorial objects as restricted growth strings (as shown in section on 
page |301) follows from the same idea. The resulting generation methods can be very fast and flexible. 


Recursive relations for the number of objects often lead to recursive generation algorithms (see, for 


example, section |6.3}on page|170|and section |11.2.1]on page |277)). 
g g 


5.3 Characteristics of the algorithms 


In almost all cases we produce the combinatorial objects on by one. Let n be the size of the object. The 
successor (with respect to the specified order) is computed from the object itself and additional data 
whose size is less than a constant multiple of n. 


Let B be the total number of combinatorial objects under consideration. Sometimes the cost of a successor 
computation is proportional to n. Then the total cost for generating all objects is proportional to n- B. 


If the successor computation takes a fixed number of operations (independent of the object size) then we 
say the algorithm is O(1). If so, there can be no loop in the implementation, we say the algorithm is 
loopless. The total cost for all objects then is c- B for some c independent of the object size. A loopless 
algorithm can only exist is the amount of change between successive object is bounded by a constant 
that does not depend on the object size. Natural candidates for loopless algorithms are Gray codes. 


In many cases the cost of computing all objects is also c- B while the computation of the successor 
does involve a loop. As an example consider incrementing in binary using arrays: in half of the cases 
just the lowest bit changes, for half of the remaining cases just two bits change, and so on. The total 
cost is B- (1+ 4(1+ $(---))) = 2-B, independent of the number of bits used. So the total cost is as 
in the loopless case while the successor computation can be expensive in some cases. Algorithms with 
this characteristic are called constant amortized time (or CAT). Often CAT algorithms are faster than 
loopless algorithms, typically when their structure is more simple. 


5.4 Optimization techniques 


Let x be an array of n elements. The loop 


[fxtbook draft of 2008-January-19] 


5.4: Optimization techniques 163 


ulong k = 0; 
while ( (k<n) && (x[k]!=0) ) ++k; // find first zero 


can be replaced by 
ulong k = 0; 
while ( x[k]!=0 ) ++k; // find first zero 
if a single sentinel element x[n]=0 is appended to the end of the array. The latter version will often be 
faster as less branches occur. 
In some cases we replace a pointer as in 
class foo { 
ulong *x; 
foo(ulong n) { x = new ulong[n]; /*...*/ } 
by an array 


class foo { 
ulong x[32]; // works for n<=32 only 
foo(ulong n) { /*...*/ } 


The latter version can be faster as the memory address can often be generated more cheaply. This 
optimization applies to most algorithms for the generation of permutations. 
The test for equality as in 


ulong k = 0; 
while ( k!=n ) { /*...*/ ++k; } 


is more expensive than the test for equality with zero as in 
ulong k = n; 
while ( --k!=0 ) { /*...*/ } 
Therefore the latter version should be used when applicable. 
To reduce the number of branches, replace two tests 
if ( (x<0O) || (x>m) ) { /*...*/ } 
by the following single test where unsigned integers are used: 
if ( xm) { /*...*/ } 
Use a do-while construct instead of a while-do loop whenever possible because the latter also tests the 
loop condition at entry. Even when the do-while version causes some unnecessary work the gain from 


the avoided branch may outweigh it. Note that in the C language the for-loop also tests the condition at 
loop entry. 


When computing the next object there may be special cases where the update is trivial. If the percentage 
of these ‘easy cases’ is not too small an extra branch in the update routine should be created. The 
performance gain is very visible in most cases (section on page}231) and can be drastic (section 


on page [234h. 


Recursive routines can very be elegant and versatile. However, expect only about half the speed of a 
good iterative implementation of the same algorithm. The ideas given in section [4.8] on page can be 
used to obtain iterative versions from a recursive implementation. 


Approximate timings for the routines are given with most implementations. These were obtained with 
the referenced demo-programs, simply uncomment the line 


//#define TIMING // uncomment to disable printing 


near the top of the program file for your own measurements. The parameters (program arguments) used 
for the timing are given near the end of the file. When a generator routine is used in an application one 
must do the benchmarking with the application. Further optimization will very likely involve the sur- 
rounding code rather than the generator alone. The rate of generation for a certain object is occasionally 
given as 123 M/s, meaning that 123 million objects are generated per second. 


[fxtbook draft of 2008-January-19] 


164 Chapter 5: Conventions and considerations 


Choosing the optimal ordering and type of representation (for example, delta sets versus sets) for the 
given task is crucial. 


Address generation can be simpler if arrays are used instead of pointers. The speedup gained can be 


spectacular, see section [7.1]on page 


5.5 Remarks about the C++ implementations 


The iterative methods are implemented as C++ classes. The first object in the given order is created 
by the method first(). The method to compute the successor is usually next(). If a method for the 
computation of the predecessor is given then it is called prev(), and the method last() computes the 
last element in the list. 

The combinatorial object can be accessed through the method data(). In order to make all data of a 
class accessible the data is declared public. Thereby the need for various get_something() methods is 


avoided. To minimize the danger of accidental modification of class data the variable names end with an 
underscore. For example, the class for the generation of combinations in lexicographic order starts as 


class combination_lex 

{ 

public: 
ulong *x_; // combination: k elements 0<=x[j]<k in increasing order 
ulong n_, k_; // Combination (n choose k) 


The methods for the user of the class are public, the internal methods are declared private. 


[fxtbook draft of 2008-January-19] 


165 


Chapter 6 


Combinati 
a \k | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 
ie 1 1 
2: 1 2 1 
3: 1 3 3 1 
4: 1 4 6 4 1 
5: 1 5 10 10 5 1 
6: 1 6 15 20 15 6 1 
7: 1 7 24 35 35 21 7 1 
8: 1 8 28 56 70 56 28 8 1 
9: 1 9 36 84 126 126 84 36 1 
10: 1 10 45 120 210 252 210 120 45 10 1 
11: 1 11 655 165 330 462 462 330 165 55 11 1 
12: 1 12 66 220 495 792 924 792 495 220 66 12 1 
13: 1 13. 78 286 715 1287 1716 1716 1287 715 286 78 13 1 
14: 1 14 91 364 1001 2002 3003 3432 3003 2002 1001 364 91 14 1 
15: 1 15 105 455 1365 3003 5005 6435 6435 5005 3003 1365 455 105 15 1 


Figure 6.0-A: The binomial coefficients ee) forO<n,k < 15. 


The number of ways to choose & elements from a set of n elements equals the binomial coefficient (‘n 
choose k’): 


= (6.0-1) 


@ ~ tn k)! ve roe 


Equivalently, a set of n elements has (7) subsets of exactly k elements. These subsets are called the 
k-subsets (where k is fixed) or k-combinations of an n-set. 


To avoid overflow during the computation of the binomial coefficient, use the form 


(6.0-2) 


my (n—k+1)¥ _ nm-k+1 n—-k+2 n-k+3 n 
k 7 1k 1 2 3 k 


An implementation is given in [FXT: /aux0/binomial.h|: 


inline ulong binomial(ulong n, ulong k) 

{ 

if ( k>n ) return 0; 

if ( (k==0) || (k==n) ) return 1; 

if ( 2k >n ) k=n-k; // use symmetry 
ulong b=n-k+ 1; 

ulong f b; 

for (ulong j=2; j<=k; ++j) 


++; 
b *= f; 


[fxtbook draft of 2008-January-19] 


166 Chapter 6: Combinations 


b /= j; 


return b; 


} 
The table of the first binomial coefficients is shown in figure This table is called Pascal’s triangle, 
it was generated with the program [FXT: comb/binomial-demo.cc). Observe that 


() = Goa) #CW) 09 


That is, each entry is the sum of its upper and left upper neighbor. 


6.1 Lexicographic and co-lexicographic order 


lexicographic co-lexicographic 
set delta set set delta set set reversed 
1: {0, 1, 2 5 li eee 1: {0, 1, 2} i ip le ree { 2, 1, 0 } 
2: {0, 1, 3} TT de 2 {0, 1, 3} 12.1.3. { 3, 1, 0} 
3: {0, 1, 4} Ti..t: 3 {0, 2, 3 } 5 Megs Up eee £33525. 0- 
4: {0, 1, 5 } 11...1 4 {1, 2, 3} 111. { 3, 2, 1} 
5: {0, 2, 3} 1.11.. 5 {0, 1, 4} 11..1 { 4, 1, 0} 
6: {0, 2, 4} Led.t. 6 {0, 2, 4 } Lidecd { 4, 2, 0 } 
7: {0, 2, 5 } 1.1..1 7 {1, 2, 4} dt... { 4, 2, 1} 
8: {0, 3, 4} Levit. 8 {0, 3, 4} 1..11 { 4, 3, 0 } 
9: {0, 3, 5} Teg des 9 {1, 3, 4} odie LL. { 4, 3, 1} 
10: {0, 4, 5 } 1...11 10: {2, 3, 4} 111. { 4, 3, 2} 
11: {1, 2, 3 } 111.. 11: {0, 1, 5} et Le 15, 45.0 + 
12: {1, 2, 4} 11.1. 12: {0, 2, 5 } a re eae { 5, 2, 0} 
13: {1, 2, 5 } 11..1 13: {1, 2, 5 } eM od { 5, 2, 1} 
14: {1, 3, 4} 1.11. 14: {0, 3, 5 } 1..1.1 { 5, 3, 0 } 
15: {1, 3, 5} 1.1.1 15: {1, 3, 5} eel { 5, 3, 1} 
16: {1, 4, 5 } 1..11 16: {2, 3, 5} ped de D { 5, 3, 2} 
17: {2, 3, 4} 111. 17: {0, 4, 5 } a Peers al {5, 4, 0 } 
18: {2, 3, 5} 11.1 18: {1, 4, 5 } dT {5, 4, 1} 
19: {2, 4, 5 } 1.11 19: {2, 4, 5 } 1.11 {5, 4, 2} 
20: {3, 4, 5 } 111 20: {3, 4, 5} 111 {5, 4, 3 } 


Figure 6.1-A: All combinations G) in lexicographic order (left), and co-lexicographic order (right). 
The combinations of three elements out of six in lexicographic (or simply lex) order are shown in figure|6.1-] 
(left). The sequence is such that the sets are ordered lexicographically. Note that for the delta sets the 
element zero is printed first whereas with binary words (section [1.25] on page [61) the least significant bit 
(bit zero) is printed last. The sequence for co-lexicographic (or colex) order is such that the sets, when 
written reversed, are ordered lexicographically. 


6.1.1 Lexicographic order 
The C++ class [FXT: class combination_lex in comb/combination-lex.h generates the sets: 


class combination_lex 


public: 
ulong *x_; // combination: k elements 0<=x[j]<k in increasing order 
ulong n_, k_; // Combination (n choose k) 
public: 
combination_lex(ulong n, ulong k) 
£ 
n_=n; k_=k; 
x_ = new ulong[k_]; 


[fxtbook draft of 2008-January-19] 


6.1: Lexicographic and co-lexicographic order 167 


first(); 


~combination_lex() { delete [] x_; } 
oe first () 


for (ulong k=0; k<k_; ++k) x_I[k] =k; 
} 


void last() 


for (ulong i=0; i<k_; ++i) x_[i] =n_- k_ +i; 


} 


Computation of the successor and predecessor: 


ulong next () 
// Return smallest position that changed, return k with last combination 


{ 


if ( x_[0] ==n_- k_) // current combination is the last 
{ first(); return k_; } 

ulong j = k_ - 1; 

// easy case: highest element != highest possible value: 
if ( x_[j] < (n_-1) ) { ++x_[j]; return j; } 

// find highest falling edge: 

while ( 1 == (x_[j] - x_[j-1]) ) {--j; } 

// move lowest element of highest block up: 

ulong ret = j - 1; 

ulong z = ++x_[j-1]; 

// ... and attach rest of block: 

while (j <k_) { x_[j] = ++z; ++j; } 

return ret; 


} 


ulong prev() 
// Return smallest position that changed, return k with last combination 


{ 
if ( x_[k_-i] == k_-1 ) // current combination is the first 
{ last(); return k_; } 
// find highest falling edge: 
ulong j = k_ - 1; 
while ( 1 == (x_[j] - x_[j-1]) ) {--j; } 
ulong ret = j; 
--x_[j]; // move down edge element 
// ... and move rest of block to high end: 
while ( ++j <k_) x_[j] =n_-k_+j; 


return ret; 


} 


The listing in figure was created with the program [FXT: comb/combination-lex-demo.cc]. The 


routine generates the combinations (Gal at a rate of about 95 million per second. The combinations bea 


are generated at a rate of 160 million per second. 


6.1.2 Co-lexicographic order 


The combinations of three elements out of six in co-lexicographic (or coler) order are shown in fig- 
ure (right). Algorithms to compute the successor and predecessor are implemented in [FXT: class 


combination_colex in |comb/combination-colex.h): 


class combination_colex 


public: 
ulong *x_; // combination: k elements 0<=x[j]<k in increasing order 
ulong n_, k_; // Combination (n choose k) 


combination_colex(ulong n, ulong k) 


{ 


[fxtbook draft of 2008-January-19] 


168 Chapter 6: Combinations 


n_=n; k_=k; 
x_ = new ulong[k_+1]; 
x_[k_] = n_+ 2; // sentinel 
first(); 
[--snip--] 


ulong next () 
// Return greatest position that changed, return k with last combination 


{ 


if ( x_[0] == n_- k_) // current combination is the last 
{ first(); return k_; } 
ulong j = 0; 


// until lowest rising edge: attach block at low end 

while ( 1 == (x_[j+1] - x_[j]) ) f{ x_[j]l = j; ++j; } // can touch sentinel 
++x_[j]; // move edge element up 

return j; 


ulong prev() 
// Return greatest position that changed, return k with last combination 


if ( x_[k_-1] == k_-1 ) // current combination is the first 
{ lastQ; return k_; } 


// find lowest falling edge: 


ulong j = 0; 
while ( j == x_[j] ) ++j; // can touch sentinel 
--x_[j]; // move edge element down 


ulong ret = j; 


// attach rest of low block: 
while ( O!=j-- ) x_[j] = x_[j+1] - 1; 


return ret; 


} 
[--snip--] 


The listing in figure was created with the program [FXT: comb/combination-colex-demo.cc. The 
combinations are generated (a at a rate of about 140 million objects per second, the combinations ee) 


12 
are generated at a rate of 190 million objects per second. 


As a toy application of the combinations in co-lexicographic order we compute the products of k of the 
n smallest primes. We maintain an array of k products shown at the right of figure When the 
return value of the method next () is j then 7 + 1 elements have to be updated from right to left [FXT: 


comb/kproducts-colex-demo.cc : 


combination_colex C(n, k); 
const ulong *c = C.data(); // combinations as sets 


ulong *tf = new ulong[n]; // table of Factors (primes) 
// £i11 in small primes: 
for (ulong j=0,f=2; j<n; ++j) { tf[j] =f; f=next_small_prime(f+1); } 


ulong *tp = new ulong[kt1]; // table of Products 
tp[k] = 1; // one appended (sentinel) 


ulong j = k-1; 


// update products from right: 
ulong x = tp[j+1]; 
{ ulong i = j; 
do 
{ 
ulong f = tf[ cli] ]; 
x *= f; 
tpli] = x; 
} 
while ( i-- ); 
} // here: final product is x == tp[0] 


// visit the product x here 
j = C.next(); 


[fxtbook draft of 2008-January-19] 


6.2: Order by prefix shifts (cool-lex) 169 


combination j delta-set products 

1: {0, 1, 2} 2 up ke Meee [ 30 15 5 1] 
2: {0, 1, 3} 2 11.1... [ 42 21 7 1] 
3: {0, 2, 3} 1 1.411. [ 70 35 7 1] 
4: {1, 2, 3} 0 -111. [ 105 35 7 1] 
5: {0, 1,4} 2 11. [ 66 33 11 1] 
6: {0, 2,4} 1 1.1.1 [ 110 55 11 1] 
7: {1, 2, 4} 0 -11.1. [ 165 55 11 1] 
8: {0, 3,4} 1 1..41 [ 154 77 11 1] 
9: {1, 3,4} 0 edell [ 231 77 11 1] 
10: {2, 3, 4} 0 sated dls [ 385 77 11 1] 
11: {.0;4, 5} 2 i ee [ 78 39 18 1] 
12: {0, 2,5} 1 Leded. [ 130 65 183 1] 
13: {1,2, 5} 0 pes Es [ 195 65 183 1] 
14: {0, 3, 5} 1 1..1.1. [ 182 91 183 1] 
15: {1, 3, 5} 0 eloled. [ 273 91 183 1] 
16: {2, 3,5} 0 wehbe « [ 455 91 183 1] 
17: {0, 4,5} 1 Lael, [ 286 143 183 1] 
18: 11, 4,-5 +. 0 sdee tls [ 429 143 183 1] 
19: {2, 4,5} 0 1.41 [ 715 143 183 1] 
20: {3, 4, 5} 0 eiarer dell I, [ 1001 143 183 1] 
21: {0, 1, 6} 2 eee [ 102 51 17 1] 
22: {0, 2,6} 1 Teles ed [ 170 85 17 1] 
23: {1, 2,6} 0 ra bei Deere [ 255 85 17 1] 
24: {0, 3,6} 1 1..1..1 [ 238 119 17 1] 
25: 11, 3, 6} 0 -i.4..1 [ 357 119 17 1] 
26: {2, 3,6} 0 ..11..1 [ 595 119 17 1] 
27: {0, 4,6} 1 Leeda d [ 374 187 17 1] 
28: {1,4, 6} 0 = Nara ea [ 561 187 17 1] 
29: {2, 4, 6} 0 soda died [ 935 187 17 1] 
30: {3, 4, 6} 0 11.1 [ 1309 187 17 1] 
31: {0, 5,6} 1 1 -11 [ 442 221 17 1] 
32: {1,5, 6} 0 dn tad, [ 663 221 17 1] 
33: {2, 5,6} 0 Acide. [ 1105 221 17 1] 
34: {3, 5,6} 0 1.11 [ 1547 221 17 1] 
35: {4, 5,6} 0 111 [ 2431 221 17 1] 


Figure 6.1-B: All products of k = 3 of the n = 7 smallest primes (2,3,5,...,17). The products are the 
leftmost elements of the array on the right hand side. 


} 
while (j <k); 


The leftmost element of this array is the desired product. A sentinel element one at the end of the array 
is used to keep the code simple. With lexicographic order the update would go from left to right. 


6.2 Order by prefix shifts (cool-lex) 


1 1: Li... te Atte. 1: 11411. 
2: 20 edt. 2: 111. 2: 1111 
3e 3: 1.1.. 3: 141.11. 3: 1.111 
4: 4: .1.1. 4: 11.1. 4: 11.11 
ot Be a2 dd. 5s 1.4 5: 111.1 

68° “Lest. 6: 1.14.1 

Tt owdlacd 7: 1.41 

Si edd 3) aes Ee 

9: ...11 Oe Le dd 

10: 1...1 10: 114..1 


Figure 6.2-A: Combinations (?), for k = 1,2,3,4 in an ordering generated by prefix shifts. 


An algorithm for generating combinations by prefix shifts which is given in [203]. The ordering is called 
cool-lex in the paper. Figure shows some orders for G), figure shows the combinations 


[fxtbook draft of 2008-January-19] 


170 Chapter 6: Combinations 


Ri sgeape ie erfetbas ip voltatrerlonthasefs des sanseese fey se dectocielcs Rts Uti tt se Es ess is ts Reena : 
111111111111111 11111.. lg a ere tes 
bass ite a al a DTU fuse ae te oer bees Tales ee diss ede 

tebe dota ss Rs eee: [nee erreeee zi, 5 Hee eee Ceeeerae 
woo A Sod ve ed enietases s eeeereree Diss amend 
11.1..1...1 i rere A enccmcassas 
Phas eds sal, 1 Lig sea dhs aks eras 1 
us eet et era ali Etec Rett ict ae Be epee errr!’ Eee Olt PA Sea eee Laie’ 11 


Figure 6.2-B: Combinations (3) via prefix shifts. 


comb/combination-pref-demo.cc] which uses the 
comb/combination-pret.h): 


ee The listings were created with the program [FXT: 
implementation in [FXT: class combination_pref in 


class combination_pref 


{ 
public: 

ulong *b_; // data as delta set 

ulong s_, t_, n_; // combination (n choose k) where n=s+t, k=t. 
private: 


ulong x, y; // aux 


public: 
combination_pref(ulong n, ulong k) 
// Must have: n>=2, k>=1 (i.e. s!=0 and t!=0) 


s_=n-k; 
t_ =k; 
n_ =s_+t_; 
b_ = new ulong[n_]; 
first(); 
} 
[--snip--] 


void first( 


for (ulong j=0; j<n_; ++j) b_[jl 
for (ulong j=0; j<t_; ++j) b_[jl 
x=0; y=0; 


} 
bool next () 
{ 


if ( x==0 ) { x=1; b_[t_]=1; b_[0]=0; return true; } 
else 


if ( x>=n_-1 ) return false; 

else 
b_[x] = 0; ++x; b_[y] = 1; ++y; // X(s,t) 
a ( b_[x]==0 ) 


b_[x] = 1; b_[0] = 0; // Y(s,t) 
if (yl) x= 1; // Z(s,t) 
y = 0; 
return true; 
} 
} 
[--snip--] 


The combinations are generated ee) at a rate of about 95 million objects per second, the combinations 


lees are generated at a rate of 85 million objects per second. 


6.3. Minimal-change order 


The combinations of three elements out of six in a minimal-change order (a Gray code) are shown in 
figure (left). With each transition exactly one element changes its position. We use a recursion for 


[fxtbook draft of 2008-January-19] 


6.3: Minimal-change order 171 
Gray code complemented Gray code 

1: { 0, 4,°2 3 sls i epee 1? { 3, 4, 5 } 111 

2: { 0; 2; 3 } 1.411.. 2: {1, 4, 5} 1..11 

3: {1, 2, 3 } .111. 3: {0, 4, 5 } p ere el 

4: {0, 1, 3 } 11.1 4: {2, 4, 5 } wed Tt 

5: {0, 3, 4} 1..11. 5: {1, 2, 5} ali. 

6: {1, 3, 4} 1.214... 6: {0, 2, 5} ue eee 

T: { 2, 3, 4} ¢T11. T: {0, 1, 5} 11 vee 

8: {0, 2, 4 } 1.1.1 8: 5 eee ee me leas ee 

9: {1, 2, 4} 145.4 9: {0, 3, 5 } 1d. 

10: {0, 1, 4} Ti eb. 10: {2, 3, 5} Pree et ie 

11: {0, 4, 5 } 1 11 alga {1, 2, 3} .111 

12: {1, 4, 5 } spores 12: {0, 2, 3 } sega 

13: { 2, 4, 5 } Peelers Bi 13: {0, 1, 3 } 11.1 

14: { 3, 4, 5 } coed 14: {0, 1, 2} 111.5 

15: {0, 3, 5 } a sr ee 15: {1, 2, 4} 2144 

16: {1, 3, 5 } ile ee 16: {0, 2, 4} pe 

17: { 2, 3, 5 } edd el 17: {0, 1, 4} 11..1. 

18: 4.0. 2,5} 1.1..1 18: {1, 3, 4} pele Ga 

19: {1, 2, 5 } o€1 1 19: {0, 3, 4} Lisa Dds 
20: { 0, 4, 5} lis lpereae | 20: {2, 3, 4} 111. 

Figure 6.3-A: Combinations (3) in Gray order (left), and complemented Gray order (right). 
the list C(n, k) of combinations (7) (symbols as in relation [12.0-1|on page [281): 
C(n,k) = [C(n — 1, k) ] _ [0.C(n—1, k) ] (6.3-1) 


[(n).CR(n—1,k—1] ~ [1.CR(n—-1, k—-))] 


The first equality is for the set representation, the second for the delta-set representation. An implemen- 


tation is given in [FXT: comb/combination-gray-rec-demo.cc]: 


ulong *x; 


// elements in combination at x[1] ... x[k] 


void comb_gray(ulong n, ulong k, bool z) 


{ 
if ( k==n ) 


for (ulong j=1; j<=k; 
visit(); 
return; 


} 
iv (z) // forward: 


comb_gray(n-1, k, z); 
if (ko) { x[k] = 


} 
else // backward: 


if (ko) { x[k] = 
comb_gray(n-1, k, z); 


} 


+43) xf] = 3 


n; comb_gray(n-1, k-1, !z); } 


n; comb_gray(n-1, k-1, !z); } 


A recursion for the complemented order is 


C(n, k) 


void comb_gray_compl(ulong n, 
{ 
[--snip--] 
- (z) // forward: 
if (ko) { xI[k] = 
comb_gray_compl1(n-1, 


else // backward: 


[((n).C(n—1, k-1)] _ 
[CR(n — 1, k) | 


[1.C(n-1,k-D] 
(0. CR(n—1,k) | 


ulong k, bool z) 


n; comb_gray_compl(n-1, k-1, z); } 
k, !z); 


[fxtbook draft of 2008-January-19] 


(6.3-2) 


172 Chapter 6: Combinations 


comb_gray_compl(n-1, k, !z); 
if (kO0) { x[k] =n; comb_gray_compl(n-1, k-1, z); } 


} 


A very efficient (revolving door) algorithm that generates the sets for the Gray code is given in [191]. An 
implementation following [157] is [FXT: class combination_revdoor in comb/combination-revdoor.h). 
Usage of the class is shown in [FXT: comb/combination-revdoor-demo.cc. The routine generates the 
combinations eee at a rate of about 115 M/s, the combinations are ented at a rate of 181 M/s. 
An implementation geared for good performance with small values of k is given in [161], a C++ adaptation 
is [FXT: |comb/combination-lam-demo.cc|. The combinations (S) a generated at a rate of 190 M/s, and 
250 M/s for the combinations (“). The routine is limited to values k > 2. 


6.4 The Eades-McKay strong minimal-change order 


Eades-McKay complemented Eades-McKay 

1: { 4, 5, 6 } .111 1: { 4, 5, 6 } .111 
2: { 3, 5, 6 } 1.11 23. 4-3. 5,. 6 } 1.11 
3: 1.2, 5; 6} ..d..44 3: { 2, 5, 6 } 1..11 
4: {1, 5, 6} .1...11 4: {1, 5, 6 } eres 
5: {0, 5, 6} 1....11 52 4°04. 6,6 Fo Tce elt 
6: 10, 4,°6 7 11....4 6: {0, 4, 6} 1...4.1 
Te 400, 2,6.) 1sdecad 7: {1, 4, 6} .1..4.1 
8: {1, 2, 6} .14...1 8: { 2, 4, 6 } 1.1.1 
9: (i, 8; 6.) ddd 9: { 3, 4, 6 } wodled 
10: {0, 3, 6} 1..14..1 10: {2, 3, 6} ..114..1 
11: { 2, 3, 6 } -11..1 141: {1, 3, 6} .1.14..1 
12: { 2,4, 6) ..4.4.1 12: 4.0, 8, 6) 1.40.1 
13: {1, 4, 6} .14..1.1 13: £0, 2, 6} 1.1...1 
14: {0, 4, 6} 1...1.1 14: {1, 2, 6} .11...1 
15: {3, 4, 6} ...11.1 15: £0, 41, 6) 11....4 
16: { 3, 4, 5 } 111. 16: {0, 1, 5} 11...1. 
17: { 2, 4, 5 } 1.11. 17% (0; 2; 5 } 1.4..015 
18: {1, 4, 5} .1..41. 18: {1, 2, 5 } ui eee 
19: {0, 4, 5} 1...11. 19: +42, 3,5 } e112. 
20:- 4.:0,;°4, 5°) “To. st. 20: {1, 3, 5} sep Ere 
2t: {£0, 2,5 } tid..7. 218° 4-043 Se Asda 
22: 44,2, 5} <d4.<t. 22: (0, 4, 5} 1...11. 
23: 11, 3; 5) .2.1<1: 23: {1, 4, 5} .1..11. 
24: {0, 3, 5} 1..1.1. 24: {2, 4, 5 } 1.11. 
25: {2, 3, 54 .11.1. 25: {3, 4, 5 } .111. 
26: { 2, 3, 4} 111.. 26: { 2, 3, 4} 111. 
27: {1, 3, 4} 1.11.. 27: {1, 3, 4} ul Ea 
28: {0, 3, 4} 1..11.. 28: {0, 3, 4} 1..11. 
29: (0, 1, 4} 11..1.. 29: {0, 2, 4} 1.1.1 
30: {0, 2, 4} 1.1.1.. 30: {1, 2, 4} .11.1 
31: {4,.2, 47 11.1.. 31: £0, 1, 4} 11..1 
32: {1, 2, 3} 111... 32: £0, 1, 3} 11.1. 
83: 4.0, 2, 3.) ddd... 33: £0, 2, 3} 1.11. 
34: (0, 1, 3} 11.1... 34: {1, 2, 3} .111. 
353° £0, 2, 2.) tid... 35: £0, 1, 2} 111.. 


Figure 6.4-A: Combinations 
order (right). 


——> 
wan 


) in the Eades-McKay order (left), and in the complemented Eades-Mckay 


In any Gray code order for combinations just one element is moved between to successive combinations. 
When an element is moved across any other then there is more than one change on the set representation. 
If 7 elements are crossed then 7+ 1 entries in the set change: 


set delta set 
{0, 1, 2, 3} T4141... 
{1, 2, 3, 4} .1111. 


[fxtbook draft of 2008-January-19] 


6.4: The Eades-McKay strong minimal-change order 173 


A strong minimal-change order is a Gray code where only one entry in the set representation is changed 
per step. That is, only zeros in the delta set representation are crossed, and the moves are called 
homogeneous. One such order is the Hades-McKay sequence described in [104]. The Eades-McKay 


sequence for the combinations (°) is shown in figure (left). It can be generated with the program 
[FXT: comb/combination-emk-rec-demo.cc!: 


ulong *rv; // elements in combination at rv[1] ... rv[k] 


void 
comb_emk(ulong n, ulong k, bool z) 


c ( k==n ) 
for (ulong j=1; j<=k; ++j) rv[j] = j; 
visit(); 
return; 
} 
a (z) // forward: 
if ( (m>=2) && (k>=2) ) { rv[k] =n; rvl[k-1] = n-1; comb_emk(n-2, k-2, z); } 
if ( (n>=2) && (k>=1) ) { rv[k] =n; comb_emk(n-2, k-1, !z); } 
if ( (m>=1) ) { comb_emk(n-1, k, z); } 
} 
aa // backward: 
if ( (m=1) ) { comb_emk(n-1, k, z); } 
if ( (n>=2) && (k>=1) ) { rv[k] =n; comb_emk(n-2, k-1, !z); } 
if ( (m>=2) && (k>=2) ) { rv[k] =n; rvl[k-1] = n-1; comb_emk(n-2, k-2, z); } 


The combinations Ga) are generated at a rate of about 44 million per second, the combinations eal at 
a rate of 34 million per second. 


The underlying recursion for the list E(n,k) of combinations (j) is (notations as in relation |12.0-1]on 
page |28 1) 


[(n) .(n—1). E(n — 2, k — 2)] (ll. B(n—2,k—2) ] 
E(n,k) = [(n). ER(n-2, k-1) ] = (10. BR(n-2,k-1)] (6.4-1) 
[(n — 1, k) ] (0-H(n-1,k) 
Again, the first equality is for the set representation, the second for the delta-set representation. Counting 
the elements on both sides gives the relation 


i) = Goa) Ga) Ce) (6.4.2) 


which is an easy consequence of relation on page A recursion for the complemented sequence 
(with respect to the delta sets) is 


[E'(n —1, k-1) ] {1.B’\m-1,k-1) ] 
E'(tmky) = (w= 1): 2 a2, 8-1) = 01. Bb @—2,b—1) (6.4-3) 
[(n) . . E'(n — 2, k) ] (00. E’(n—2, k) 


Counting on both sides gives 


ee (od 


The condition for the recursion end has to be modified: 
void 
comb_emk_compl(ulong n, ulong k, bool z) 

a ( (k==0) || (k==n) ) 


for (ulong j=1; j<=k; ++j) rvI[j] = j; 
++ct; 


? 


[fxtbook draft of 2008-January-19] 


174 Chapter 6: Combinations 


visit(); 
return; 
} 
a (z) // forward: 
if ( (m>=1) && (k>=1) ) { rv[k] =n; comb_emk_compl(n-1, k-1, z); } // 1 
if ( (m>=2) && (k>=1) ) { rv[k] = n-1; comb_emk_compl(n-2, k-1, !z); } // 01 
if ( (m>=2) ) { comb_emk_compl(n-2, k-O, z); } // 00 
} 
oF // backward: 
if ( (m>=2) ) { comb_emk_compl(n-2, k-O, z); } // 00 
if ( (m>=2) && (k>=1) ) { rv[k] = n-1; comb_emk_compl(n-2, k-1, !z); } // 01 
if ( (m>=1) && (k>=1) ) { rv[k] =n; comb_emk_compl(n-1, k-1, z); } // 1 
} 


The complemented sequence is not a strong Gray code. 


Iterative generation via modulo moves 


An iterative algorithm for the Eades-McKay sequence is given in [FXT: class combination_emk in 
comb/combination-emk.h : 


class combination_emk 


public: 
ulong *x_; // combination: k elements 0<=x[j]<k in increasing order 
ulong *s_; // aux: start of range for moves 
ulong *a_; // aux: actual start position of moves 
ulong n_, k_; // Combination (n choose k) 
public: 
combination_emk(ulong n, ulong k) 
t n_ =n; 
k_ = k; 
x_ = new ulong[k_t+1]; // incl. high sentinel 
s_ = new ulong[k_+1]; // incl. high sentinel 
a_ = new ulong[k_]; 
x_[k_] = n_; 
first(); 
} 
[--snip--] 


ae first( 


for (ulong j=0; j<k_; ++j) x_[jl 
for (ulong j=0; j<k_; ++j) s_I[jl 
for (ulong j=0; j<k_; ++j) a_[j] = x_[jl]; 


ioueou 
u.u. 


} 
The computation of the successor uses modulo steps: 


ulong next () 
// Return position where track changed, return k with last combination 


{ 
ulong j = k_; 
while ( j-- ) // loop over tracks 
{ 


const ulong sj = s_[j]; 
const ulong m = x_[jt1] - sj - 1; 


if ( O!=m ) // unless range empty 


{ 
ulong u = x_[j] - sj; 
// modulo moves: 
if ( 0==(j&1) ) 


++u 5 
if (wm) u=0; 


} 


else 


[fxtbook draft of 2008-January-19] 


6.5: Two-close orderings via endo/enup moves 175 


--u; 
if (wm) ue=n; 
} 


u += sj; 


if ( u !=a_[j] ) // next pos != start position 


x_[j] = u; 
s_[j+1] = ut1; 
return j; 
} 
} 
a_[j] = x_([jl; 
} 
return k_; // current combination is last 


} 
3; 


The combinations (a) are generated at a rate of about 60 million per second, the combinations (G.) at 


12 
a rate of 85 million per second [FXT: comb/combination-emk-demo.cc). 


6.5 Two-close orderings via endo/enup moves 


6.5.1 The endo and enup orderings for numbers 


ndo sequence enup sequence 


NO 


OWONOoSWNE B 
PRERRBEREEE 0 
wWwwwwww 
OONMOIOUANO 
NINNOANO 
OWMANO 
WONOOAWHE B 
DOODDCOSCOO 
NNNNNNNNE 
SAAR ARWR 
DAAMMoWE 
COCONINO 


Figure 6.5-A: The endo (left), and enup (right) orderings with maximal value m. 


The endo order of the set {0,1,2,...,m} is obtained by writing all odd numbers of the set in increasing 
order followed by all even numbers in decreasing order: {1,3,5,...,6,4,2,0}. The term endo stands 


for ‘Even Numbers DOwn, odd numbers up’. A routine for generating the successor in endo order with 
maximal value m is [FXT:|comb/endo-enup.h : 


inline ulong next_endo(ulong x, ulong m) 
// Return next number in endo order 


if (x &1) // x odd 


if ( x>m) x =m - (m&1); // == max even <=m 
else // x even 
x = ( x==0 7? 1: x-2); 


return x; 


} 
The sequences for the first few m are shown in figure The routine computes one for the input zero. 


An ordering starting with the even numbers in increasing order will be called enup (for ‘Even Numbers 
UP, odd numbers down’). The computation of the successor can be implemented as 


static inline ulong next_enup(ulong x, ulong m) 
eae // x odd 
x = ( x==1 70: x-2); 


[fxtbook draft of 2008-January-19] 


176 Chapter 6: Combinations 


else // x even 


x += 2; 
if ( x>m) x =m - !(m&1); // max odd <=m 


return x; 


} 
As the orderings are reversals of each other, we define: 


static inline ulong prev_endo(ulong x, ulong m) ‘{ return next_enup(x, m); } 
static inline ulong prev_enup(ulong x, ulong m) ‘{ return next_endo(x, m); } 


A function that returns the z-th number in enup order with maximal digit m is 
static inline ulong enup_num(ulong x, ulong m) 

ulong r = 2*x; 

if ( rom) r = 2*mti - 74; 

return r; 
The function will only work if  < m. For example, with m = 5: 


x: 012345 
Yr: 024531 


The inverse function is 

static inline ulong enup_idx(ulong x, ulong m) 
const ulong b = x & 1; 
x >>= 1; 
return (b? m-x:x); 

The equivalent function to map into endo order is 


static inline ulong endo_num(ulong x, ulong m) 


{ 
// return enup_num(m-x, m); 
x =m—- xX; 
ulong r = 2*x; 
if ( r>m) r = 2*mti - 124; 
return fr; 

} 


For example, 


The inverse is 


static inline ulong endo_idx(ulong x, ulong m) 


{ 
const ulong b = x & 1; 
x >>= 1; 
return (b? x: m-x ); 
} 


6.5.2. The endo and enup orderings 


Figure |6.5-B|shows an ordering where the moves to the right are on even positions (enup order, left). If 
the moves to the right are on odd positions (endo order) then Chase’s sequence is obtained (right). Both 
have the property of being two-close: an element in the delta set moves by at most two positions (and 
the move is homogeneous, no other element is crossed). This property is a direct consequence of the fact 
that all moves with enup and endo order are by at most two positions. An implementation of an iterative 


algorithm for the computation of the combinations in enup order is [FXT: class combination_enup in 
comb/combination-enup.h). 


class combination_enup 


Two aos minimal-change orderings for combinations can be obtained via moves in enup and endo order. 


a 
public: 
ulong *x_; // combination: k elements 0<=x[j]<k in increasing order 


[fxtbook draft of 2008-January-19] 


177 


6.5: Two-close orderings via endo/enup moves 


endo moves 


enup moves 


od . dads soe ‘do a . . a] adds: so a 
Be Be ee ee ee ee ai as. ee ae a a a . 


BAA AA AAA AAA AAA ABA AAA AAA AAA AA AAA AAA AAA AAA AAA AAA AA AAA AAA AA 
ANMMONOSFHFONOONRROMNMNOTMMNNONOSTHAONOONKRMROMMNOOKKRRRROOKRNROWWN OS 


CO i i i i i i i i i i i i i a i a ad 


DODDDVDVDDVDVDVDDVDDVVCOCOOCOA FAA AA AA HAA AAA AHAHAMNMNMNMNMNMNOPFHPIONANANANANNAANAYN 

I 

ANMNTMOORWDNHRDOANMNTNORDHRDOHAANMNHNOK AHO 
AAA HAHAHAHA ANANANNANANAANA® 


. o Os ee | o coe ois Be ee ee ee Ss oe Ss 
. Sa S| i a Se Be oe i | Ce I I De ee ee aera roost ee 
. | Ss ie Ds ie Ss Bn ee Be Be ee | 5 ie ord es 
odd oo dds . Bs ee CC ee Ce Be ee | i see 
. Os os Be ee ee oe . Ca ee ee ee Cee Be coed 
o Oe os oe oe . . Ce ee ee . et i eee oo. coe Be Be Oe ee 
ee ie De ne ee ee SS . . ee ee ee ee ee ee ee ee ee ee ee ee ee 
Be ee ee ee Be Be . soe sof 


BAA AAA AAA AAA AAA AAA AAA AAA AAR AAA AAA AAA AAA AAA AAA AA AAA AAAAA 
NHTONWUMNMNTORNMNMORRNROONNAHONNOMORNNWOORRRERROORMNMNONKRROORNHHONMM 


SCODDCDDDCDOCOCDOCCOCOCDODCOCONANANNANNANAS HS HOMNMNMNNMNMNAAHA AAA AAA AAA 
I FF GF GF GG FG FF GF FG FG GF GFF GE FG GF GF GG GY 


ANMNTOOFDNHDOANMNYTMOONK ODO 
Se ie Bs Bs oe Be ee 


) via enup moves (left), and via endo moves (Chase’s sequence, right). 


8 
3 


Figure 6.5-B: Combinations ( 


[fxtbook draft of 2008-January-19] 


178 Chapter 6: Combinations 


ulong *s_; // aux: start of range for enup moves 
ulong *a_; // aux: actual start position of enup moves 
ulong n_, k_; // Combination (n choose k) 


public: 

combination_enup(ulong n, ulong k) 

t n_ =n; 
k_ = k; 
x_ = new ulong[k_t+1]; // incl. high sentinel 
s_ = new ulong[k_+1]; // incl. high sentinel 
a_ = new ulong[k_]; 
x_[k_] = n_; 
first(); 

} 

{[--snip--] 


void first( 
{ 


for (ulong j=0; j<k_; ++j) x_[jl] = j; 
for (ulong j=0; j<k_; ++j) s_[jl] = j; 
for (ulong j=0; j<k_; ++j) a_[j] = x_[jl]; 


} 


The successor of the current combination is computed by finding the range of possible movements (variable 
m) and, unless the range is empty, move until we are back at the start position: 


ulong next () 
// Return position where track changed, return k with last combination 


ulong j = k_; 
while ( j-- ) // loop over tracks 
{ 


const ulong sj = s_[j]; 
const ulong m = x_[jt1] - sj - 1; 


if ( O!=m ) // unless range empty 


{ 
ulong u = x_[j] - sj; 
// move right on even positions: 
if ( 0==(sj&1) ) wu = next_enup(u, m); 
else u = next_endo(u, m); 
u += sj; 
if ( u !=a_[j] ) // next pos != start position 
{ 
x_[j] = u; 
s_[j+1] = ut1; 
return j; 
} 
} 
a_[j] = x_[j]; 
return k_; // current combination is last 


} 
3; 


The routine is similar to the one used for the Eades-McKay sequence that is given on page The 
combinations ea are generated at a rate of 45 million objects per second, the combinations (75) at a 
rate of 55 million per second. 


The only change in the implementation for computing the endo ordering is (at the obvious place in the 
code) [FXT: comb/combination-endo.h): 


// move right on odd positions: 
if ( 0==(sj&1) ) next_endo(u, m); 
else next_enup(u, m); 


us 
u= 
The ordering obtained by endo moves is called Chase’s sequence. Figure was created with the 
programs [FXT: comb/combination-enup-demo.cc] and [FXT: comb/combination-endo-demo.cc'. 


[fxtbook draft of 2008-January-19] 


6.6: Recursive generation of certain orderings 179 


The underlying recursion for the list U(n,k) of combinations (‘) in enup order is 


[(n).(n-1).U(n—-2,k—2)]  [11. U(n—2, k—-2)] 
U(n,k) = [(n).U(n—-2,k-1) ] = [10.U(n-2, k—-1)] (6.5-1) 
[UR (n — 1, k) } [0.UR(n-1,k) ] 


The recursion is very similar to relation 
The crucial part of the routine is [FXT: 


on page therefore a recursive routine is easy to obtain. 


comb/combination-enup-rec-demo.cc’: 


void 
comb_enup(ulong n, ulong k, bool z) 


if ( k==n ) { visit(); return; } 
. (z) // forward: 


if ( (m>=2) && (k>=2) ) { rv[k] =n; rv[k-1] = n-1; comb_enup(n-2, k-2, z); } 
if ( (nm>=2) && (k>=1) ) { rv[k] =n; comb_enup(n-2, k-1, z); } 
if ( (m=1) ) { comb_enup(n-1, k, !z); } 
} 
aa // backward: 
if ( (m=1) ) { comb_enup(n-1, k, !z); } 
if ( (m>=2) && (k>=1) ) { rv[k] =n; comb_enup(n-2, k-1, z); } 
if ( (m>=2) && (k>=2) ) { rv[k] =n; rv[k-1] =n-1; comb_enup(n-2, k-2, z); } 


A recursion for the complement sequence (with respect to the delta sets) is 


io Cosby) “eH eH 
U'(n,k) = [(n-1).U'(n-—2,k-1)] = [(01.U'(n-2,k-1)] (6.5-2) 
[U’(n — 2, k) ] [00.U'(n-2,k) ] 


The condition for the recursion end has to be modified: 


void 
comb_enup_compl(ulong n, ulong k, bool z) 


if ( (k==0) || (k==n) ) { visitQ; return; } 
- (z) // forward: 


if ( (m>=1) && (k>=1) ) { rv[k] 
if ( (m>=2) && (k>=1) ) { rv[k] 


n; comb_enup_compl(n-1, k-1, !z); } // 1 
n-1; comb_enup_compl(n-2, k-1, z); } // 01 


if ( (m>=2) ) { comb_enup_compl(n-2, k-0, z); } // 00 
} 
an // backward: 
if ( (m>=2) ) { comb_enup_compl(n-2, k-0, z); } // 00 
if ( (m>=2) && (k>=1) ) { rv[k] = n-1; comb_enup_compl(n-2, k-1, z); } // 01 
if ( (m>=1) && (k>=1) ) { rv[k] =n; comb_enup_compl(n-1, k-1, !z); } // 1 
} 


The algorithm for Chase’s sequence that generates delta sets is described in [157]. An implementation is 
given in [FXT: class combination_chase in comb/combination-chase.h|. The routine generates about 
64 million combinations per second both for . See [FXT: comb /combination-chase-demo.cc 
for the usage of the class. 


—— 


6.6 Recursive generation of certain orderings 


We give a simple recursive routine to obtain the orders shown in figure The combinations are 
generated as sets [FXT: class comb_rec in comb/combination-rec.h : 


class comb_rec 


public: 


[fxtbook draft of 2008-January-19] 


180 Chapter 6: Combinations 


lexicographic Gray code compl. enup compl. Eades-McKay 

iL i i ee 1....41 db erste Mel LT Ts. s- 
2: 11.1... 1...411. see ee ste ee 
3: 11..1.. 1...4.1 sarees le 11..1.. 
4: 115.30. 1..11.. sere ee TA ove-c des 
5: ps epee | alee re pe eee pt ee 
6: 1.11... se eee sare ere 5 ere 
T: ie Es ee Lodz tb shs sed, 1.1..1. 
8: Tet... fee ee eee Ve dassds 1.1.1.. 
9: cy epee 1.1..1. sees Ee ee eee eee 
10: ple ee Vis sicaes i 1.11... 1..41.. 
11: ddd. 1a a asec 111. 5 ere Oe 
12: Paced d os ees eee slp ee eee 1..1..1 
13: Lined. clean Bee slp eee ee Leese died 
14: Lee ed dD ena dee LA sed. 1...11. 
15: ee aod LA ceed is rears eres 
16: elds 3. sie ee LL odds ced. sla. Ld. 
17: Fa es .1..41. Fay ls eee a ducts ded 
18: i Ltd. ode ded eddie des wd.s dT 
19: idee -1.41.. a lg ee -1.41.. 
20: wbelles 1.41.1. Be lee ae 1.1.1. 
21: Pa ae Ee -1.1..1 Po ie Re ee ee 
22: Pe ae ee | sldde ss .1.1..1 acd noc sak 
23: pbs ds ae Be pdivrcdicd -11..1. 
24: eed Tl .11..1. pe ere ee -11.1.. 
25: po rere | A be mee edee odd. -1i1.. 
26: wed dd .e 2.1.41 arene 5s, Ua ..111.. 
27: jue bed. ..1.411. ewdie ded ..11.1. 
28: ..11..1 1.4.1 Sedaord dy ood. sd 
29: we deed dl ..111.. ey ee 1.1.1 
30: ees Epes a ..11.1. ws dds ds ..1.11. 
31: «a dveed dl ee i eee peddle d goed ece ded, 
32: well: eve vd col ted saad ded, 
33: Pas i ee | ..111. pay ee ..11.1 
34: ved ..11.1 sake dd. ..111. 
35: aw Lad ~ old seme Ua wed 


Figure 6.6-A: All combinations (3) in lexicographic, minimal-change, complemented enup, and comple- 


mented Eades-McKay order (from left to right). 


ulong n_, k_; // ( choose k) 
ulong *rv_;  // combination: k elements 0<=x[j]<k in increasing order 
// == Record of Visits in graph 
ulong rq_; // condition that determines the order: 
// 0 ==> lexicographic order 
// 1 ==> Gray code 
// 2 ==> complemented enup order 
// 3 ==> complemented Eades-McKay sequence 
ulong nq_; // whether to reverse order 
[--snip--] 
; void ees comb_rec &); // function to call with each combination 
--snip-- 


void generate(void (*visit) (const comb_rec &), ulong rq, ulong nq=0) 


{ 
visit_ = visit; 
rq_ = xq: 
nd_ = nd; 
ct_ = 0; 
rct_ = 0; 
next_rec(0); 

} 


The recursion function is given in [FXT: comb/combination-rec.cc): 


void comb_rec: :next_rec(ulong d) 


{ 
ulong r = k_ - d; // number of elements remaining 
if ( 0O==r ) visit_(*this); 
else 


ulong rvi = rv_[d-1]; // left neighbor 
bool q; 
switch ( rq_ ) 


case 0: q=1; break; // 0 ==> lexicographic order 


[fxtbook draft of 2008-January-19] 


6.6: Recursive generation of certain orderings 181 


case 1: q = !(d&1); break; // 1 ==> Gray code 

case 2: q = rvi&1; break; // 2 ==> complemented enup order 

case 3: q = (d*rvl)&1; break; // 3 ==> complemented Eades-McKay sequence 
default: q = 1; 

} 

q “=nq_; // reversed order if nq == true 


if (q) // forward: 
for (ulong x=rviti1; x<=n_-r; ++x) { rv_[d] = x; next_rec(d+1); } 
else // backward: 
for (ulong x=n_-r; (long)x>=(long)rvit+1i; --x) { rv_[d] = x; next_rec(d+1); } 


} 
Figure was created with the program [FXT: comb/combination-rec-demo.cc|. The routine generates 


the combinations ee at a rate of about 32 million objects per second. The combinations lien are 


generated at a rate of 45 million objects per second. 


[fxtbook draft of 2008-January-19] 


182 Chapter 6: Combinations 


[fxtbook draft of 2008-January-19] 


183 


Chapter 7 


Compositions 


The compositions of n into (at most) k& parts (‘k-compositions of n’) are the ordered tuples 
(%0, 1, ---; Uk—-1) where ap +41+... +a,-1 =nand 0 < a; <n. Order matters: one 4-composition of 
7 is (0,1,5,1), different ones are (5,0,1,1) and (0,5,1,1). To obtain the compositions of n into exactly 
k parts (where k < n) generate the compositions of n — k into k parts and add one to each position. 


7.1 Co-lexicographic order 


The compositions in co-lexicographic (colex) order are shown in figure The implementation is 
[FXT: class composition_colex in|comb/composition-colex.h|: 


class composition_colex 


{ 
public: 
ulong n_, k_; // composition of n into k parts 
ulong *x_; // data (k elements) 
[--snip--] 


void first( 


x_[0] =n_; // all in first position 
for (ulong k=1; k<k_; ++k) x_I[k] = 0; 
} 


void last() 


for (ulong k=0; k<k_; ++k) x_I[k] = 0; 
x_[k_-1] = n_; // all in last position 


} 
[--snip--] 
The methods to compute the successor and predecessor are: 


ulong next () 
// Return position of rightmost change, return k with last composition. 


£ 


ulong j = 0; 

while ( 0==x_[j] ) ++j; // find first nonzero 

if ( j==k_-1 ) return k_; // current composition is last 
ulong v = x_[j]; // value of first nonzero 

x_[j] = 0; // set to zero 

x_[0] =v - 1; // value-1 to first position 

+43; 

++x_[j]; // increment next position 


return j; 


a 
ulong prev() 


[fxtbook draft of 2008-January-19] 


184 Chapter 7: Compositions 


composition chg combination composition chg combination 

1: [3.4.4] 4 op eee 1: [7..] 2 1111111.. 

2: [21...] 1 AUS eee 2: [6é1.] 1 111111.1. 

3: Pi2s add 2 se it sere 3: [52.] 1 11111.11. 

4: fee «dl ct Add. 4: [43.] 1 ss a Ps i 

5: [20 deck] 2 Hp eee ree 5: [34.] 1 111.1111. 

6: dat 2 st, ot 1. Ue 6: [25.] 1 11.11111. 

7: [222.2] 1 -1i.1.. 7: [16.] 1 1.111111. 

8: f1.2..] 2 Lecdts.. 8: Poe Fae WP 1111111. 

9: fo. dt 2. 2) A odd... 9: [6.1] 2 111111..1 

10: ees ree ee Pere i eee 10: [511] 1 11111.1.1 
11: P2<.. LL. ] 3 ii eee 11: [421] 1 1111.11.1 
12: fiit.1.] 1 Led wd, 12: [331] 1 111.111.1 
13: fa 2°2. 42 at gids. 13: [241] 1 11.1111.1 
14: [1.11.] 2 Lice dads 14: L151] 1 1.11111.1 
15: oct tethia df eed od. 15: [.61] 1 .111111.1 
16: ee eee ..11.1. 16: [5.2] 2 11141..41 
17: fa..2. ] 8 1...11. 17: [412] 1 1111.1.41 
18: fed. 2s] 4 .1..11. 18: [322] 1 1141.11.41 
19: f aw 12? 4), 32 1.11. 19: [232] 1 11.411.41 
20: [oe are Bt J 3 .. 411. 20: [142] 1 1.4111.41 
21: [2...1] 4 The eed 21: [.52] 1 -11111.411 
22: ftt.. td] 4 Lede adl 22: [4.3] 2 1111..1411 
23: fa 222 ft] 2 pee Ree 23: [313] 1 111.1.1411 
24: fa.4..%] 2 ce Leal 24: [223] 1 11.11.1411 
25: [eft t. to] lee ee! 25: [133] 1 1.411.111 
26: bow oe 2. 1 2 odds 26: [.43] 1 -1111.1411 
27: f1..11] 38 1...1.1 27: [3.4] 2 111..1111 
28: fed.ft] 2 re 28: [214] 1 11.41.1111 
29: Pee bt td 2 eed Lol 29: L124] 1 1.411.11411 
30: [oo a Zed) 3 olde 30: [.34] 1 ~1411.11411 
31: fi.2.2] 4 scorer el 31 [225] 2 11..111411 
32: Caden 2] 4 oars 32 L115] 1 1.1.11111 
33: [ .-1.2] 2 1..41 33 [222.5 2 ~11.111411 
34: L .127)° 8 1.41 34 [1.6] 2 1..1111411 
35: [ .- 3] 4 111 35: [.16] 1 ~1.111111 
36: [.i 712 ..1111111 


Figure 7.1-A: The compositions of 3 into 5 parts in co-lexicographic order and positions of the right- 
most change, and delta sets of the corresponding combinations (left); and the corresponding data for 
compositions of 7 into 3 parts (right). Dots denote zeros. 


// Return position of rightmost change, return k with last composition. 


{ 


const ulong v = x_[0]; // value at first position 


if ( n_==v ) return k_; // current composition is first 


x_[0] = 0; // set first position to zero 
ulong j = 1; 

while ( 0==x_[j] ) ++j; // find next nonzero 
--x_[j]; // decrement value 
x_[j-1] = 1 + v; // set previous position 


return j; 


} 


With each transition at most 3 entries are changed. The compositions of 10 into 30 parts (sparse case) 
are generated at a rate of about 110 million per second, the compositions of 30 into 10 parts (dense 


case) at about 200 million per second [FXT: |comb/composition-colex-demo.cc|. With the dense case 


(corresponding to the right of figure|7.1-A) the computation is faster as the position to change is found 
earlier. 
Optimized implementation 


An implementation that is efficient also for the sparse case (that is, & much greater than n) is [FXT: class 


composition_colex2 in comb/composition-colex2.h}. One additional variable pO records the position of 


[fxtbook draft of 2008-January-19] 


7.2: Co-lexicographic order for compositions into exactly k parts 185 


the first nonzero entry. The method to compute the successor is: 


class composition_colex2 


[--snip--] 
ulong next () 
// Return position of rightmost change, return k with last composition. 


{ 


ulong j = pO_; // position of first nonzero 

if ( j==k_-1 ) return k_; // current composition is last 
ulong v = x_[j]; // value of first nonzero 

x_[j] = 0; // set to zero 

-“v; 

x_[0] = v; // value-1 to first position 

++p0_; // first nonzero one more right except ... 
if ( O!=v ) pO_=0; // ... if value v was not one 

+43; 

++x_[j]; // increment next position 


return j; 
+ 
33 


About 182 million compositions are generated per second, independent of either n and k [FXT: 
comb/composition-colex2-demo.cc). With the line 
#define COMP_COLEX2_MAX_ARRAY_LEN 128 


just before the class definition an array is used instead of a pointer. The fixed array length limits the 
value of k so by default the line is commented out. Using an array gives great speedup, the rate is about 
365 million per second (about 6 CPU cycles per update). 


7.2 Co-lexicographic order for compositions into exactly k parts 


The compositions of n into exactly & parts (where k > n) can be obtained from the compositions of 
n —k into at most k parts as shown in figure The listing was created with the program [FXT: 


comb/composition-ex-colex-demo.cc). The compositions can be generated in co-lexicographic order using 
XT: class composition_ex_colex in |comb/composition-ex-colex.h): 


class composition_ex_colex 


{ 

public: 
ulong n_, k_; // composition of n into exactly k parts 
ulong *x_; // data (k elements) 
ulong nk1_; // ==n-k+1 

public: 


composition_ex_colex(ulong n, ulong k) 
Af Must have n>=k 


n 


n; 
k_ k; 
nki_=n-k+41; // must be >= 1 

if ( (long)nki_ <1) nki_= 1; // avoid hang with invalid pair n,k 


x_ = new ulong[k_ + 1]; 
x_[k] = 0; // not one 
first(); 
} 
[--snip--] 


The variable nk1_ is the maximal entry in the compositions: 
void first () 


x_[0] = nki_; // all in first position 
for (ulong k=1; k<k_; ++k) x_I[k] = 1; 
} 


void last() 
{ 


[fxtbook draft of 2008-January-19] 


186 Chapter 7: Compositions 


composition 


0a 


es Re PN? PNW 
' Be NP: WNF- 


* WHONRPRRe es es 


OODNKOOPWNHE 


coe 
* NPR. - 


BONE BWNRPWNHENBEFEPBWNRWNRFENRPREWNRPNBEPENEFEER SA 
ee. 


a | | | | | | | | | | | | | Se | Be 
Amma mam mag mmo mmr mom room ero oer 
Be 
DY PP PP PP PP PP a PL PP PP PP PL LL 


BWWWWNHONHONNNNNNNNFPRRPRPRPRPRPRPRPRPRPRBPRPRPRPRPRRPEE 


Be 
foe 

mre ee eae eee eae eee ee eee eee ieee eae eee eee oe 

PRPENPRPENRPRPENFPWNRPPRPENRPRPNRFPWNRPEPNRFPWNRFPWNE 

PRENRPFPPNFPRPWNNRPFPRPENEFFPWNNEFRFPEBWWNNNRFPRPBRE 


PNRPPRPWNNNRFPRPRPRFPRFPREFBPWWWNNNNNNPRPRPRPRPRPRPRPRPE 


Figure 7.2-A: The compositions of n = 8 into exactly k = 5 parts (left) are obtained from the compo- 
sitions of n — k = 3 into (at most) k = 5 parts (right). Co-lexicographic order, dots denote zeros. 


for (ulong k=0; k<k_; ++k) x_[k] = 1; 
x_[k_-1] = nki_; // all in last position 
} 


The methods for computing the successor and predecessor are adaptations from the routines from the 
compositions into at most k parts: 


ulong next () 
// Return position of rightmost change, return k with last composition. 


{ 


ulong j = 0; 

while ( 1==x_[j] ) ++j; // find first greater than one 
if ( j==k_ ) return k_; // current composition is last 
ulong v = x_[j]; // value of first greater one 

x_[j] = 1; // set to one 

x_[0] =v - 1; // value-1 to first position 

+43; 

++x_[j]; // increment next position 


return j; 


} 


ulong prev() 
// Return position of rightmost change, return k with last composition. 


t 


const ulong v = x_[0]; // value at first position 


if ( nki_==v ) return k_; // current composition is first 


x_[0] = 1; // set first position to one 
ulong j = 1; 
while ( 1==x_[j] ) ++j; // find next greater than one 


[fxtbook draft of 2008-January-19] 


7.3: Compositions and combinations 187 


--x_[j]; // decrement value 
x_[j-1] = 1+ v; // set previous position 


return j; 


} 
3; 


The routines are as fast as the generation into at most k parts with the corresponding parameters: the 
compositions of 40 into 10 parts are generated at about 200 million per second. 


7.3. Compositions and combinations 


combination delta set composition 

1: [012] 111... [Sie a an 
2: [023] Ld. [12..] 
3: [123] oe ia [Ls Sa sd 
4: [013] Tall a [21..] 
5: [034] Leh [1.2.] 
6: [134] alee [.12.] 
re [234] .111. [..3.] 
8: [024] 1.1.1. [Ciii.] 
9: [124] Fp ees [.21.] 
10: [014] 11..1. [2.1.] 
11: [045] seers iE bi. . 2] 
12: [145] Fee bk Do 22 2] 
13: [245] .-1.41 [Low 12] 
14: [345] eee Lee a 3d 
15: [035] 1..1.1 [ 1 11] 
16: [135] deeded, [.111] 
17: [235] aol t 1 Las 2d] 
18: [025] 1.1..1 Cii.1] 
19: [125] dd sisd [ . 2 1] 
20: [015] 11...1 [2. 1] 


Figure 7.3-A: Combinations 6 choose 3 (left) and the corresponding compositions of 3 into 4 parts 
(right). Note that while the sequence of combinations has a minimal-change property the corresponding 
sequence of compositions does not. Dots denote zeros. 


Figure [7.3-A] shows the correspondence between compositions and combinations. The listing was gener- 
ated using the program [FXT: ‘comb /comb2comp-demo.cc}. Entries in the left column are combinations 
of 3 parts out of 6. The middle column is the representation of the combinations as delta sets. It also is 
a binary representation of a composition: A run of r consecutive ones corresponds to an entry r in the 
composition at the right. 


Now write P(n, k) for the compositions of n into (at most) k parts and C(N, K) for the combination er 
A composition of n into at most & parts corresponds to a combination of K = n parts from N =n+k—-1 
elements, symbolically, 


P(n,k) — C(N, K) = C(n+k-1,n) (7.3-1a) 


A combination of K elements out of N corresponds to a composition of n into at most k parts where 
n=Kandk=N-K+1: 


C(N, K) — P(n,k) = P(K,N-K-+1) (7.3-1b) 
Routines for the conversion between combinations and compositions are given in [FXT: 


comb/comp2comb.h). The following routine converts a composition into the corresponding combination: 


inline void comp2comb(const ulong *p, ulong k, ulong *c) 
// Convert composition P(*, k) in p[] to combination in c[] 


for (ulong j=0,i=0,z=0; j<k; ++j) 


[fxtbook draft of 2008-January-19] 


188 
{ 
ulong pj = pljl; 
for (ulong w=0; w<pj; ++w) c[it+] = zt++; 
++Z; 
} 
} 


Conversion of a combination into the corresponding composition: 


inline void comb2comp(const ulong *c, ulong N, ulong K, ulong *p) 
// Convert combination C(N, K) in c[] to composition P(*,k) in p[] 
// Must have: K>0O 

{ 


ulong k = N-K+1; 

for (ulong z=0; z<k; ++z) plz] = 0; 
ulong ci = N; 

while ( K-- ) 

{ 


ulong cO = c[k]; 
ulong d = ci - cO; 


k -= (d-1); 
++p [k] ; 
ci = cO; 


7.4 Minimal-change orders 


Chapter 7: Compositions 


A minimal-change order (Gray code) for compositions is such that with each transition one entry is 
increased by one and another is decreased by one. A recursion for the compositions P(n,k) of n into k 


parts in lexicographic order is 


0. P(n—0,k—-1) 
1.P(n—1,k—-1) 
2.P(n—2,k-—1) 
P(n,k) = 3. P(n—3,k-1) 
4. P(n—4,k—1) 
n. P(0,k—1) 


(7.4-1) 


A simple variation gives a Gray code, we change the direction if the element is even: 


. PR(n —0,k — 1) 
.P(n-1,k-1) 
. PR(n —2,k —1) 
.P(n-3,k-1) 
.PR(n—4,k —1) 


Sw NTRS 


(7.4-2) 


The ordering is shown in figure (left), the corresponding combinations are in the (reversed) enup 


order from section on page 


0. P(n—0,k—1) 
.PR(n—1,k-1) 
.P(n—-2,k-1) 
. PR(n —3,k —1) 
.P(n—4,k-1) 


v 

—~ 

3s 

co 

we 

| 
CO Oe 


[fxtbook draft of 2008-January-19] 


If we change directions at the odd elements 


(7.4-3) 


7.4: Minimal-change orders 189 


composition combination composition combination 

1: [~[...3.] = ...111. [345] te £38 2.4 6 «J hess. [O12] 
2: [~—.1.2.] .1..11. [145] 2: [~21...] 11.1... [013] 
3: [1..2.] 1...11. [045] Bi Li2Qs«. «J tthe [0,23] 
4: [~—..12.] ..1.11. [245] 45 [~—.3...] .141... [123] 
Se fw 2a .5) 2ettyt. - 23 55] Ss [ . 24a. . J) .T.4d.. L424 ] 
6: [fa dt ta. J det. [241-3 5 J 6: [~iit...j] thi.4. [1024] 
t Lats Dade J tect.ts [03.50] 7: [~2.1..]) 11..14.. £014] 
82 DL 2s 2d.) dent. PO dt 5] 8: [1.2..] 1..11.. [034] 
9: [~[11.1.] 1.41..1. [025] 9: [~.12..] .1.11.. [£134] 
10: [.2.1.] .14..1. [125] 10: [..3..] ..111.. [£234] 
Pe Pn Boe ea do atitese [P1234 11: [..21.]) ..11.1. £235] 
12 bee ae Ie Dede [023] 12: [C1i.11.] 1..1.1. [035] 
13: [2425.4 J dt1. [013] 13: [.111.] 1.1.1. [£135] 
14: [38s w wo) 1. [012] 14: [—.2.1.] .11..1. [£125] 
15: [ 26. do. 2] dia.d [014] 15; [at Lets] edict, [025] 
16: Litt... J 1.1.4... [024 ] 16: [~2..1.] 11...1. £015] 
17: [—.21..]) #.14.14.. [£124] 17: Ci. .2.] 1...11. [045] 
18: [.12..] .1.11.. [£134] 18: [.1.2.] .1..11. [145] 
199: [~il«w 2...) 1..11.. [£034] 19: [..12.] ..1.11. [245] 
20: [ea Bw «J 111... [234] 20: [...3.] ...411. [345] 
21 ss. S22. Ad .11..1 [236] 2i: [...21] = ...11.1 [346] 
22° * [ad dg, Ad 1.14... [136] 22: [1i..11] 1...1.1 [046] 
23: [1.1.1] 1..1..1 [036] 23: [.1.121] .1..1.1 [146] 
242 DD og ce hd Taal £0 2.6] 24: [..1i11] ..1.1.1 [246] 
25: [ii ole I Ledteaed: [O26 J 25: [..2.1] ..11..1 [236] 
26: [.2 . 1] .41...1 £126] 26: C1i.1.1] 1..1..1 [036] 
27: [~.1.11] .1..1.1 [146] 27: [C.1i1i.i1]) .4.4..1 [£136] 
28: [1..11] 1...1.1 [046] 28: Fi 2®ewn 1] test [1 2°6 ] 
29: [..14114] ..1.1.1 [246] 29: CLia..i1] 1.1...1 [026] 
30: [iw wy 21] 11.1 [346] 30: £25. 2.62] Tee... [016 ] 
312 Lowa « 22. 1.11 [356] 31: [1...2] 1....11 [056] 
B25. (ia bm 4 22] 1...11 [156] 32: [.1..2] .1...11 [156] 
332. [45s 2] 1 .11 [056] 33: [ et. 2d ned ptt. [2:56 J 
34: [—..1.2] 1..11 [256] 34: [ A 2°] 1.1411 [356] 
35: -L« wn 2 Oo | 111 [456] 35: C[ . 3] 111 [456] 


Figure 7.4-A: Compositions of 3 into 5 parts and the corresponding combinations as delta sets and sets 
in two minimal-change orders: order with enup moves (left) and order with modulo moves (right). The 
ordering by enup moves is a two-close Gray code. Dots denote zeros. 


then we obtain an ordering (right of figure|7.4-A) corresponding to the combinations are in the (reversed) 
Eades-McKay order from section on page The listings were created with the program [FXT: 
comb/composition-gray-rec-demo.cc). 


Gray codes for combinations correspond to Gray codes for combinations where no element in the delta set 
crosses another. The standard Gray code for combinations does not lead to a Gray code for compositions 
as shown in figure[7.3-A]on page [187] When the directions in the recursions are always changed then the 
compositions correspond to combinations that have the complemented delta sets of the standard Gray 
code in reversed order. 


Orderings where the changes involve just one pair of adjacent entries (shown in figure|7.4-B) correspond to 
the complemented strong Gray codes for combinations. The amount of change is greater than one in gen- 


eral. The listings were created with the program [FXT: comb/combination-rec-demo.cc], see section [6.6] 
on page [179] 


[fxtbook draft of 2008-January-19] 


Chapter 7: Compositions 


190 


AMM MMM OO MMO MO MMO MMMM MMO Mo oOo 


8 Ci oe ee A OO De aH NANA OM 
3 od od a dN AN sx od ad AN ANY 
a Ge Nada es et (-MNNANAAS - 

8 I De AMAT HHANANNM®M - © 6 et ee et ew 
SONA Ht 


a | | | | | | | | | So 


. avis ee ew ee re ad 6 6 ew we awn edd eo 

° bel evt wae wawtwt owt ert te ort te ort Be Re 

soe ee | 
Gere eo we ew Mdirindt se ee eee i er | ee 
ou oo Se ee eee 
ee ee ey ee ee ee ee ee ee 
es ede te re ad i i 
q 
‘a Ce en | De | DU Ue ee 


ENMNPAMIOOMANHNOOONOODOONPFOODONHFMPAOODONOOWOMWO 
VAAAAANAANNAMNMAMNPHOOPFPHIMMMNAANANMOMO SHO LOD SLO 
DODWVVCVCWVDVCVODVOOCOC OANA AHHH AAANANAANNMM OSH 


ee | || | | oo | | | | Se 


ie) 


ANMHPOONRODRDOANMHOOF ONO 
AAA AHHH HHN 


ONG © © err te te ee ee wowrd © © © © Wao HNN? ee ONO 
DB dN od wel ee ee od aa ad HN IN od NO 
2 Nn od a sc Ns: ATAAMNAN 

B. oF he ew MAHAN — SNANMA ddd 8 8 ee ee ee 


mawde ae ee ee ew ee ao edd: ao eds 

a est owt a a ee Saltese ban coed aaa et ets erwis 

| | . a ee ee | tad ood 
a er er er es Mdinit ss ee ee adds: 
O + + «© ew el . er Mddidinid ee ee 
a Se eee ee ee ee ee 
foes ee oy eed lt eed Cac ier oer a ane SO a ee 
q 


a Amma mammarmammammarmrmmmmmmmmommmommmeoe 
Be $0 SOLO SILO SOO. LO S109 CN.C9 S150 80,10 SIE OD STEED S/O LY S060 60: LOSI LO S060: SOO) 
VCOHFHMMNMNANAN HAHAHA ANANAMNMNMNHSAHOWOSDHMMM HHLOLO 


DODVDWVVDVCVDCVCOCCOCO FAFA HAHAHAHAHA ANANANANNANANM OOH 


DY I I I a I I I 


ANMHPOONRORDOANMHOO ONO 
ANA HH HHN 


Figure 7.4-B: The (reversed) complemented enup ordering (left) and Eades-McKay sequence (right) for 
combinations correspond to compositions where only two adjacent entries change with each transition, 


but by more than one in general. 


[fxtbook draft of 2008-January-19] 


191 


Chapter 8 


Subsets 


This section gives algorithms to generate all subsets of a set of n elements. There are 2” subsets, including 
the empty set. 


8.1 Lexicographic order 


1: Licaets {0} 1 {0} 

2: Ld os {0, 1} 1 {1} 

3: 111. {0, 1, 2} LA cs {0, 1} 

4: 1111. {0, 1, 2, 3} ere nee {2} 

5: 11111 0, 1, 2, 3, 4} Ae Does {0, 2} 

6: 111.1 {0, 1, 2, 4} re eee {1, 2} 

Cs 11.1. {0, 1, 3} 1i1.. {0, 1, 2} 

8: 11.11 {0, 1, 3, 4} 1. {3} 

9: 11..1 {0, 1, 4} Lise Tes {0, 3} 

10: Lied {0, 2} 1.1. {1, 3} 

alg ie 1.11. {0, 2, 3} 11.1. {0, 1, 3} 
12: 1.111 {0, 2, 3, 4} The, {2, 3} 

13: 1.1.1 {0, 2, 4} 1.11 {0, 2, 3} 
14: 1..1 {0, 3} 111 {1, 2, 3} 
15: 1..11 {0, 3, 4} 1111. {0, 1, 2, 3} 
16: 155.04 {0, 4} “ened {4} 

17: Lesa {1} dissec {0, 4} 

18 14... {1, 2} eee {1, 4} 

19 «111. {1, 2, 3} 11..1 {0, 1, 4} 
20 1111 {1, 2, 3, 4} egg {2, 4} 
21 .11.1 {1, 2, 4} Lied {0, 2, 4} 
22 1.1 {1, 3} 11 {1, 2, 4} 
23 1.11 {1, 3, 4} 111.1 {0, 1, 2, 4} 
24 1..1 {1, 4} .i1 {3, 4} 
25 des {2} a eee {0, 3, 4} 
26 11s {2, 3} .1.11 {1, 3, 4} 
27 111 {2, 3, 4} 11.11 {0, 1, 3, 4} 
28 1.1 {2, 4} 111 {2, 3, 4} 
29: 5 bods {3} 1.2441 {0, 2, 3, 4} 
30: sae 41 {3, 4} .1111 {1, 2, 3, 4} 
31: neared {4} 11111 {0, 1, 2, 3, 4} 


Figure 8.1-A: Non-empty subsets of a five element set in lexicographic order for the sets (left), and in 
lexicographic order for the delta sets (right). 


The (nonempty) subsets of a set of five elements in lexicographic order are shown in figure Note 
that the lexicographic order is different for the set and the delta set representation. 


[fxtbook draft of 2008-January-19] 


192 Chapter 8: Subsets 


8.1.1 Generation as delta sets 


The listing on the right si gure is with respect to the delta sets. It was created with the pro- 
falta FXT: comb/ subset-deltalex-demo.cc| which uses [FXT: class subset_deltalex in comb/subset- 
deltalex.h . 


e algorithm for the computation of the successor is binary counting: 
class subset_deltalex 


{ 
public: 
ulong *d_; // subset as delta set 
ulong n_; // subsets of the n-set {0,1,2,...,n-1} 
public: 
subset_deltalex(ulong n) 
{ 
n_ =n; 
d_ = new ulong[n+1]; 


d_{n] = 0; // sentinel 
first(); 


~subset_deltalex() 
{ delete [] d_; } 


void first( 
{ for (ulong k=0; k<n_; ++k) d_[k] = 0; } 


bool next () 
{ 


ulong k = 0; 
while ( d_ [k]== 1) { d_[k]=0; ++k; } 


if ( k==n_ ) return false; 
else 


d_[k] = 
return true; 


} 
} 


const ulong * data() const { return d_; } 


3; 


About 180 million subsets per second are generated. A bit-level algorithm to compute the subsets in 
lexicographic order is given in section on page 


8.1.2 Generation as sets 


The lexicographic order with respect to the set representation is shown at the left side of figure 
The routines in [FXT: class subset_lex in comb/subset-lex.h) compute the non-empty sets in the 
corresponding representation: 


class subset_lex 


public: 
ulong *x_; // subset of {0,1,2,...,n-1} 
ulong n_; // number of elements in set 
ulong k_; // index of last element in subset 
// Number of elements in subset == k+1 
public: 
subset_lex(ulong n) 
{ 
n_ =n; 
x_ = new ulong[n_]; 
first(); 


~subset_lex() ‘{ delete [] x_; } 
ulong first() 
{ 

k_ = 0; 


x_[0] = 0; 
return k_ +1; 


[fxtbook draft of 2008-January-19] 


8.2: Minimal-change order 193 


ulong last () 


[--snip--] 
The methods next () and prev() compute the successor and predecessor, respectively: 


ulong next () 

// Generate next subset 

// Return number of elements in subset 
// Return zero if current == last 


if ( x_[k_] == n_-1) // last element is max ? 


if ( k_==0 ) { first(); return 0; } 


Sok; // remove last element 
x_[k_]++; // increase last element 


else // add next element from set: 


x_[k_] = x_[k_-1] + 1; 


return k_ + 1; 


} 


ulong prev() 
// Generate previous subset 
// Return number of elements in subset 


// Return zero if current == first 
if (k_ ==0) // only one element ? 
if ( x_[0]==0 ) { last(); return 0; } 
x_[0]--; // decr first element 
x_(++k_] =n_ - 1; // add element 
} 
else 
if ( x_[k_] == x_[k_-1]+1 ) --k_; // remove last element 
else 
x_[k_]--; // decr last element 
x_[++k_] = n_ - 1; // add element 
} 


return k_ + 1; 


} 


const ulong * data() const { return x_; } 


3; 


More than 235 million subsets per second are generated [FXT: comb/subset-lex-demo.cc). A generaliza- 


tion with mixed radix numbers is described in section |9.3]on page 


8.2 Minimal-change order 


8.2.1 Generation as delta sets 


The subsets of a set with 5 elements in minimal-change order are shown in figure The implementa- 
tion [FXT: class subset_gray_delta in |comb/subset-gray-delta.h| uses the Gray code of binary words 
and updates the position corresponding to the bit that changes in the Gray code: 


class subset_gray_delta 


// Subsets of the set {0,1,2,...,n-1} in minimal-change (Gray code) order. 
{ 
public: 

ulong *x_; // current subset as delta-set 


[fxtbook draft of 2008-January-19] 


Chapter 8: Subsets 


194 

OF. sviescked {} 

1: 1.. {0} 

2s. WA {0, i} 

3: .1.. {1} 

4: .11. {1, 2} 

5s At. {0, 1, 2} 

6: 1.1. {0, 2} 

7: .i.. {2} 

8: ..411. {2, 3} 

9: 1.11. {0, 2, 3} 
10: 1111. {0, 1, 2, 3} 
11: .1411. {1, 2, 3} 
12: .1.1. {1, 3} 

13% 21.4 {0, 1, 3} 
14: 1..1 {0, 3} 

15: .1. {3} 

16: 11 {3, 4} 

17: 1..11 {0, 3, 4} 
18: 11.11 {0, 1, 3, 4} 
19: 1.11 {1, 3, 4} 
20: 1111 {1, 2, 3, 4} 
21: 11111 0, 1, 2, 3, 4} 
22: 1.111 {0, 2, 3, 4} 
23: ..111 {2, 3, 4} 
24: ..1.1 {2, 4} 

25: 1.1.1 {0, 2, 4} 
26: 111.1 {0, 1, 2, 4} 
27: .11.1 {1, 2, 4} 
28: .1..1 f{1, 4} 

29: 11..1 {0, 1, 4} 
30: 1...1 {0, 4} 

31: ..1 {4} 


O: 11111 
ds 14111 
2: 111 
3: 14.111 
4: 1..11 
5: .i1 
6: 1.11 
7: 11.411 
8: 11..1 
9: .1..1 
10: ....1 
Tis Lin 
12: 1.1.1 
13: 1.1 
14: 11.1 
15: 141.1 
16: 111.. 
17: 11. 

18% icles 
19: 1.1.. 
20: 1.... 
2d hes 
22¢ osha 
23% Tec 
24: 11.1. 
25: ee 
26: 1 
27: #1..1. 
28: 1.11. 
29: sii. 
30 111. 
31 1111 


RAE AAA A AAA AA AAA ASA SA aaah aaa aad 


vee eee ee ww 


ve ve we ew we wv 


. 


DONFOORPNOOBRFOORWOONFO 


ORNOOWROOR | 
wot 


vw we we wv 


BO” Sw 

wy 
us 
Ww 


a) 
Rod” PwoBwWN 


WN 
a) 


. 


a) 
wow we & 


wow & 
NNW OA 
WS 
YW 


wow & 


NO NRPEPNAN SA BPFPWRBWNWNHE 


wy 


Ww 
PNWNW WOrRrR 
Www we & 
Nw w w 
wo oy We 
wo 
Ww 


Figure 8.2-A: The subsets of the set {0, 1, 2, 3, 4} in minimal-change order (left), and complemented 
minimal-change order (right). The changes are on the same places for both orders. 


ulong n_; 
ulong j_; 
ulong ct_; 
ulong mct_; // max value of ct. 


// position of last change 


public: 
subset_gray_delta(ulong n) 
{ 
a (n ?n: 1); // not zero 
x_ = new ulong[n_]; 
mct_ = (1UL<<n) - 1; 
first (0); 


n 


“subset_gray_delta() { delete [] x_; } 


// number of elements in set <= BITS_PER_LONG 


// gray_code(ct_) corresponds to the current subset 


In the initializer one can choose whether the first set is the empty or the full set (left and right of 


figure [8.2-A}: 


void first(ulong v=0) 


{ 

ct_ = 0; 

je Hn. = 1s 

for (ulong j=0; j<n_; ++j) x_[j] =v; 
} 
const ulong * data() const { return x_; } 


const { return j_; } 
const { return ct_; } 


ulong pos() 
ulong current () 


ulong next () 


// Return position of change, return n with last subset 


if ( ct_ == mct_ ) { return n_; } 


[fxtbook draft of 2008-January-19] 


8.2: Minimal-change order 195 


++ct_; 
j_ = lowest_bit_idx( ct_ ); 
x_[j_] “= 1; 


return j_; 


} 


ulong prev() 
// Return position of change, return n with first subset 


{ 
if ( ct_ == 0) {return n_; } 
j_ = lowest_bit_idx( ct_ ); 
x_[j_] “= 1; 
==Ct_} 
return j_; 

} 


}; 


About 130 million subsets are generated per second [FXT: |comb/subset-gray-delta-demo.cc  . 


8.2.2 Generation as sets 


The class [FXT: class subset_gray in comb/subset-gray.h) generates the subsets of {1, 2,..., n} as 
sets. The underlying idea is described in section [1.15.3] on page [38] 


class subset_gray 


// Subsets of the set {1,2,...,n} in minimal-change (Gray code) order. 
{ 
public: 
ulong *x_; // data k-subset of {1,2,...,n} in x[1,...,k] 
ulong n_; // subsets of n-set 
ulong k_; // number of elements in subset 
public: 
subset_gray(ulong n) 
n_ =n; 
x_ = new ulong[n_+1]; 
x_[0] = 0; 
first(); 


“subset_gray() { delete [] x_; } 


ulong first() { k_ = 
ulong last() { x_[1] 


const ulong * data() const { return x_+1; } 
const ulong num() const { return k_; } 


0; xreturn k_; } 
=1; k_= 41; return k_; } 


private: 
ulong next_even() 


if ( x_[k_]==n_ ) // remove n (from end): 
--k_ : 

} 

else // append n: 


++k_; 
x_[k_] = n_; 


return k_; 


} 
ulong next_odd() 


if ( x_[k_]-1==x_[k_-1] ) // remove x[k]-1 (from position k-1): 


x_[k_-1] = x_[k_]; 


else // insert x[k]-1 as second last element: 


x_[k_+1] = x_[k_]; 


[fxtbook draft of 2008-January-19] 


196 Chapter 8: Subsets 


--x_[k_]; 
++k 


return k_; 


} 


public: 
ulong next () 
{ 


if ( 0==(k_&1 ) ) return next_even(); 


else return next_odd(); 


} 
ulong prev() 


if ( 0==(k_&i1 ) ) // k even 


if ( O==k_ ) return last(); 
return next_odd() ; 


else return next_even(); 


} 
3; 


More than 160 million subsets are generated per second [FXT:|comb/subset-gray-demo.cc|. The algorithm 


to generate the successor is given in [141]. 


8.2.3. Computing just the positions of change 


The following algorithm computes only the locations of the changes, it is given in |41|. It can also be 
obtained as a specialization (for ion of the loopless algorithm for computing a Gray code ordering 


of mixed radix numbers given section on page [FXT: class ruler_func in comb/ruler-func.h): 


class ruler_func 
// Ruler function sequence: 0102010301020104010201... 


{ 
public: 
ulong *f_; // focus pointer 
ulong n_; 
public: 
ruler_func(ulong n) 
{ 
n_ =n; 
f_ = new ulong[n+2]; 
first(); 


“ruler_func() { delete [] f_; } 

void first() { for (ulong k=0; k<n_+2; ++k) f_[k] =k; } 
ulong next () 

{ 


const ulong j = f_[0]; 
// if ( j==n_) f{ first(); return n_; } // leave to user 
f_[0] = 0; 
const ulong ji = j+i; 
f_(jl] = f_[j1l; 
f_[j1] = ji; 
return j; 
} 
3; 


The sequence of positions is generated at a rate of about 290 million per second [FXT: comb/ruler-func- 
demo.e 


[fxtbook draft of 2008-January-19] 


8.3: Ordering with De Bruijn sequences 197 


0: Oo, , , , }  #=1 {0} 

1: {,1, , , }  #=1 {1} 

2: {, ,2, , }  #=1 {2} 

3: {, , , 38, }  #=1 {3} 

4: O, , , , 4+ #=2 £0, 4} 

5: O, 1, , , } #=2 {0, 1} 

6: {,1, 2, , } #=2 {1, 2} 

ce {, ,2, 3, } #=2 {2, 3} 

8: {0O, , , 3, 4} #53 £0, 3, 4} 

9: {,1, , , 4} #=2 {1, 4} 

10: O, , 2, , } #=2 {0, 2} 

11: {,1, ,3, } #=2 {1, 3} 

12: {, ,2, , 4} #=2 {2, 4} 

13: O, , , 3, } #=2 {0, 3} 

14: 0, 1, , , 4} #53 {0, 1, 4} 
15: 0, 1, 2, , } #53 {0, 1, 2} 
16: {,1, 2, 3, } #53 {1, 2, 3} 
17: {0O, , 2, 3, 4} #54 {0, 2, 3, 4} 
18: {,1, , 3, 4} #53 {1, 3, 4} 
19: 0, , 2, , 4} #53 {0, 2, 4} 
20: 0, 1, , 3, } #53 {0, 1, 3} 
21: {,1, 2, , 4} #53 {1, 2, 4} 
22: {0O, , 2, 3, } #53 {0, 2, 3} 
23: 0, 1, , 3, 4} #54 {0, 1, 3, 4} 
24: 0, 1, 2, , 4} #54 {0, 1, 2, 4} 
25: {0, 1, 2, 3, } #=4 {0, 1, 2, 3} 
26: {0, 1, 2, 3, 4} #=5 {0, 1, 2, 3, 4} 
27: {,1, 2, 3, 4} #=4 {1, 2, 3, 4} 
28: » » 2, 3, 44 #53 {2, 3, 4} 
29: {, , , 38, 4}  #=2 {3, 4} 
30: {, , , , 4+ #=1 {4} 
31: {, , , , }  #=0 {} 


Figure 8.3-A: Subsets of a five element set in an order corresponding to a De Bruijn sequence. 


8.3 Ordering with De Bruijn sequences 


A curious sequence of all subsets of a given set can be generated using a binary De Bruijn sequence that 
is a cyclical sequence of zeros and ones that contains each n-bit word once. In figure the empty 
places of the subsets are included to make the nice property apparent. The ordering has the single track 
property: each column in this (delta set) representation is a circular shift of the first column. The listing 


was created with the program [FXT:|comb/subset-debruijn-demo.cc|. The underlying De Bruijn sequence 


is 
0o00001000171001010011101720112011111 


(rotated left in the example so that the empty set appears at the end). Each subset is made from its 
predecessor by shifting it to the right and inserting the current element from the sequence. 


The implementation [FXT: class subset_debruijn in comb/subset-debruijn.h| uses [FXT: class 
debruijn in |comb/debruijn.h (which in turn uses [FXT: class necklace in comb/necklace.h). An 


algorithm for the generation of binary De Bruijn sequences is given in section on page 


Successive subsets differ in many elements if the sequency (see section on page [42) is big. Using the 
‘sequency-complemented’ subsets (see end of section we obtain an ordering where more elements 
change with small sequencies as shown in figure This ordering corresponds to the complement-shift 


sequence of section |19.2.3}]on page [361] 


[fxtbook draft of 2008-January-19] 


198 Chapter 8: Subsets 


0: {, ,2, , 4} #=2 {2, 4} 

1: 0, 1, 2, , 4} #=4 {0, 1, 2, 4} 
2: 105. & 3 Ae #=2 {0, 4} 

3: 0, , 2, 3, 4} #=4 {0, 2, 3, 4} 
4: {, ,2, , } #1 {2} 

5% 4g Lye 2, 5 4} #=3 {1, 2, 4} 

6: 0, 1, , , 4} #=3 {0, 1, 4} 

T: 0, , , 3, 4} #=3 {0, 3, 4} 

8: Aye gp Ze oe Le #=2 {2, 3} 

9: 405-215. 23 4 oF #=3 {0, 1, 2} 
10: { ? ? ? ? 4} #=1 {4} 

11: {0, 1, 2, 3, 4} #=5 {0, 1, 2, 3, 4} 
12: TOs. sp -g. oor #=1 {0} 

13: {, , 2, 3, 4} #=3 {2, 3, 4} 
14: { ? 1, 2, ’ } #=2 {1, 2} 

15% {,1, , , 4} #=2 {1, 4} 

16: 0, 1, , 3, 4} #=4 {0, 1, 3, 4} 
17: ty Geo #=1 {3} 

18: {0, 1, 2, 3, } #=4 {0, 1, 2, 3} 
19: Gig ge a fo EO {} 
20: {,1, 2, 3, 4} #=4 {1, 2, 3, 4} 
21: AOss de, ott ae eae #=2 {0, 1} 
22: dey 3g. pate #=2 {3, 4} 
23: { , 1, 2; 3; + #=3 {1, 2, 3} 
re a ee ee ee 
25: {,1, , 3, 4} #=3 {1, 3, 4} 
26: {,1, ,3, } #=2 {1, 3} 
27: 0, 1, , 3, } #=3 {0, 1, 3} 
28: Oo, , , 3, } #=2 {0, 3} 
29: 0, , 2, 3, } #=3 {0, 2, 3} 
30: 0, ,2, , } #=2 {0, 2} 
31: 0, ,2, , 4} #=3 {0, 2, 4} 


Figure 8.3-B: Subsets of a five element set in alternative order corresponding to a De Bruijn sequence. 
The elements 0, 2, and 4 are present exactly if they are not in figure 


1. sehen 1 1 17: #1..111 4 33: ...,11 2 49: ...111 3 
Ze (ards 1 18: ...1.1 2 342) gegdl. 2 50: ..111. 3 
oS a (eee 1 Os; <cdd. 2 S08 «ttes 2 Bde: Ltt 3 
ere eee 1 20% aledin 2 36: .11... 2 52: i111... 3 
DES Galles 1 212 Dolls ae 2 Slt Leste 2 53: 111..1 4 
C3 Diesen 1 22: Ledecd 3 38: 11...1 3 54: .111.1 4 
Ce Dig el 2 232 lA 3 39: .11..1 3 55: 111.1. 4 
BS? ade wed 2 24; 4.1.4. 3 40: 11..1. 3 56: 111.11 5 
Oe Lanes 2 25: 1.1.11 4 41: 11..11 4 57: ..1111 4 
10: 1...11 3 265 «64207 3 42: ..11.1 3 58: .1111. 4 
Tbe ceed soe 2 Ze cle bi. 3 43:  .11.1. 3 59: 1111.. 4 
12: Le ds 2 28: 1.11.. 3 44. 441d. 3 60: 1111.1 5 
13: 1..1.. 2 29: 1.11.1 4 45: 11.1.1 4 61: .11111 5 
14: 1..1.1 3 30: .1.111 4 46: .11.11 4 62: 11111. 5 
15: .1..11 3 31: 1.111. 4 47: 11.11. 4 63: 111111 6 
16: 1..11. 3 32: 1.1111 5 48: 11.111 5 


Figure 8.4-A: Nonempty subsets of a 6-bit binary word where all linear shifts of a word appear in 
succession (shifts-order). All shifts are left shifts. 


[fxtbook draft of 2008-January-19] 


8.4: Shifts-order for subsets 199 


1: 1 LES capidlsel 2 33: ...111 3 49: .11.1. 3 
2: 1 18: ..1.11 3 34: .,111. 3 50: 11.1... 3 
3: 1 19: .1.11. 3 35: .111.. 3 51: 11.1.1 4 
4: 1 20) 2.11... 3 36: 111... 3 52: 11.111 5 
5: 1 21: 1.11.1 4 37: 111..1 4 63: 11.11. 4 
6: 1 22: 1.1111 5 38: 111.11 5 54: .11.11 4 
ts 2 23: 1.111. 4 39: 111.1. 4 65: .11..1 3 
8: 3 24: .1.111 4 40: .111.1 4 56: 11..1. 3 
9: 2 203, ddd 3 41: .11111 5 57: 11..11 4 
10: 2 26%) 1.dvd. 3 42: 11111. 5 68: 11...1 3 
11: 3 27: 1.1.11 4 43: 111111 6 Boe, Tteat 2 
12: 3 202° Lele 3 44: 1111.1 5 60: .11... 2 
13: 4 293~ Dade as 2 45: 1111.. 4 6le se TL.+ 2 
14: 3 30: .1.1.. 2 46: .1111. 4 62: eieabdies 2 
15: 2 31: sid. 2 47: -1111 4 63: seedd, 2 
16: 2 32: gedted 2 48: ehd.1 3 


Figure 8.4-B: Nonempty subsets of a 6-bit binary word where all linear shifts of a word appear in 
succession and transitions that are not shifts switch just one bit (minimal-change shifts-order). 


1? 1 DCE seals Ls 2 33: ioedied 3 49% avde dd. 3 
2: 1 183 odveiedic. 2 34: 1..1.1.1 4 BOe wih Deden. 3 
3: al 19%. “Ace Dine 5 2 SOS hecarss 1.1 2 Sl Lede dees 3 
4: 1 20: 1...1..1 38 36: ¢ euekerd 2 b2? Leaded. oA 
5: 1 2iy adis.d.d 9 37: fede d 2 53: .1.1.1.1 4 
6: 1 223 Tes.dsd. 3 38: .1.1 2 64:3. 1.4.7.1. 4 
ts 1 239 sanded 2 39: 1.1. 2 
8: 1 243 ghee deeds 2 40% Leds sie se 2 
9: 2 205) welecdin. 2 ALS Aied nics 3 
10: 2 26: «did. 2 42: Led sod 3 
11: 2 203 dee dens 2 AS3 dedsccdis 3 
12: 2 28: 1..1...1 3 44: gods Miso 3 
13: 2 29% (sdicded 3 45: Led wads 3 
14: 2 30: 1..1..1 3 46: 1.1.41. 3 
15: 3 Shr esds.d dl . 3S 4%: Asdecdet ~& 
16: 2 322 «he.dad 3 48: ececkee: desl 3 


Figure 8.4-C: Nonzero Fibonacci words in an order where all shifts appear in succession. 


8.4 Shifts-order for subsets 


Figure shows an ordering (shifts-order) of the nonempty subsets of a 6-bit binary word where 
all linear shifts of a word appear in succession. The generation is done by a simple recursion [FXT: 


comb/shift-subsets-demo.cc): 


ulong n; // number of bits 
ulong N; | // 2**n 


void A(ulong x) 


{ 
if ( x>=N ) return; 
visit(x); 
A(2*x) ; 
A(2*x+1); 
} 


The function visit ( simply prints the binary expansion of its argument. The initial call is A(1). 


The transitions that are not shifts change just one bit if the following pair of functions is used for the 
recursion (minimal-change shifts-order shown in figure |8.4-B): 


void F(ulong x) 


{ 
if ( x>=N ) return; 
visit(x); 
F(2*x) ; 
G(2*x+1); 
} 
void G(ulong x) 
{ 
if ( x>=N ) return; 
F(2*x+1); 
G(2*x) ; 


[fxtbook draft of 2008-January-19] 


200 Chapter 8: Subsets 
visit(x); 


The initial call is F(1), the reversed order can be generated via G(1). 


We note that a simple variation can be used to generate the Fibonacci words in a shifts-order shown in 
figure With transitions that are not shifts more than one bit is changed in general. The function 


used is [FXT: |comb/shift-subsets-demo.cc]: 


void B(ulong x) 


{ 
if ( x>=N ) return; 
visit(x); 
B(2*x) ; 
B(4*x+1) ; 
} 


8.5 k-subsets where k lies in a given range 


We give algorithms for generating all k-subsets (subsets of an n-element set with k elements in each 
subset) where kmin <k < kmaz- If kmin = 0 and kmaz =n we obtain all subsets, if kmin = kmac = k we 


obtain combinations ae 


8.5.1 Recursive algorithm 

A recursive routine that generates all k-subsets where lies in a prescribed range is [FXT: class 
ksubset_rec in |comb/ksubset-rec.h|. The routine can generate the subsets in 16 different orders. Fig- 
ure shows the lexicographic orders, figure shows three Gray codes. The order numbers 
correspond to the second argument of the program [FXT: comb/ksubset-rec-demo.cc,. The constructor 


has just one argument, the number of elements of the set whose subsets shall be generated: 


class ksubset_rec 
// k-susbsets where kmin<=k<=kmax in various orders. 
// Recursive CAT algorithm. 


aoe 
public: 


long n_; // subsets of a n-element set 
long kmin_, kmax_; // k-subsets where kmin<=k<=kma 


long *rv_; // record of visits in graph (list of elements in subset) 
ulong ct_; // count subsets 

ulong rct_; // count recursions (==work) 

ulong rq_; // condition that determines the order 

ulong pq_; // condition that determines the (printing) order 

ulong nq_; // whether to reverse order 


// function to call with each combination: 
void (*visit_) (const ksubset_rec &, long); 


public: 

ksubset_rec(ulong n) 

{ 
n_ =n; 
rv_ = new long[n_+1]; 
+4+rv_; 
rv_[-1] = -1UL; 

} 


~ksubset_rec() 


--rv_; 
delete [] rv_; 


One has to supply the interval for k (variables kmin and kmax) and a function that will be called with 
each subset. The argument rq determines which of the sixteen different orderings is chosen, the order 
can be reversed with nonzero nq. 


void generate(void (*visit) (const ksubset_rec &, long), 
long kmin, long kmax, ulong rq, ulong nq=0) 


[fxtbook draft of 2008-January-19] 


8.5: k-subsets where k lies in a given range 


201 


order #0 
O: Hee aay? “gta ceeeces 
1: 111. oP ios 
2 11.1 .MP.. 
3: 11..1 .MP. 
4: i lin eee ...MP 
5: ee ee .MP..M 
6: 1113: sees 
7: 1.4.1. ..MP. 
8: 5 Ur oe ...MP 
9: fie dacs .MP.M 
10: 1.11, .P, 
11: sere eb . .MP 
12: 5 rere be MPM 
13: dew dd see P 
14: seers b scuteoas lg 
15: phe ae MPP. .M 
16: 111. ee 
17: Poe ei ..MP. 
18: Pele lara be ...MP 
19: fs Derg Da .MP.M 
20: whe Ad, .P. 
21: ode dL . .MP 
22: di 4d. MPM 
23: sliett sci? 
24: siisoak aM 
25: polhes MPP .M 
26: 411. <P 
27: 11.4 . .MP 
28: Ps ie MPM 
29: serie dd, wiP 
30: me eee . MM. 
31: wits MPPM 
32: 114 iemceaP 
33: 1.4 sarees 
34: .11 ...MP. 


AEA AAA AAA AAA AAA AA AAA AAA AAA AAA AAA AAA 


0, 143 11 
05. 12 11 
0, 1, 3} 11. 
0, 1, 4} 11 
0, 1,5 F 11 
0, 2} 1. 
0, 2, 3} 1. 
0, 2, 4} 1. 
05. 2,5: + 1. 
0, 3 } 1. 
0, 3, 4} 1. 
0443 5.25: + du 
0, 4} 1. 
0, 4, 5 } Liss 
0, 5 } ds 
1, 2} a1 
1, 2, 3} al 
1, 2, 4} eal 
1;.2,..5 a1 
1, 3} sl & 
1, 3, 4} els 
1; 35. 5:5 Pele 
1, 4 } walls 
1, 4, 5 } le 
1, 5} cl 
2, 3} dies 
2, 3, 4} 

2; 3,9: 

2, 4} 

2, 4, 5 } 

2, 5 } 

3, 4} 

3, 4, 5 } 

3, 5 } 

oa 


; order #8 
gee & ..MP.. 
ide .MP. 
a1 .MP 
bk:  tebar’ M 
aly fees .MPP.. 
1.1. .- MP. 
14 .MP 
1 enone nr ee M 
.11. .MPP. 
whet .MP 
giver,  « Bhiaesee M 
fread . MPP 
se ceente ee M 
sterols ....MP 
11. MPPP .M 
fee oe .- MP. 
see . .MP 
Wee. dinanes M 
11. .MPP. 
1.1 .MP 
Dee esdidcs M 
.41 . MPP 
de eases M 
ul ...MP 
111. .MPPPM 
witel .MP 
Sek eaetoaes M 
1.11 . .MPP 
elvtls, <euciides M 
144. . .MP 
Ait .MPP. 
Pa i eee M 
rial el . .MP 
.11 .- MP. 


Ww Y 


ao of OBW OABRWHN 
eon an kae onee Ten lon! 


Whey 


SE AA SAAS AAAS A AAA AA AAA AAA AA AA AA AAA AAA 
BWWWNNNNNNEFBEBEEBEBEBEEEHOOCOCODOOODCOOCOCO 


OOBRABKBRWWWOKRBWWWNNNNOTBBRWWWNNNNBPRBBPRE 
YW 
wee ee 


Figure 8.5-A: The k-subsets (where 2 < k < 3) of a 6-element set. Lexicographic 


and reversed lexicographic order for delta sets (right). 


order for sets (left) 


ct_ = 0; 
rct_ = 0; 
kmin_ 
kmax_ : 
if ( kmin_ > kmax_ ) 
if ( kmax_ > n_ ) kmax_ 
if ( kmin_ > n_) kmin_ 
visit_ = visit; 

rq_ rq h 4; 

Rq- (rq>>2) % 4; 

hd_ = nq; 


next_rec(0); 


} 


private: 
void next_rec(long d); 


3; 


swap2(kmin_, kmax_); 


n_; 
n_; 


The recursive routine itself is given in [FXT: comb/ksubset-rec.cc : 


void 
ksubset_rec: :next_rec(long d) 
{ 

if ( d>kmax_ ) 


++rct_; 
long rvi = 
bool q; 

switch ( rq_ % 4 ) 


return; 


rv_[d-1]; 


// measure computational work 
// left neighbor 


[fxtbook draft of 2008-January-19] 


Chapter 8: Subsets 


202 


CDANMHPOOKONDOANMHNOOS ONO 
ANNAN HHHIN 


21 
22: 


Figure 8.5-B: Three minimal-change orders of the k-subsets (where 2 < k < 3) of a 6-element set. 


order #7: 


uw 
Fe) LOLOSH SH re) 
Ke) HHO PHM MMOD SHSHLOLO Ke) 
LOLA POO OO NANNANANNAN MOO OOF SLOLOS SH Ke) 
On HHH ANNAN ANANA AMO OM OHS SHLO 


A, = fay . Sa Ss a ee ee a A, . Sa = . A, 
SACS SA SAS ea sg SS asa, ts 
A, tS eA ee Ste oA, +S. eA, Ss 
oe 8 © © © ew ew A, i et ae ae =a, 6 2. se 8 a ea. dee er 
ag Seana Mar seo le? gece bas tahoe Orbebes teh cae Je NS ies Mees fas age Man Man Tai eh yee tetas fan's 
sS RO, gO CR OR UG ge IG 9 FF, aa RE a ER Me og ae 
winds: - Be oe Bs ee Boe oe be writs: Be 
seed edit Soe ben wate te et ee Be oe oe | Se bo oe | 
Bo oe oe Bs oe oe Be oe oe Bo oe oe 


Te i wa Ra a 58S ae ate ee ler Gad te Pier Sesh (anton) se fe ie aie cos Su Pls ep ae i oe) 
ANSON DOROANAMNSHLOON OROAAMSHMNONOROAAM 
6) 09.019 69 0909 09 69 HASHES SSIS FISILO LO LO.LO.LOLO LOLOL LH OOOO 
fe) 
SHSHLOLO fe) Lo 
eeNeNE A SHLOLO SSH To) LOLOSSH To) 
ANANANANMMMMASHLOLOD SHOE = AISHLOLO 


AANA HAHN NANAANANAN ANAM MOMS SH 
(Molelelelolelelelololololelelolololeololeloleloleleleleleolere) 


ce ewer tt tt te Be oe Do Da oe De 
Ce ee ee ee ee ee ee ee ee ee ee ee ee ee ee ee ee ee 
eM A I 


DANMNANOOKRONOANMHOOONDOTN 
AMAA ANNN 


Figure 8.5-C: With k,,;n = 0 and order number seven at each transition either one element is added or 


removed, or one element moves to an adjacent position. 


[fxtbook draft of 2008-January-19] 


8.5: k-subsets where k lies in a given range 


{ visit_(*this, d); 


{ 

case 0: q=41; break; 

case 1: q = !(d&1); break; 

case 2: q = rvik1; break; 

case 3: q = (d*rvi)&1; break; 

} 

if (nq_) q= !q; 

long xO = rvi + 1; 

long rx = n_ - (kmin_ - qd); 

long x1 = min2( n_-1, rx ); 
#define PCOND(x) if ( (pq_==x) && (d>=kmin_) ) 

PCOND (0) ; 

if (q) // forward: 

{ 

PCOND (1) ; 


for (long x=x0; x<=x1; ++x) 


PCOND (2) ; 

} 

else // backward: 
PCOND (2) ; 


for (long x=x1; x>=x0; --x) 


PCOND (1) ; 


} 
PCOND (3) ; 
tinier PCOND 


{ rv_[d] 


{ rv_[d] 


X; next_rec(d+1i); } 


X; next_rec(d+1i); } 


About 50 million subsets per second can be generated. 


8.5.2 Iterative algorithm for a minimal-change order 


t++ct_; } 


203 


delta set 

1: eae Sal 
2: cif: 
3: 111 
4: Ae 
5: A412. 
6: 11.1 
ti 1111 
8: ~14A1. 
9: Leds 
10: 1.11 
11: edad 
12: i1. 
13: 11.21 
14 11.11 
15 11.1. 
16: 1111. 
17: 111.1 
18: i11.. 
19: ues ee 
20: deed 
21: 1.111 
22: 1.11. 
23: x ieee ae 
24: 12.11 
25: 1...1 


ae aS 
z=. ‘wW- 


u: 


Digit 
a 


tz! 


u: 


: ‘Uv 
=. . 
UO: SS: UU SU: SS: US: Ve SS: US: VS 


a 


ct 


ve ewe we eww vw ew 


. 


BAA AAA AAA AAA AAA AAA AAA AA AAA 
PRPRPRPRPRPRPREPRPRPRPEFERPENNNNNNNWWWARO 
OPRBPWWWWNNNNNNNOHPHPWWWWORPDH 


vee ee ee ee ee ee ee eee ee ee we we ww 


Whe he 


Oo 
Ww 


Figure 8.5-D: The (25) k-subsets where 2 < 


woYy 
au on 


<4 of a five-element set in a minimal-change order. 


The class [FXT: class ksubset_gray in comb/ksubset-gray.h, allows the generation of k-subsets of a set 


where &; lies in a prescribed range: 


class ksubset_gray 


ea 
public: 


[fxtbook draft of 2008-January-19] 


204 


ulong n_; // k-subsets of {1, 2, ..., n} 
ulong kmin_, kmax_; // kmin <= k <= kmax 
ulong k_; // k elements in current set 
ulong *S_; // set in S[1,2,...,k] with elements \in {1,2,...,n} 
ulong j_; // aux 
public: 

ksubset_gray(ulong n, ulong kmin, ulong kmax) 
{ 

n_ = (m0 7n: 1); 

// Must have 1<=kmin<=kmax<=n 

kmin_ = kmin; 

kmax_ = kmax; 

if ( kmax_ < kmin_ ) swap2(kmin_, kmax_); 

if ( kmin_==0O ) kmin_ = 1; 

S_ = new ulong[kmax_+1] ; 

S_[0] = 0; // sentinel: != 1 

first(); 
} 


“ksubset_gray() ‘{ delete [] S_; } 
const ulong *data() const ‘{ return S_t1; } 
const ulong num() const { return k_; } 


ulong last() 


} 


S_[1] = 1; k_ = kmin_; 
if ( kmin_==1) { j_ = 41; } 
else 


for (ulong i=2; i<=kmin_; ++i) { S_[i] = n_ - kmin_ + i; } 


j. = 2; 


return k_; 


ulong first() 


} 


bool is_first() 


k_ = kmin_; 


for (ulong i=1; i<=kmin_; ++i) { S_[i] = n_ - kmin_ + i; } 


Ja = 25 


bool is_last() const 


if (S_[1] !=1 ) return 0; 
if ( kmin_<=1 ) return (k_==1); 
return (S_[2]==n_-kmin_+2) ; 


} 
{[--snip--] 


const { return ( S_[1] == n_ - kmin_ +1); } 


Chapter 8: Subsets 


The routines for computing the next or previous subset are adapted from a routine to compute the 


successor given in [141]. It is split in two auxiliary functions: 


private: 


void prev_even() 


ulong &n=n_, &kmin=kmin_, &kmax=kmax_, &j=j_; 
if ( S_[j-1] == S_[j]l-1 ) // can touch sentinel 
{ 


S_[j-1] = s_[jl; 
if ( j > kmin ) 


if ( S_[kmin] =-=n) { j = j-2; } else 


} 
else 
S_[j] =n - kmin + j; 
: if ( S_[j-1]==8_[j]-1) 4{ 5 = 5-2; } 
} 
else 


S_[j] = S_[j] - 1; 


[fxtbook draft of 2008-January-19] 


8.5: k-subsets where k lies in a given range 205 


if ( j < kmax ) 


S_[j+1] = S_[j] + 1; 
if ( j >= kmin-1) { j = j+1; } else { j = j+2; } 
} 
} 
} 
void prev_odd() 
{ 
ulong &n=n_, &kmin=kmin_, &kmax=kmax_, &j=j_; 
if (S_[j] ==n) { j = j-1; } 
else 
if ( j < kmax ) 
{ 
S_[j+1] = n; 
j= jt; 
} 
else 
S_[j] = S_[j]+1; 
if ( S_[kmin]==n ) { j = j-1; } 
} 
} 
[--snip--] 


The next () and prev() functions use these routines, note that calls cannot not be mixed. 


ulong prev() 
£ 


if ( is_firstQ) ) { last(); return 0; } 
if ( j_&1 ) prev_odd(); 


else prev_even(); 
if ( j_<kmin_ ) { k_ = kmin_; } else { k_ = j_; }; 
return k_; 


} 
ulong next () 


if ( is_last() ) { first(); return 0; } 
if ( j_&1 ) prev_even(); 


else prev_odd() ; 
if ( j_<kmin_ ) { k_ = kmin_; } else { k_ = j_; }; 
return k_; 
} 
[--snip--] 


Usage of the class is shown in the program [FXT: comb/ksubset-gray-demo.cc,, the k-subsets where 
2<k <4 in the order generated by the algorithm are shown in figure About 80 million subsets 


per second can be generated with the routine next (), and 85 million with prevQ). 


8.5.3 <A two-close order with homogenous moves 


Orderings of the k-subsets with k in a given range that are two-close are shown in figure one 
element is inserted or deleted or moves by at most two positions. The moves by two positions always 
cross a zero, the changes are homogenous. The list was produced with the program [FXT: comb/ksubset- 


which uses [FXT: class ksubset_twoclose in comb/ksubset-twoclose.h : 


class ksubset_twoclose 
// k-subsets (kmin<=k<=kmax) in a two-close order. 
// Recursive algorithm. 


a 

public: 
ulong *rv_; // record of visits in graph (delta set) 
ulong n_; // subsets of the n-element set 


// function to call with each combination: 
void (*visit_) (const ksubset_twoclose &); 


[fxtbook draft of 2008-January-19] 


206 Chapter 8: Subsets 


delta set diff set delta set diff set 

1: Vit eae { 1, 2, 3, 4} 1: eaeoedle’ Bieetans {4,5} 
2: .111 M. { 2, 3, 4} 2: eed ...PM,. { 3, 5} 
3: 1.111 P.... {0, 2, 3, 4} 3: 1...1 .P.M {1,5} 
4: 11.41 .PM.. {0, 1, 3, 4} Ae he 1 M.. {5} 

5: 1.11 M... {1, 3, 4} 5: ses Picaros {0, 5} 
6: Jit M.. { 3, 4} 6: wi..d M.P... {2,5} 
7: 1..41 Pina {0, 3, 4} 7: wd iste ...P.M {2, 3} 
8: 11..1 .P.M. {0, 1, 4} 8: diedie .PM.. {1, 3} 
9: died M. Sa. {1,4} 9: lle M.. {3} 
10: Ln.od PM... {0, 4} 10: Asc dn Posse {0, 3} 
11: 1.d M.P.. {2,4} 11: 11 P.M {0, 1} 
12: 1.1.1 P.. {0, 2, 4} 12: i M..... {1} 
13: 14.4 MP. {1, 2, 4} 13: Tedege PM {0} 
14: 111.1 P.. {0, 1, 2, 4} 14: Jol M.P {2} 

15 1111 PM {0, 1, 2, 3} 15: 1.1. P..... {0, 2} 
16 111 M.... {1, 2, 3} 16: sls eee MP... {1,2} 
17 . it M { 2, 3} 17: 1..1. ..M.P {1, 4} 
18 1.11 P {0, 2, 3} 18: ene Mo... {4} 

19 11.1 PM {0, 1, 3} 19: 1...4. P..... {0, 4} 
20 me ewe Mie ascc 4. 1-3) 20: ee ee M.P.. { 2, 4} 
21 deo 1e PM {0, 3} 21: Pei teliea ..MP. { 3, 4} 
22 11... P.M {0, 1} 
23 1.1. MP {0, 2} 
24 Jit MP {1,2} 
25 1it P {0, 1, 2} 


Figure 8.5-E: The k-subsets where 2 < k < 4 of 5 elements (left) and the sets where 1 < k < 2 of 6 
elements (right) in two-close orders. 


[--snip--] 
void generate(void (*visit) (const ksubset_twoclose &), 
ulong kmin, ulong kmax) 
{ 


visit_ = visit; 
ulong kmaxO = n_ - kmin; 
next_rec(n_, kmax, kmax0, 0); 


The recursion is: 
private: 
void next_rec(ulong d, ulong ni, ulong nO, bool q) 
// ad: remaining depth in recursion 
// ni: remaining ones to fill in 
// nO: remaining zeros to fill in 
// q: direction in recursion 


{ 
if ( 0==d ) f{ visit_(*this); return; } 
== 
if (q) 
{ 
if (nO) f{ rv_[d]=0; next_rec(d, n1-0, nO-1, d&i); } 
if (nt) { rv_[d]=1; next_rec(d, ni-1, n0-0, q); } 
} 
a 
if (nt) f{ rv_[d]=1; next_rec(d, ni-1, n0-0, q); } 
if (nO) { rv_[d]=0; next_rec(d, n1-0, nO-1, d&i); } 
} 
} 


#5 


About 50 million subsets per second can be generated. For kinin = kmax =: k we obtain the enup order 
for combinations described in section on page 


[fxtbook draft of 2008-January-19] 


207 


Chapter 9 


Mixed radix numbers 


The mized radix representation A = [d9,@1,@2,..-,@n,—1] of a number x with respect to a radix vector 
M = [mo,m1,M2,.--,;Mn—1] is given by the unique expression 
n-1 k-1 
2 = ak Il mj; (9.0-1) 
k=0 j=0 


where 0 < a; < m, (and0<a< ies m,;, so that n digits suffice). For M = [r,r,r,...,r] the relation 
reduces to the radix-r representation: 


n-1 
C= So axr® (9.0-2) 
k=0 


All 3-digit radix-4 numbers are shown in various orders in figure Note that the least significant 
digit (ao) is at the left side of each number (array representation). 


9.1 Counting order 
An implementation for mixed radix counting is [FXT: class mixedradix_lex in|comb/mixedradix-lex.h': 


class mixedradix_lex 


public: 
ulong *a_; // digits 
ulong *mi_; // radix (minus one) for each digit 


ulong n_; // Number of digits 
ulong j_; // position of last change 
public: 
mixedradix_lex(const ulong *m, ulong n, ulong mm=0) 
7 n_ =n; 
a_ = new ulong[n_+1]; 
mi_ = new ulong[n_+1]; 


a_[n_] = 1; // sentinel: !=0, and !=m1[n] 
mi_[n_] = 0; // sentinel 
mixedradix_init(n_, mm, m, m1_); 
first(); 

{[--snip--] 


The initialization routine is given in [FXT: comb/mixedradix-init.cc|: 


[fxtbook draft of 2008-January-19] 


Chapter 9: Mixed radix numbers 


208 


>ommartrarmammamarmammamarmrmamarmammmrmarmmmamamammmammammammamrmmamrmmmammmmmamammmammmammmmammmrrenr 
Cr ANAAHAAAHAAAHANAAHAAAHAMNMNMIMNMIMNMMIMNMAMNMAIMMIMMMNANNNANNANNNNANNANNANANAN AS 
= Fo PMSA HAMM MMNNNANNANNANNMMM MFA tt tt tee AAAAMNMNMNMINANNANNANNNANANNYNMYNMNYNAATS - 

o 


RY a I a I a a PE a I a I I PS PS PU 


a eae a ae a ae ea 
a AAA AAAAANHAAAAAAAAMNMNMNAMNMIMNIMIMNMNMIMMIMMMMNNANNANNANANNANNANANANAS 


a ee | | | | | |] S| oo | Sa 


endo 


mmm oe oo ee eee eee ete eto ete eo eee eee eter 


rs Cr AMAA ANA NAA AA AAA ANANANANNANNANNANNANANANANANANMOMMMNMNMMNMMMNMNMNMNMMMM - 
- Se PAIN NNN MMMM 2 8 PHAN NANNN MOMMY 8 PANNA NOM MM 88 t PHHHANNANNNMOMMOM - 
WANMANM -ANM -ANM -ANMANM GNM FANM 2 PANMANM CANM CANNY § PANMANM CTNM CHNOM 


WY LL PE PL PL PL PL PL PL PL PL PL PL PL PL PL PL PL DL LP DL PL DL PL Det 


marae eee eee eee eee eee eee eee eae eee eae eee eae eae eae eae eae aerate oe oe 
AAA AA AANA AA AAA AANANANANNANNANNANANNANNANNANNNANNMOMMMMMMAMMNMMMAMMM OY) 
8 PMA AHANANNMMMMMMMM © 6 8 PHA HHANANNANNANNANMMMM © 28k CHA HHH HHANANNANMMMOM - 

“ANMM ©-ANNM -HANM § HANMM CANNY PSH ANM s PANMM HANNM CSD ANM  PANMM CANNY CHANM - 


DY a I I I I I EE I I ES I I I 


modular Gray 


Ao MO MO OM MM OM MM 1M MO OM MMM Moo MOO MOM Oo Oo Mo MM MO MMO OO oe 


> a AAA AAA AA AA AAAAANANAANANANANNANNANANMOMMMMMMMMMMMMMM OMY 
os Se PAIN ANNNMMMMMMMMNNANNNA ttt tt tee AAAANANANMNMNMNMNMNMNINUMNMINANNNA ATS - 
"ANNONA § CANNON § CANMOMMONANT s CANMOMMNA § PA NMOMMONTS § CANMMNA s CTANMOMONAT ? CANMOMNG 


WIL LL LL PE PL PE PL PL LL PL Lo PL PL LL PL LLL PL PL LL DLL Lo DL PLL PL PL LLL 


Omen armarmarmrmrrmarrmmrmammmrrarmmrmtrmarmamrmmarmrmmmmmmmmmrmtmmmmmmmammammmommmmmrrrrr 


q 
ve Cr ANANDA AAA AAA THANANAANNANANANANANNANANMOMMMNMNMNMNMMMMMMMM OY 
g So PATON NANNANNM MMM 8 8 PAH HHANNANNNMMMM 2 8 PHAN NANNNMOMMM 2 8 tC ANNNNMOM MOY 


WY LP PL PE PL LE PL PL PL PL Po PL PL PL PL LL PL LL PL DL Pb DL PLL DL WL LLL 


SCANMNHPMNOONMDRDOANMNHTNOON ODO 
ANAT HAH HHN 


counting-, Gray-, 


Figure 9.0-A: All 3-digit, radix-4 numbers in various orders (dots denote zeros): 


modular Gray-, gslex-, endo-, and endo Gray order. The least significant digit is on the left of each word 


(array notation). 


[fxtbook draft of 2008-January-19] 


9.1: Counting order 209 


M=[ 234] M=[ 432] 
0: [gee ue A | a a 
ae es eer [324.2 3-3] 
2: [.41.] [2..] 
3: [ii.] ae eee 
4: en | [eocee tA cate 
5: [1-202] [i1i.] 
6: ee | [21.] 
7: [i.1] [31.] 
8: gees oe ae [ee 22v es] 
9: [iii] [12.] 
10: [.21] [2250] 
11: Pa-2°1 4] {[32.] 
12: Pose 2] [oe de 
13: [1.2] i care a 
14: Pea t2*] [2.1] 
15: Eada] Esa ae] 
16: [.22] [.11] 
17: [122] [i111] 
18: [..3] 2241 J 
19: Fat 43°] [311] 
20: Ee dose] E24] 
21: [113] [121] 
22: Poe 2 3] [221] 
23: [123] [321] 


Figure 9.1-A: Mixed radix numbers in counting order, dots denote zeros. The radix vectors are M = 
[2,3,4] (rising factorial basis, left) and M = [4,3, 2] (falling factorial basis, right). The least significant 
digit is on the left of each word (array notation). 


void 
mixedradix_init(ulong n, ulong mm, const ulong *m, ulong *m1) 
// Auxiliary function used to initialze vector of nines in mixed radix classes. 


if (m) // all radices given 
for (ulong k=0; k<n; ++k) mi[k] = m[k] - 1; 
else 
if ( mm>1 ) // use mm as radix for all digits: 
for (ulong k=0; k<n; ++k) mi[k] = mm - 1; 
else 


if ( mm==0 ) // falling factorial basis 

for (ulong k=0; k<n; ++k) mi[k] =n - k; 
else // rising factorial basis 

for (ulong k=0; k<n; ++k) mi[k] =k + 1; 


} 
} 
} 
Instead of the vector M = [mo,m1,m2,..-,7M%n_1] the class uses the vector of ‘nines’, that is M’ = 
[mo —1,m1,—1,m2—1,...,Mn—1—1] (variable m1_). This modification leads to slightly faster generation. 


The first n-digit number is all-zero, the last is all-nines: 


void first( 


for (ulong k=0; k<n_; ++k) a_[k] = 0; 
j- = DL; 

} 

void last() 
for (ulong k=0; k<n_; ++k) a_[k] = mi_[k]; 
j- = DL; 

} 

[--snip--] 


A number is incremented by setting all nines (digits a; that are equal to m,; — 1) at the lower end to zero 
and incrementing the next digit: 


[fxtbook draft of 2008-January-19] 


210 Chapter 9: Mixed radix numbers 


bool next() // increment 


ulong j = 0; 

while ( a_[j]==mi_[j] ) { a_[j]=0; ++j; } // can touch sentinels 
Je = 5G 

if ( j==n_ ) return false; // current is last 

+ta_[j]; 


return true; 
{[--snip--] 


A number is decremented by setting all zero digits at the lower end to nine and decrementing the next 
digit: 


bool prev() // decrement 


ulong j = 0; 
while ( a_[j]==0 ) { a_[jl=mi_[j]; ++j; } // can touch sentinels 
j- = J; 


if ( j==n_ ) return false; // current is first 


--a_[jl; 


return true; 
[--snip--] 
Figure shows the 3-digit mixed radix numbers for basis vector M = [2,3, 4] (left) and M = [4, 3, 2] 
(right). The listings where created with the program [FXT: comb/mixedradix-lex-demo.cc). 


The routine next () generates between about 140 million (radix-2 numbers, M = [2,2,2,...,2]), 210 mil- 
lion (radix-3), and about 300 million (radix-8) numbers per second. Note that radix-2 leads to the 
slowest generation as the average carries are long compared to higher radices. The number of carries with 
incrementing is on average: 


Ce a (1 | - (1 | — 2) = ya (9.1-1) 


k=0 
The number of digits changed on average equals C+ 1. For M = [r,r,r,...,r] (and n = oo) we obtain 
C= —.. For the worst case (r = 2) we have C = 1, so two digits are changed on average. 


9.2 Gray code order 


Figure shows the 3-digit mixed radix numbers for radix vectors M = [2, 3,4] (left) and M = [4, 3, 2] 
(right) in 


xray code order. An constant amortized time (CAT) implementation for mixed radix numbers 
in a Gray code order is [FXT: class mixedradix_gray in comb/mixedradix-gray.h: 


class mixedradix_gray 


{ 
public: 
ulong *a_; // mixed radix digits 
ulong *mi_; // radices (minus one) 
ulong *i_; // direction 
ulongn_;  // n_ digits 
ulong j_; // position of last change 
int dm_; // direction of last move 
public: 
mixedradix_gray(const ulong *m, ulong n, ulong mm=0) 
t n_ =n; 
a_ = new ulong[n_+1]; 
a_[n] = -1UL; // sentinel 
i_ = new ulong[n_+1]; 
i_In_] = 0; // sentinel 
mi_ = new ulong[n_+1]; 


mixedradix_init(n_, mm, m, mi_); 


[fxtbook draft of 2008-January-19] 


9.2: Gray code order 211 


M=[234] x jd M=[ 432] x i) sa 
0: Cede outed 0 [ate etl 0 

1: es ears 1 cemee! co] 1 64 

2: fia ace) 3 cf ot i arene 2 0 1 

3: ne Ce 2 0 -1 Leesa 3 Oo. 

4: Pi. ua) 4 isd [31.] 7 ae 

5: C4 oe. 3 5 0 14 [edad 6 0 -1 

6: Lida) 11 2 1 Pa aye 5 0 -1 

7: Par eat 10 0 -1 Eowedtc J 4 0 -1 

8: Pied a 8 1-1 Coad 8 i 4 

9: Pa ted J 9 0 1 Pavone 4 9 0 1 

10: bre 4 7 1-1 ee | 10 Od 
11: ee ie 6 0 -1 ESio-s | 11 0 4 
12: Peed 12 OF <4 Pec, 98 Dt 
13: Eta 22 13 0 4 Povo * “2D 0 -1 
14: Ea a2) 15 1 4 as eo ae 0 -1 
15: fee | 14 0 -1 Ceo dill, 126 0 -1 
16: Ee eo 16 ie ee ae | 16 1-1 
17: Li2e2] 17 0 14 Labi yg 17 me 
18: Ea ose] “23 OF 4 [eta] 18 0 1 
19: Pane 299 0 -1 [311] 19 G4 
20: Eds): 220 1-1 Este ad 15 1-1 
21: Paes 208 0 1 a 14 0 -1 
22: Paseo 19 1-1 i or ee 13 0 -1 
23: ee 18 0 -1 eee oa 12 0 -1 


Figure 9.2-A: Mixed radix numbers in Gray code order, dots denote zeros. The radix vectors are 
M = [2,3,4] (left) and M = [4,3,2] (right). Columns ‘x’ give the values, columns ‘j’ and ‘d’ give the 
position of last change and its direction, respectively. 


first(); 
[--snip--] 


The array i_[] contains the ‘directions’ for each digits: it contains +1 or -1 if the computation of the 
successor will increase or decrease the corresponding digit. It has to be filled when the first or last number 
is computed: 


od first( 


for (ulong k=0; k<n_; ++k) a_[k] = 0; 
for (ulong k=0; k<n_; ++k) i_[k] = +1; 
j- = DL; 
dm_ = 0; 
} 
yous last () 
// find position of last even radix: 
ulong z = 0; 
for (ulong i=0; i<n_; ++i) if ( mi_[i]&1l ) z= i; 
while ( z<n_ ) // last even .. end: 
a_[z] = mi_[z]; 
i_[z] = +1; 
+4+Z 3 
} 
j- = 9; 
dm_ = -1; 
} 
[--snip--] 


A sentinel element (i_[n]=0) is used to optimize the computations of the successor and predecessor: 
es next () 
ulong j = 0; 
ulong ij; 


while ( (ij=i_[j]) ) // can touch sentinel i[n]== 


ulong dj = a_[j] + ij; 


[fxtbook draft of 2008-January-19] 


212 Chapter 9: Mixed radix numbers 


if ( dj>mi_[j] ) // ="= if ( (dj>mi_[j]) || ((long)dj<o) ) 
i_[j] = -ij; // flip direction 
else // can update 
a_[j] = dj; // update digit 
dm_ = ij; // save for dir() 
j- = 93 // save for pos() 


J 
return true; 


} 
+45; 
return false; 
} 
[--snip--] 
Note the if-clause, it is an optimized expression equivalent to the one given as comment. The following 
methods are often useful: 
ulong pos() const { return j_; } // position of last change 
int dirQ const { return dm_; } // direction of last change 


The routine for the computation of the predecessor is obtained by changing the statement 
ulong dj = a_[j] + ij; to ulong dj = a_[j] - ij;. About 120 million numbers per second for 


radix 2, and 245 million for radix 8 are generated [FXT: comb/mixedradix-gray-demo.cc). 


A loopless algorithm for the computation of the successor taken from [157] is given in [FXT: 
comb/ mixedradix-gray2.h). It generates about 185 million numbers per second for radix 2, and 225 mil- 
The crucial trick to make the algorithm loopless 


ion for radix 8 [FXT: comb/mixedradix-gray2-demo.cc). 


is the use of ‘focus pointers’: 


class mixedradix_gray2 


£2. 
public: 
ulong *a_; // digits 
ulong *mi_; // radix minus one (’nines’) 


ulong *f_; // focus pointer 

ulong *d_; // direction 

ulong n_; // number of digits 

ulong j_; // position of last change 

int dm_; // direction of last move 
[--snip--] 


void first( 
{ 


for (ulong k=0; k<n_; ++k) a_[k] = - 
for (ulong k=0; k<n_; ++k) d_[k] = 1; 
for (ulong k=0; k<=n_; ++k) f_[k] =k; 
dn_= 0; 
jJ- = TL; 

} 


bool next () 
{ 


const ulong j = f_[0]; 


f_[0] = 

if ( j>=n_) { first(); return false; } 

const ulong dj = d_[j]; 

const ulong aj = a_[j] + dj; 

a_[j] = aj; 

dm_ = (int)dj; // save for dirQ 

JL = lhe // save for pos() 

if ( aj+dj > mi_[j] ) // was last move? 
d_[j] = -dj; // change direction 
f_[j] = f£_[j+1]; // lookup next position 


f_[j+1] =j +1; 


return true; 


[fxtbook draft of 2008-January-19] 


9.3: gslex order 213 


Modular Gray code order 


M=[ 234] j M=[ 43 2] j 
0: Ede we 0: a | 

Ais Et we ee J 0 ies | 0 
2: Let 2 aod 1 2: [2 «aed 0 
3: ra oe 0 3: [3 ..] 0 
4: [.2.] 1 4: [31.] 1 
5 [12. ] 0 5: on ees | 0 
6: [121] 2 6: [ii.] 0 
7: [.21] 0 t [2.4 2 J 0 
8: fe gs 1 8: 3s. 1 
9: [1.1] 0) 9: E32) «J 0 
10: [ii1] 1 10: Ee Qed 0 
11: [.1i1] 0 ee [12.] 0 
12: [os 22] 2 1.2% [121] 2 
13: [112] 0 13: [221] 0 
14: [122 ] 1 14: [321] 0 
15: [.22 ] 0 15: [.21] 0 
16: LL a-ee Bd 1 16: Ew ete] 1 
17: [ 1 2] 0) 17: [te TJ 0 
18: Et 3 ] 2 18: [2.1] 0) 
19: [ ew Sd 0 19: [3.1] 0 
20: [.13] 1 20: [311] 1 
21: [113 ] 0 21% [.11] 0 
22: [123 ] 1 22: [ii1] 0 
23: [.23 ] 0 23: [211] 0 


Figure 9.2-B: Mixed radix numbers in Gray code order, dots denote zeros. The radix vectors are 
M = [2,3,4] (left) and M = [4,3, 2] (right). The columns ‘j’ give the position of last change. 


Figure shows the 3-digit mixed radix numbers for radix vectors M = [2,3,4] (left) and M = 
[4,3,2] (right) in modular Gray code order. The transitions are either k > k +1 or, if k is maximal, 
k + 0. The listing was created with the program [FXT: comb/mixedradix-modular-gray-demo.cc}. The 


loopless implementation [FXT: class mixedradix_modular_gray in |comb/mixedradix-modular-gray.h 
taken from [157| generates between about 135 million (radix 2) and 230 million (radix 16) numbers per 


second. 


9.3. gslex order 


The algorithm for the generation of subsets in lexicographic order given in section on page can be 
generalized for mixed radix numbers. Figure shows the 3-digit mixed radix numbers for basis vector 
M = [2,3,4] (left) and M = [4,3,2] (right). Note that zero is the last word in this order. For lack of a 


better name we call the order gslex (for generalized subset-lex) order. A routine for generating successive 
words in gslex order is implemented in [FXT: class mixedradix_gslex in comb/mixedradix-gslex.h): 
class mixedradix_gslex 


{ 
public: 
ulong n_; // n-digit numbers 
ulong *a_; // digits 
ulong *mi_; // mi[k] == radix-1 at position k 


public: 
mixedradix_gslex(ulong n, ulong mm, const ulong *m=0) 


n_ =n; 
a new ulong[n_ + 1]; 

a_[n_] = 1; // sentinel 

mi_ = new ulong[n_]; 
mixedradix_init(n_, mm, m, mi_); 
first(); 


} 
{[--snip--] 
void first( 


[fxtbook draft of 2008-January-19] 


214 Chapter 9: Mixed radix numbers 


M=[ 2 3 4 ] x M=[ 4 3 2 ] x 

0: Pied. 289] 1 0: eee | 1 

1 feeticete ses] 3 1: [2 oJ 2 

22 ee aera | 2 2: nee | 3 

3: 02 5 3: a ee ee | 5 

4: [a Dee J 4 4: ge ee | 6 

5: ee | 7 5: [3 1. ] 7 

6: [i1ii1] 9 6: eres Cees | 4 

TE [ea FA 14] 8 C2 [12.] 9 

8: [121] 11 8: [22.] 10 

9: [.21] 10 9: [32.] 11 

10: [hee eed 4 Si) 6 10: Ls 2 ad 8 
11: [1.2] 13 it [1.1] 13 
12: [112] 15 12: [2.1] 14 
13: ees ee? | 14 13 [3.1] 15 
14: [122 ] 17 14: [ii1] 17 
15: [2 2] 16 15: [211] 18 
16: [et Qa] 12 16: Eo At tg 19 
17: fo ties, 3] 19 17: [.11] 16 
18: [ tage] 21 18 [121] 21 
19: [.13 ] 20 19 [221] 22 
20: [123 ] 23 20 [321] 23 
21: [.23 ] 22 21: [.21] 20 
22: [oe 2S 18 22: [ . 1] 12 
23: [re eea| 0 23: [ al 0 


Figure 9.3-A: Mixed radix numbers in gslex (generalized subset lex) order, dots denote zeros. The 
radix vectors are M = [2,3,4] (left) and M = [4,3,2] (right). Successive words differ in at most three 
positions. Columns ‘x’ give the values. 


for (ulong k=0; k<n_; ++k) a_[k] = 0; 
a_[0] = 1; 
ae last () 


for (ulong k=0; k<n_; ++k) a_[k] = 0; 
} 


The method next () computes the successor: 
bool next() 
{ 


ulong e = 0; 
while ( O==a_[e] ) ++te; // can touch sentinel 


if ( e==n_ ) { first(Q; return false; } // current is last 


ulong ae = a_[el]; 


if ( ae != mi_[e] ) // easy case: simple increment 
a_[0] = 1; 
a_[e] = ae + 1; 
} 
else 
{ 
a_[e] = 0; 
if ( a_[eti]==0 ) // can touch sentinel 
a_[0] = 1; 
t++a_[et+1i]; 


return true; 


} 

The predecessor is computed by the method prev(): 
bool prev() 
{ 


ulong e = 0; 
while ( O==a_[e] ) ++te; // can touch sentinel 


if ( O!=e ) // easy case: prepend nine 


[fxtbook draft of 2008-January-19] 


9.3: gslex order 215 


ae 
a_[e] = mi_[e]; 


else 


ulong a0 = a_[0]; 


--a0; 

a_[0] = a0; 
if ( 0==a0 ) 
£ 


do { ++te; } while ( 0==a_[e] ); // can touch sentinel 
if ( e==n_ ) { last(); return false; } // current is first 
ulong ae = a_[el]; 


--ae; 
a_[e] = ae; 
a ( O==ae ) 


alps 
a_[e] = mi_[e]; 


} 


return true; 


The algorithm is constant amortized time (CAT) and fast in practice. The worst performance occurs 
when all digits are radix 2, then about 123 million objects can be created per second. With radix 4 about 


198 million, with radix 16 about 273 million objects per second are computed [FXT: comb/mixedradix- 
gslexdemo.ec 


Alternative gslex order 


M=[ 23 4 ] x M=[ 4 3 2 ] x 

0: | 0 0: ee yer of ll 0 

a bt ce 1 13 Ets 2 J 1 

2: Eta. J 3 2 fotet 2. J 5 

3: [tf a-t.J 9 3: [ii1] 17 

4: Et a2 J 15 4: [12.] 9 

5: [113] 21 5: [121] 21 

6: [12. ] 5 6: [1.1] 13 

te [121] 11 Te [2..] 2 

8: [122 ] 17 8: [21.] 6 

9: [123 ] 23 9: [211] 18 

10: Laat -<-t 7 10: [22.] 10 
141: de 2 7 13 i1 [221] 22 
12; [1.3] 19 12 eres a | 14 
13: EF «dt J 2 13: [3 ..] 3 
14: [.1i1] 8 14: [31.] 7 
15: [ . 1 2] 14 15 [311] 19 
16: [.13] 20 16 [32.] 11 
17: ee ee | 4 17: [321] 23 
18: [.21] 10 18: [3.1] 15 
19: [.22] 16 19 [2 ts J 4 
20: [.23 ] 22 20 a 11] 16 
is ee 6 212 [ 2.] 8 
22: = 2] 12 22: [.21] 20 
23: [ae Sd 18 23: [..1] 12 


Figure 9.3-B: Mixed radix numbers in alternative gslex (generalized subset lex) order, dots denote zeros. 
The radix vectors are M = [2,3,4] (left) and M = [4,3,2] (right). Successive words differ in at most 
three positions. Columns ‘x’ give the values. 


A variant of the gslex order is shown in figure The ordering can be obtained from the gslex order by 
reversing the list, reversing the words, and replacing all nonzero digits d; by r; — d; where r; is the radix 


at position 7. The implementation is given in [FXT: class mixedradix_gslex_alt in comb/mixedradix- 
gslex-alt.h), the rate of generation is about the same as with gslex order [FXT: comb/mixedradix-gslex- 
alt-demo.ce). 


[fxtbook draft of 2008-January-19] 


216 Chapter 9: Mixed radix numbers 


9.4 endo order 


M=[ 5 6 ] x x 
0: [ie oJ 0 15: [.5] 25 
1: Li. ] 1 16: [15] 26 
2: [E32 J 3 17: [35] 28 
38 [4.] 4 18: [45 ] 29 
4: [2.] 2 19: [25] 27 
5: [.1] 5 20: [.4] 20 
6: Eat J 6 21% [14] 21 
We [31] 8 22: [3 4 ] 23 
8: [41] 9 23: [44 ] 24 
9: [21] 7 24: [24] 22 
10: [.3] 15 25: [.2] 10 
11: [13] 16 26: [12] it 
12: [33 ] 18 27: [32] 13 
13: [43 ] 19 28: [42] 14 
14: [23 ] 17 29: [22] 12 


Figure 9.4-A: Mixed radix numbers in endo order, dots denote zeros. The radix vector is M = [5,6]. 
Columns ‘x’ give the values. 


The computation of the successor in mixed radix endo order (see section on page |175) is very 
similar to the counting order described section on page The implementation [FXT: class 
mixedradix_endo in comb/mixedradix-endo.h) uses an additional array 1le_[] of the last nonzero elements 
in endo order. Its entries are 2 for m > 1, else 1: 
aa mixedradix_endo 
public: 

ulong *a_; // digits, sentinel a[n] 


ulong *mi_; // radix (minus one) for each digit 
ulong *le_; // last positive digit in endo order, sentinel le[n] 


ulong n_; // Number of digits 
ulong j_; // position of last change 
mixedradix_endo(const ulong *m, ulong n, ulong mm=0) 
t n_ = 0; 
a_ = new ulong[n_+1]; 
a_[n_] = 1; // sentinel: != 0 
mi_ = new ulong[n_]; 
mixedradix_init(n_, mm, m, mi_); 
le_ = new ulong[n_+1]; 
le_[n_] = 0; // sentinel: != aln] 
for (ulong k=0; k<n_; ++k) le_[k] = 2 - (m1_[k]==1); 
first(); 
[--snip--] 


The first number is all zero, the last can be read form the array le_[]: 


void first( 


for (ulong k=0; k<n_; ++k) a_[k] = 0; 
j- = DL; 
} 
void last () 
for (ulong k=0; k<n_; ++k) a_[k] = le_[k]; 
jo = DL; 
[--snip--] 


In the computation of the successor the function next_endo() is used instead of a simple increment: 
bool next() 


bool ret = false; 
ulong j = 0; 


[fxtbook draft of 2008-January-19] 


9.5: Gray code for endo order 217 


while ( a_[j]l==le_[j] ) f{ a_[j]=0; ++j; } // can touch sentinel 
if ( j<n_ ) // only if no overflow 


a_[j] = next_endo(a_[j], mi_[j]); // increment 
ret = true; 


} 


J- J; 
return ret; 


} 
bool prev() 
{ 
bool ret = false; 
ulong j = 0; 
while ( a_[j]==0 ) { a_[jl=le_[j]; ++j; } // can touch sentinel 
if ( j<n_ ) // only if no overflow 


a_[j] = prev_endo(a_[j], m1i_[j]); // decrement 
ret = true; 


} 


= 7; 


return ret; 
[--snip--] 


The function next () generates between about 115 million (radix 2) and 180 million (radix 16) numbers 


per second. The listing in figure was created with the program [FXT: comb/mixedradix-endo- 
femo.3) 


9.5 Gray code for endo order 


M=[ 5 6] x ja x ja 
0: [..] 0 15: [25] a7 1 4 
1: Pa | 1 0 1 16: [45] 29 Oo -1 
3: CS a 3 O- 4 17: [35] 28 oO -1 
3: [4.] 4 0 1 18: [15] 26 0 -1 
4: [2a y) 0 1 19: [.5] 25 0 -1 
5: Eon id 1 14 20: [.4] 20 i 4 
6: [41] 9 0 -1 21: [14] a4 0 1 
7: [31] 8 0 -1 22: [34] 23 0 1 
8: Cai 4 6 0 -1 23: [44] 24 0 1 
9: Ea 5 0 -1 24: [24] 22 0 1 
10: [.3] 15 1 4 25: Fa] 12 1 1 
11: cae] 16 0 1 26: Lao4 14 0 -1 
12: L323] 18 0 1 Q7: Ce2] 13 0 -1 
13: [43] 19 0 1 28: [12] 14 0 -1 
14: .o3] 17 o 1 29: fac 10 0 -1 


Figure 9.5-A: Mixed radix numbers in endo Gray code, dots denote zeros. The radix vector is M = [4,5]. 
Columns ‘x’ give the values, columns ‘j’ and ‘d’ give the position of last change and its direction, 
respectively. 


A Gray code for mixed radix numbers in endo order can be obtained by a modification of the CAT algo- 
rithm for the Gray code described in section|9.2/on page In the computation of the last number, the 


last digit have to be set to the last endo digit T: class mixedradix_endo_gray in comb/mixedradix- 
endo-gray.h 


class mixedradix_endo_gray 


af 
public: 
ulong *a_; // mixed radix digits 
ulong *mi_; // radices (minus one) 
ulong *i_; // direction 
ulong *le_; // last positive digit in endo order 
ulongn_;  // n_ digits 
ulong j_; // position of last change 


[fxtbook draft of 2008-January-19] 


218 Chapter 9: Mixed radix numbers 


int dm_; // direction of last move 


[--snip--] 
ie first () 


for (ulong k=0; k<n_; ++k) a_[k] = 0; 
for (ulong k=0; k<n_; ++k) i_[k] = +1; 
j- = DL; 
dm_ = 0; 

} 

ee last () 
for (ulong k=0; k<n_; ++k) a_[k] = 0; 
for (ulong k=0; k<n_; ++k) i_[k] = -1UL; 


// find position of last even radix: 


ulong z = 0; 
for (ulong i=0; i<n_; ++i) if ( mi_[i]&1 ) z= i; 
while ( z<n_ ) // last even .. end: 
a_[z] = mi_[z]; 
i_[z] = +1; 
FEZ 
} 
j- = 93 
dm_ = -1; 
[--snip--] 


The successor is computed as follows: 
og next () 
ulong j = 0; 
ulong ij; 
while ( (ij=i_[j]) ) // can touch sentinel i[n]== 


ulong dj; 

bool ovq; // overflow? 

if (ij == 1) 

{ 
dj = next_endo(a_[j], mi_[j]); 
ovq = (dj==0); 


ovq = (a_[j]==0); 
dj = prev_endo(a_[j], mi_[j]); 


if ( ovq) i_[j] = -aij; 


else 
a_[j] = 4j; 
dm_ = ij; 
=a 
return true; 
} 
+45; 
return false; 
} 
{[--snip--] 
The routine for computation of the predecessor is obtained by changing the condition if ( ij == 1 ) to 
if ( ij != 1 ). About 65 million (radix 2) and 110 million (radix 16) numbers per second are generated. 


The listing in figure was created with the program [FXT: comb/mixedradix-endo-gray-demo.cc). 


[fxtbook draft of 2008-January-19] 


219 


Chapter 10 


Permutations 


In this section algorithms for the generation of all permutations are presented. These are typically useful 
in situations where an exhaustive search over all permutations is needed. Some algorithms use mixed 
radix numbers with factorial base, see section on page 


Algorithms for application, inversion and composition of permutations and the generation of random per- 
mutations are given in chapter[2]on page|85] The sign (parity) of a permutation is defined in section]2.11.5 
on page [108] 


A important optimization technique is to use arrays instead of pointers. One would change the pointer 
declarations to array declarations in the corresponding class as follows: 


//along *p_; // permutation data (pointer version) 
ulong p_[32]; // permutation data (array version) 


One also needs to disables the statements to allocate and free memory with the pointers. Here we assume 
that nobody would attempt to compute all permutations of 31 or more elements (31! ~ 8.22-10°°, taking 
about 1.3-10!% years to finish). To use arrays uncomment (in most implementations) a line like 


#define PERM_REV2_FIXARRAYS // use arrays instead of pointers (speedup) 


near the top of the header file. Whether the use of arrays tends to give a speedup is noted in the comment, 
as above. 


10.1 Lexicographic order 


When generated in lexicographic order the permutations appear as if (read as numbers and) sorted 
numerically in ascending order, see figure The first half of the inverse permutations are the 
reversed inverse permutations in the second half: the position of zero in the first half of the inverse 
permutations lies in the first half of each permutation, so their reversal gives the second half. Write J for 
the operator that inverts a permutation, C’ for the complement, and R for reversal. Then we have 


C = IRI (10.1-1) 


and thereby the first half of the permutations are the complements of the permutations in the second 
half. An implementation of an iterative algorithm is [FXT: class perm_lex in comb/perm-lex.h). 


class perm_lex 


a 

public: 
ulong *p_; // permutation in 0, 1, ..., n-1, sentinel at [-1] 
ulong n_; // number of elements to permute 

public: 


perm_lex(ulong n) 


[fxtbook draft of 2008-January-19] 


220 Chapter 10: Permutations 


permutation inv. perm. compl. inv. perm. reversed perm. 
0: [.123] [.123] [321.] [321.] 
is [.132] [.132] [32.1] [231.] 
2: [.213] [.213] [312.] [312.] 
3: [.231] [.312] [3.21] [132.] 
4: [.312] [.231] [31.2] [221-3 J 
5: [.321] [.321] [3.12] [123.] 
6: [1.23] [1.23] L231. ] [32.1] 
T: [1.32] [1.32] [23.1] [253.2 1] 
8: [12.3] [2.13] L132. ] [3.21] 
9: [123.] [3.12] [.321] [.321] 
10: [13.2] [2.31] [13.2] [2.31] 
He [132.] [3.21] [.312] [.231] 
12: [2.13] [12.3] [213.] [3-1 2°] 
13: [2.31] [13.2] [2.31] bt-3s.4.° 2] 
14: [21.3] [21.3] [dt 2:3) 4 3) [3.12] 
15: [213.] [31.2] [.231] [.312] 
16: [23.1] [23.1] [1.32] [1.32] 
17: [231.] [32.1] [.132] [.132] 
18: [3.12] L123. ] [21.3] [21.3] 
19: [3.21] i3-2%.. ] [2.13] [12.3] 
20: [31.2] [213.] [12.3] [2.13] 
21: [312.] [312.] [. 2143 ] [.213] 
22: [32.1] [231.] [1.23] [1.23] 
23: [321.] [321.] [.123] [wh 23.) 


Figure 10.1-A: All permutations of 4 elements in lexicographic order, their inverses, the complements 
of the inverses, and the reversed permutations. Dots denote zeros. 


{ 
n_ =n; 
p_ = new ulong[n_+1]; 
p_[0] = 0; // sentinel 
++p_; 
first(); 

} 


~perm_lex() { --p_; delete [] p_; } 
void first() ‘{ for (ulong i=0; i<n_; i++) p_[i] = i; } 


const ulong *data() const { return p; } 
[--snip--] 


The only nontrivial part is the next ()-method that computes the next permutation with each call. The 
routine perm_lex: :next() is based on code by Glenn Rhoads 


bool next () 
{ 


// find for rightmost pair with p_[i] < p_[it1]: 

const ulong ni = n_ - 1; 

ulong i = ni; 

do { --i; } while ( p_[i] > p_[i+1] ); 

if ( (long)i<xO ) return false; // last sequence is falling seq. 
// find rightmost element p[j] smaller than p[i]: 

ulong j = ni; 

while ( p_[il > p_[j] ) ‘f--j; } 

swap2(p_[i], p_[j]); 

// Here the elements p[iti], ..., p[m-1] are a falling sequence. 
// Reverse order to the right: 

ulong r = ni; 

ulong s = i + 1; 

while (r>s) { swap2(p_[r], p_[s]); --r; -++s; } 

return true; 


} 


The routine generates about 113 million permutations per second. Using the class is no black magic 
[FXT: comb/perm-lex-demo.cc}: 


ulong n = 4; 
perm_lex P(n); 


[fxtbook draft of 2008-January-19] 


10.2: Co-lexicographic order 221 


do 

// visit permutation 
} 
while ( P.next() ); 


A slightly faster algorithm is obtained by making the changes with the update operation for the co- 
lexicographic order (section|10.2) on the right end of the permutations [FXT: . When 
arrays are used instead of pointers the rate is about 133 million per second |[FXT: 
demo.cc). With pointers the rate is about 115 million per second. 


10.2 Co-lexicographic order 


mutation rfact i 


0) 


es Be NEN: Be WRW:s Ns WNWRNRFPWNWH 
<q 


BUN: BR. NN: FPWWWWWW: BEND: 


erm. 


OODNAOPWNrFO 
* WWNNFRF WM 
* NUNRBPFH.- - 


- WWNN: 
» UNBR: 


* WWRFeH- 
* MNRPR- 


a 
be 
ammmmmmmmarmammammamrmarmarmarmamrmaroarr'9 


Uu 
2 
3 
d 
3 
1 
2 
2 
3 
3 
2 
1 
3 
3 
i 
1 
2 
2 
‘ 


WILLIE LL LL LE LE LE EL LE LE EE 
"Be BND: Be BND: Be EPNNWWWWWW SB 


a | | | | | | | | | Ce 


WWWWWWNHNF: Fs UNF: Fs ONE: F- 


P 
1 
; 
2 
; 
1 
; 
2 
1 
3 
3 
3 
3 
3 
3 
4 
1 
2 
2 


ae pie fe ee pe a wp es 
WWWWWWNHNNNNNRPRPRRPRER: © + 2 ee 
| es | come | ce | ces | cee | cee | es | se | cee | ce | ce | es | cs | cee | ce | sees | mes | es | ce | cee | ce | coe | et | eee: | 


| mame | pam | em | em | pce | eee | ees | co | oem | pemea | meee | mea | | | aoe || ce | come: | cee | ome | ce | ee | mie | ae | ae | 
NNER. 


DY PS a PS i 


NNER: 


Figure 10.2-A: The permutations of 4 elements in co-lexicographic order. Dots denote zeros. 


Figure }10.2-A|shows the permutations of 4 elements in co-lexicographic (colex) order. An algorithm for 
the generation is implemented in [FXT: class perm_colex in|comb/perm-colex.h|: 


class perm_colex 


{ 

public: 
ulong *d_; // mixed radix digits with radix = [2, 3, 4, ...] 
ulong *x_; // permutation 
ulong n_; // permutations of n elements 

public: 


perm_colex(ulong n) 
A Must have n>=2 


n_ =n; 
d_ = new ulong[n_]; 
d_In-1] = 0; // sentinel 
x_ = new ulong[n_]; 
first(); 

[--snip--] 


ae first ( 


for (ulong k=0; k<n_; ++k) x_[k] 


= n_-1-k; 
for (ulong k=0; k<n_-1; ++k) d_[k] = 


0; 
} 


[fxtbook draft of 2008-January-19] 


222 Chapter 10: Permutations 


The update process uses the falling factorial numbers. Let 7 be the position where the digit is incremented, 
and d the value before the increment. The update 


permutation ffact 
v-- increment at j=3 
[034521 ] [12311] <--= digit before increment is d=1 
[542031] Lee oh 


is done in three steps: 


swap positions d=1 and jt+i=4 
reverse range 0...j 


if ( d_[0]==0 ) // easy case 


d_[0] = 1; 
swap2(x_[0], x_[1]); 
return true; 


else 


ulong mi = 2; // nine in falling factorial base 
while ( d_[j]==m1 ) 


d_[j] = 0; 
++m1; 
+435 
} 
if ( j==n_-1 ) return false; // current permutation is last 
const ulong dj = d_[jl]; 
d_[j] = dj + 1; 
swap2( x_[dj], x_[j+1] ); // swap positions dj and j+1 


{ // reverse range [0...j]: 
ulong a=0, b= j; 
do 
swap2(x_[a], x_[b]); 
+ta; 
--b : 


} 
; while ( ax<b ); 


return true; 


} 
About 194 million permutations per second can be generated [FXT: comb/perm-colex-demo.cc). With 


arrays instead of pointers the rate is 210 million per second. 


10.3. Factorial representations of permutations 


The factorial number system corresponds to the mixed radix bases M = [2,3,4,...] (rising factorial basis) 
or M =|...,4,3,2] (falling factorial basis). A (n —1)-digit factorial number can have n! different values. 
We develop different methods to convert factorial numbers to permutations and vice versa. 


10.3.1 The Lehmer code 


Each permutation of n distinct elements can be converted to a unique (n — 1)-digit factorial number 
A = [a0,@1,.--,@n—2] in the falling factorial base by counting, for each index k, the number of elements 


[fxtbook draft of 2008-January-19] 


10.3: Factorial representations of permutations 223 


with indices 7 > & that are bigger than the current element [FXT:|comb/fact2perm.cc : 


void perm2ffact(const ulong *x, ulong n, ulong *fc) 


// Convert permutation in x[0,...,n-1] into 

// the (n-1) digit factorial representation in fc[0,...,n-2]. 
// One has: fc[O]<n, fc[i]<n-1, ... , fc[m-2]<2 (falling radices) 
{ 


for (ulong k=0; k<n-1; ++k) 
{ 


ulong xk = x[k]; 

ulong i = 0; 

for (ulong j=k; j<n; ++j) if ( x[j]<xk ) ++i; 
fc[k] = i; 


} 


The routine works as long as all elements of the permutation are distinct. The factorial representation 
obtained by this method is called the Lehmer code of the permutation. For example, the permutation 
[3,0,1,4,2] has the Lehmer code [3,0,0, 1], because three elements smaller than the first element (3) lie 
right to it, no elements smaller than the second element (0) lies right to it, etc. 


A routine that computes the permutation for a given Lehmer code is 


void ffact2perm(const ulong *fc, ulong n, ulong *x) 
// Inverse of perm2ffact(): 


// Convert the (n-1) digit factorial representation in fc[0,...,n-2]. 
// into permutation in x[0,...,n-1] 
// Must have: fc[O]<n, fc[i]<n-1, ... , fc[m-2]<2 (falling radices) 


for (ulong k=0; k<n; ++k) xl[k] =k; 
for (ulong k=0; k<n-1; ++k) 
{ 

ulong fa = fcl[k]; 

if ( fa ) rotate_righti(x+k, fat1); 


} 
A routine to compute the inverse permutation is 


void ffact2invperm(const ulong *fc, ulong n, ulong *x) 


// Convert the (n-1) digit factorial representation in fc[0,...,n-2]. 
// into permutation in x[0,...,n-1] such that 

// the permutation is the inverse of the one computed via ffact2perm(). 
{ 


for (ulong k=0; k<n; ++k) x[k] =n-1; // "empty" 
for (ulong k=0; k<n-1; ++k) 


{ 
ulong fa = fc[k]; 
for (ulong j=0; ; ++j) 
if ( x[jl==n-1) // if empty 
if ( 0==fa ) { x[j] =k; break; } 
--fa; 
} 
} 
} 


} 
A similar method can compute a representation in the rising factorial base: 


void perm2rfact(const ulong *x, ulong n, ulong *fc) 


// Convert permutation in x[0,...,n-1] into 

// the (n-1) digit factorial representation in fc[0,...,n-2]. 
// One has: fc[0]<2, fc[1]<3, ... , fc{m-2]<n (rising radices) 
{ 


for (ulong k=1; k<n; ++k) 
{ 


ulong xk = x[k]; 


ulong i = 0; 
for (ulong j=0; j<k; ++j) if ( x[j]>xk ) ++i; 
fc{k-1] = i; 


[fxtbook draft of 2008-January-19] 


Chapter 10: Permutations 


224 


momo ooo oo eee eo 


$ “ANM -ANM HANM CTANM CTANM CANO 
Bt tt PAA ANANNN © 8 CH MHHONNANAN 
HH 

| Be ee ee Be | 


a | | | | | | | | | | | Oe | | | Be 


B Ce ee ie oe ee ee ee ee OO 
AMNA “NNT “NANA “NN NNT ONG - 
HAMMMAAAN Pt ANMMMAANN + es ow 
Bt SUN CNN 0:00, 09:€N 00:00 09 Ae ro ae Be 
St PHAN N TAA NANNANNANMMOMNMM OM 


a ee | | | | | | | | | | 


Ss eM HTHNN 


rev.c 


a 4 ere) ecm | me | me | |e | ge | at | ee | es | ee | ge | cree | ce | ee | ce | coe ee | | | ee |e | 
AMMMNMNMMNANNAANNAAT + es ow 

BANANA st ttt HMMMNNMYIMNMNANANT 4 
SH es (NNAAMNMNMNNT ss (NANA AMNMNMON 
ANM FANNY CANNY PANY CANNY OTN OM 


DS I 


samme 
i a ee eee a ee a a ee | 
3 Se eI N NNN 8 CMH N ANNA 


DY EP I 


Figure 10.3-A: Numbers in falling factorial basis and permutations so that the number is the Lehmer 


code of it (left columns). 


The rising factorial representation of the reversed and 


Dots denote zeros. 


complemented permutation equals the reversed Lehmer code (right columns). 


Cen De | | DD De 


ee ee | 
1S) 
Bis tAANN © PAH ANN s PAANN se CSN 
HH 
His ee eee AAA AANANANANMM MMM 


| | ee | | | | | | | | | | | | | | | | | | Be 


B fa We a a a a a ee ee ee a er Se 
HAMANHANAM “M NAM -M HAN ON oo 
BN OD 09 S HNANMM © -HAMM © PTHHANN 
O + © 8 © ee AAA HAAANANANANANNMNMMMMM 
> Ld FL bd Pd Pd bd Lb bd bP Ed bd bE Fb Ed bb Lb Ll 
oO 

4 


a CD ee ee ee | ee 
AMMMMMMNANNANNNA Aad st 8 te te ee 
6 MMA HMMNN : -MOMNANNAS 


XD |e ee ee ee 
AAA AAANANANANNMM MMMM 
SANNA CD ANN CR TNN 


Figure 10.3-B: Numbers in rising factorial basis and permutations so that the number is the Lehmer 
code of it (left columns). The reversed and complemented permutations and their falling factorial repre- 


sentations are shown in the right columns. They appear in lexicographic order. 


[fxtbook draft of 2008-January-19] 


10.3: Factorial representations of permutations 225 


} 


Here we count, starting with the second element of the permutation, the number of elements to the left 
that are bigger than the current element. The inverse routine is 


void rfact2perm(const ulong *fc, ulong n, ulong *x) 


{ 
for (ulong k=0; k<n; ++k) xl[k] =k; 
ulong *y = xtn; 
for (ulong k=n-1; k!=0; --k, --y) 
{ 
ulong fa = fc[k-1]; 
if ( fa ) 
{ 
t++fa; 
rotate_lefti(y-fa, fa); 
} 
} 
} 


A routine for the inverse permutation is 


void rfact2invperm(const ulong *fc, ulong n, ulong *x) 


// Convert the (n-1) digit factorial representation in fc[0,...,n-2]. 
// into permutation in x[0,...,n-1] such that 

// the permutation is the inverse of the one computed via rfact2perm(). 
{ 


for (ulong k=0; k<n; ++k) x{[k] = 0; // "empty" 
for (ulong k=n-2; (long)k>=0; --k) 


{ 
ulong fa = fcl[k]; 
for (ulong j=0; ; ++j) 
if ( x[j]l==0 ) // if empty 
if ( O==fa ) { x[j] = k+1; break; } 
==fa; 
} 
} 
} 


} 


The permutations corresponding to the Lehmer codes (in counting order) are shown in figure 
(left columns). The permutation whose rising factorial representation is the digit-reversed Lehmer 
code is obtained be reversing and complementing (replacing each element x by n — 1 — 2) the original 
permutation: 


Lehmer code permutation rev.perm compl.rev.perm rising fact 
[3,0,0,1] [3,0,1,4,2] (2;4,150,3] 12,0,3,4,1] [1,0,0,3] 


The permutations obtained from counting in the rising factorial base are shown in figure}10.3-B 


10.3.2 An representation via reversals 


Replacing the rotations in the computation of a permutation from its Lehmer code by reversals one 
obtains a different one to one relation between factorial numbers and permutations. For the falling 


factorial basis one gets [FXT: comb/fact2perm-rev.cc): 


void perm2ffact_rev(const ulong *x, ulong n, ulong *fc) 


{ 
ALLOCA(ulong, ti, n); // inverse permutation 
for (ulong k=0; k<n; ++k) tilx[k]] = k; 
for (ulong k=0; k<n-1; ++k) 
{ 
ulong j; // find element k 
for (j=k; j<n; ++j) if ( tiljl==k ) break; 
j ==_k; 
fc[k] = j; 
reverse(titk, j+1); 
} 
} 


[fxtbook draft of 2008-January-19] 


Chapter 10: Permutations 


226 


mo MoM 1 MM oh ooo eo 


p eo 8 © © © ee lel wo Oe Bi ee Bi ee Bi oe Be Be | CO ee Be ee Be | . 
oO 
Be 6 eH AMHANANT § PTNNANNAN Cd ON 
HH 
H PANM (NAM “MNF -HMN “MAN -NMH4 


WY DS PP PL PL PP i Ps 


Qe | | ese | me | | ees | es | meme | cme | Dc | | | ges | ee |e | ee | ce | oe 
gommMm “MMM eH HENAN (ANNAN seins - 
DAN Aa ONAN (MMM sd MMM ON 
AANA (NAM (MONA CHMM (MAN (NM 
“ANM (NAM “NAH “HON -MHAN NMA 


a | | | | | | | | Se 


r 


inv.p 


a Xe ee ee ee 
AAMMM MMM FH PANAN et PANNA oo 
BAN Ha HANAN (HMMM -MMM -H HTN 
Bx ANNAN (HMMM 2H CHNANNANN (HMMM - 
“ANM (ANM (ANM CANNY CANM CTHNM 


DY I PS PS PS 


tat 


uy 
oO 
Q 


ammo MO MM MMMM oO 
i Gee eee eee) 


ee en | | | | | | | | 


Figure 10.3-C: Numbers in falling factorial basis and permutations so that the number is the alternative 


(reversal-) code of it (left columns). The inverse permutations and their rising factorial representations 


are shown in the right columns. 


PTI ete te eee see see eee eee eee et 
Ey ein pet an ee: RA AANMNMNANMNAANMNMNAMNATA 4 
a 


WY LS i PL PE PL LL PL LL 


AMM MMMM ooo om roo om oo root 


BMMNMNMNMNMNNANSA + edd ONAN? ed CHONN 


4 

OO — "AMMMMMNMNNANNT + ett ONAN: 
am “NAA ed INNA SMOMMMMNMNNANT + ed 
q sSNA te PCAN N tt CHNNMMM MM MY 


a | | | | | | | | | ee | 


qa TOTO TAA AIPA AIP APA AAA AAA AAAI 
AMMMMMNMNNANANNNA AAAs ee tee 
6 MMA 2 SNNMM - 


moo oo ooo oo eee eo eee 


- er AAA AANAAANNM MMMM OY 
@ AANN § CSANN CSN N CHAN 
HH 

ee 


Figure 10.3-D: Numbers in rising factorial basis and permutations so that the number is the alternative 
(reversal-) code of it (left columns). The inverse permutations and their falling factorial representations 


are shown in the right columns. 


[fxtbook draft of 2008-January-19] 


10.3: Factorial representations of permutations 227 


The routine is the inverse of 


void ffact2perm_rev(const ulong *fc, ulong n, ulong *x) 


for (ulong k=0; k<n; ++k) xl[k] =k; 
for (ulong k=0; k<n-1; ++k) 


{ 
ulong fa = fc[k]; 
// Lehmer: rotate_right1(xtk, fat1); 
if ( fa ) reverse(xtk, fati); 

} 


} 


Figure |10.3-C| shows the permutations of 4 elements and their falling factorial representations, it was 
created with the program [FXT: comb/fact2perm-rev-demo.cc). The routines for the rising factorial 


(figure|10.3-D) basis are 


void perm2rfact_rev(const ulong *x, ulong n, ulong *fc) 


t 
ALLOCA(ulong, ti, n); // inverse permutation 
for (ulong k=0; k<n; ++k) tilx[k]] =k; 
for (ulong k=n-1; k!=0; --k) 
{ 
ulong j; // find element k 
for (j=0; j<=k; ++j) if ( tilj]l==k ) break; 
pak jf: 
fc[k-1] = j; 
reverse(titk-j, jt1); 
} 
} 
and 
void rfact2perm_rev(const ulong *fc, ulong n, ulong *x) 
t 
for (ulong k=0; k<n; ++k) x[k] =k; 
ulong *y = x+n; 
for (ulong k=n-1; k!=0; --k, --y) 
{ 
ulong fa = fc[k-1]; 
if ( fa ) 
{ 
t++fa; 
// Lehmer: rotate_lefti(y-fa, fa); 
reverse(y-fa, fa); 
} 
} 
} 


10.3.3. A representation via swaps 


The routines for the conversion from permutations to factorial representations shown so far have com- 
2 


plexity n*. The following routines compute different factorial representations with complexity n [FXT: 
comb/fact2perm-swp.cc : 


void 
perm2ffact_swp(const ulong *x, ulong n, ulong *fc) 


// Convert permutation in x[0,...,n-1] into 

// the (n-1) digit (swaps-) factorial representation in fc[0,...,n-2]. 
// One has: fc[O]<n, fc[i]<n-1, ... , fc[m-2]<2 (falling radices) 

{ 


ALLOCA(ulong, t, n); 

for (ulong k=0; k<n; ++k) t[k] = x[k]; 
ALLOCA(ulong, ti, n); // inverse permutation 
for (ulong k=0; k<n; ++k) tilt[k]] =k; 


for (ulong k=0; k<n-1; ++k) 
ulong tk = t[k]; // >=k 
fc[k] = tk - k; 


ulong j = tilk]; // location of element k 
tiltk] = tilt[j]l]; 


[fxtbook draft of 2008-January-19] 


Chapter 10: Permutations 


228 


Cee es DU DD DU De DU 


2 “ANM FTANM CTANM FANNY CTNM CTNM 
Bt tt tAAATNANNN 8 8 CS MMHTNNANAAN 
HH 

|S Son nan ins Noa ine nae Ioan nan inn ioe Ian ae 


DS I SP PP PS Ps 


POAT AAP APA AAP AAP AIP APTA ARP Arar ae ae ae ae ae ae oe 
amon “MMM sD HENAN “ANN sine: 
DAN “NAH CANN CNMM (NAH CHMM -M 
AH eAAN HNNM (MMT PHAM -MMON (NN 
“ANM NAM (ONT PHAMON (MAN CNOA 


DY I PS SP I 


inv.p 


a Coen en Ue Us eC Ue [UU |e UU UU UU UU Ue 
BAN “NA AANA -NMMM -MMM Hed 
Bo AANA -NMMNM HH PHANN -NMMM - 


DL I PL PL PL PP PL Ps 


tat 


= 
uy 
o 
A 


Ce Ue CD DD ee Ue 


p oe 8 © © © © ell ll een ee in lo woe Bie i oe Bi oe ee ee 
1S) 
Bt tt PAA AANANNN 8 8 CH MHHANNAAN 
HH 
H HANM HANM CANM PANY CTANM CTNM 


DY I I PP 


Figure 10.3-E: Numbers in falling factorial basis and permutations so that the number is the alternative 


(swaps-) code of it (left columns). The inverse permutations and their rising factorial representations are 


shown in the right columns. 


TET I tet 
ee ee ce | 
PANN PATNA PA ANN ? CDANGN 
soe ee ee AAA HAANAAANANM MMMM 


DY I PE PI 


aM MMO MO OOM OM MOO oO 


=) 
q 
0) 
Q, 


qd 
° 
‘d 
p 
fon) 


oO 
Q 


1S) 
@ 
4H 
4 


MONMATDNOINM © NM MAT et ON PTHTN 
NMAMNMNNANM “ON 2 (MAM AN st HN 
AANNMM + NAMM +s (MMA ANN : 

eS AAA TAANANANANNMMM OM 


DY 


Coen es UU Ue Ue UU DC UU UU Ue Ue Ue Ue 
MNMNTATAHMIYNMNAAMIMNMIMNAT +s 8 se ee es 
NAMNAANMNMATANM = © 8 8 8 ANMNAANMY 
AANMMN © 8 et ee AANMNMNNANTAANMNMN 

AANNMNANMNAANNMNANAT SA 


| | | | |) | | | oe | | | | | oe | | | | | | | | 


Tar a a ee a ee a OE oe Re a a ee a 
a AAA AANANANANANMMM OM 
ANN CD ANN CD ANN CORTON 
ee 


DY I I I 


Figure 10.3-F: Numbers in rising factorial basis and permutations so that the number is the alternative 


(swaps-) code of it (left columns). 
are shown in the right columns. 


The inverse permutations and their falling factorial representations 


[fxtbook draft of 2008-January-19] 


10.3: Factorial representations of permutations 229 


t[j] = tk; 
} 
void perm2rfact_swp(const ulong *x, ulong n, ulong *fc) 
// Convert permutation in x[0,...,n-1] into 
// the (n-1) digit (swaps-) factorial representation in fc[0,...,n-2]. 
// One has: fc[0]<2, fc[1]<3, ... , fc[n-2]<n (rising radices) 
{ 
ALLOCA(ulong, t, n); 
for (ulong k=0; k<n; ++k) tlk] = x[k]; 
ALLOCA(ulong, ti, n); // inverse permutation 
for (ulong k=0; k<n; ++k) tilt[k]] = k; 
for (ulong k=0; k<n-1; ++k) 
{ 
ulong j = tilk]; // location of element k, j>=k 
fc[n-2-k] = j - k; 
ulong tk = t[k]; 
tiltk] = tilt[j]l]; 
tlj] = tk; 
} 
} 


Their inverses also have complexity n. The routine for falling base is 


void ffact2perm_swp(const ulong *fc, ulong n, ulong *x) 
// Inverse of perm2ffact_swp(). 


{ 
for (ulong k=0; k<n; ++k) xlI[k] =k; 
for (ulong k=0; k<n-1; ++k) 
{ 
ulong fa = fclk]; 
swap2( x[k], x[kt+fa] ); 
} 


The routine for the rising base is 


void rfact2perm_swp(const ulong *fc, ulong n, ulong *x) 
// Inverse of perm2rfact_swp(). 


{ 
for (ulong k=0; k<n; ++k) xl[k] =k; 
for (ulong k=0,j=n-2; k<n-1; ++k,--j) 
{ 
ulong fa = fc[k]; 
swap2( x[j], x[jtfa] ); 
} 
} 


The permutations corresponding to the alternative codes for the falling basis are shown in figure 
(left columns). The inverse permutation has the rising factorial representation that is digit-reversed 
representation (right columns). The permutations corresponding to the alternative codes for rising basis 


are shown in figure }10.3-F| The listings were created with the program [FXT: |comb/fact2perm-swp- 


demo.cc). The routines can serve as a means to find interesting orders of permutations. Indeed, the 
permutation generator shown in section on page was found this way. A recursive algorithm for 


the (inverse) permutations shown in figure|10.3-F]is given in section |10.13}on page [263] 
10.3.4 Cyclic permutations 


Cyclic permutations of n elements (permutations that consists of one cycle of size n, see section |2.11.4 


on page |{108) can be obtained from length-(n — 2) factorial numbers. We give routines for both falling 
and rising base [FXT: comb/fact2cyclic.cc': 


void ffact2cyclic(const ulong *fc, ulong n, ulong *x) 
// Generate cyclic permutation (standard representation) in x[] 


// from the (n-2) digit factorial number in fc[0,...,n-3]. 
// Falling radices: [n-1, ..., 3, 2] 
{ 


[fxtbook draft of 2008-January-19] 


Chapter 10: Permutations 


230 


AMM MMMM mmm mmm ma mmm mmr 
MOATNANNTAONOMNANNDATMNONANMO 
BOO OLSOO ON Sos ON Sal er SOOO A OOO 


RT a SU ph Se ago ye oe ela LEED BO SOD 
Cee ee ese eee a ee see CNet Oo ra Ose OEY 
EAS 079° 09: 02 STONE ON SEEN: EN OST C9092. 09 Sst eh SD sort 


ey ee ee | | | 


LIN ON ODN IONIONN ONION ION ION ONION ION ION ONION TORN ION ON ON NIN INNO 


Cr a a a a oe ne a 


a i a i a i i ar a 


er ee ae ee ee ee ee ee ee ee 
COAFAAMNMNMNFAPAANANHTANNTANMM OM SH 


Cr a i or i ae 


OR OR OR OR OR CORON OROR CORON OR OR OR OR OR OR OR OROR OR OTROS) 


eoeesares>s aes ees es eevee es mes eases eee re sl eee 


mera eae eae sea eae eae sae ese eae ae ae see se oe oe oe 
§ OHANMOTHAMOTANMOTHAMOHAMOHAM 
Btooon tH HANA OOON HATA 
PYNMNMNHHOCOPOOCOHAPHAHAMNMNNTAGDHAH 
FANHTANAHTAMMMdMMMdHHOOOTOOO 
DAs HAMM MHFAHHAAATAAAS AO OOD 


ey | ee | | OO | 


AMM MM MMM Mmm mmm mom oro 
et dan! See Eble ten Mak Soc, ot ser, See 8, 8 ee ee ee ee ee ee 
SHINN NN 8 CATON ANNANE 
*ANM CANNY CANNY CANNY CTANMYM CTNMY 


Des PP PS PP PP PP PS PU PP Py PP bt 


falling fact. 


Figure 10.3-G: Numbers in falling factorial basis and the corresponding cyclic permutations. 


inv.perm. 


cycle 


permutation 


rising fact. 


Amma mmm mmm mmm or 
MMONANTAONNNONTAOHONYNNTAONTAO 
NA ONTDAONTAONTAONTHONTOGMY SSSA 
AOHOMNMNAOCOHOMNMNAHAAHGHHPHAOHOMNM 
ODANANMNONSTAIYHAHAHPOANTMNMNONWDANMNON 
FITS PIMMNNANANMNANTANAMNMNATAAS 


DY PS PP PS PS PS PP PS PP PP Ps 


LIN ODN OINIODRNONN ON ODN ION ONION INN ION III ION ION ION IN IN INNO 


Cr i a i a a CY 
a i ar 
a i a a i i aC 


OR OR OR OR ORCA CORON OR ORONO ORONO ORONO OR ORONO ORS) 


eoeesesesaaes ess ees eee _—_’_"'—'ev"wwv””Ow” 02 9_ 0 oO ues 


Amma mmmm mmm mmm 
DODVDWVWVOA AAA AANANAATAMNMMMM YM 
SFHHANNDOPIANNCOHAAPHOOHAANN 
MAATYNAAMNTOMNOAMNHAOMNOAPTHAOTON 
NIANTMNINMNDOMOTAMNHOMONYTANOHO 
ANMNNAMNHAAMNANYTONATMYNPAMNANTATSDS 


DY PS PP PP PP PS PS PP PP PP PP Pb 


Pte ar le er At a re a ee ee ee a ee el Oe ee Oe 8 ee ee 
rc AAA ATAANANAANANMMMMM OY 
Ss eAANN PCD ANN CDNA 
i 


DY PS PP PS PS PP PS PP PP PS PP PP Pt 


Figure 10.3-H: Numbers in rising factorial basis and corresponding cyclic permutations. 


[fxtbook draft of 2008-January-19] 


10.4: An order from reversing prefixes 231 


for (ulong k=0; k<n; ++k) x[k] =k; 
for (ulong k=n-1; k>1; --k) 
{ 
ulong z = n-1-k; // 0, ..., n-3 
ulong i = fc[z]; 


swap2(x[k], x[i]); 
} 


if ( m1) = swap2(x[0], x[1]); 
} 


void rfact2cyclic(const ulong *fc, ulong n, ulong *x) 
// Generate cyclic permutation (standard representation) in x[] 
// from the (n-2) digit factorial number in fc[0,...,n-3]. 
// Rising radices: [2, 3, ..., n-1] 
{ 
for (ulong k=0; k<n; ++k) x[k] =k; 
for (ulong k=n-1; k>1; --k) 
{ 


ulong i = fc[k-2]; // k-2 ==n-3, ..., 0 
swap2(x[k], x[i]); 


if ( m>1) swap2(x[0], x[1]); 
} 


The cyclic permutations of 5 elements are shown in figures |10.3-G| (falling base) and |10.3-H] (rising 
base). The listings were created with the program [FXT: comb/fact2cyclic-demo.cc|. Note that the cycle 
representation could be obtained by applying the transformations to (all) permutations to all but the 


first element. That is, one can generate all cyclic permutations in cycle form by permuting all elements 
but the first with any permutation algorithm. 


10.4 An order from reversing prefixes 


permutation rfact inv. perm. 

0: [.123] Los wed [.123] 

Ls [1.23] [1i..] Lai. 23°] 

2: [2.13] a [12.3] 

3: [.213] [ii.] [.213] 

4: [12.3] [.2.] [2.13] 

5: [21.3] [12.] [24-203] 

6: [3.12] [..1] [2 32 J 

Gs [.312] [i.1] [ x, 28-1 ] 

8: [13.2] [.11] [2.31] 

9: [31.2] [iii] [213.] 

10: [.132] [.21] [.132] 
11: [1.32] [121] [1.32] 
12: [23.1] fee es: 2 [235.242] 
13: [32.1] [1.2] [231.] 
14: [.231] [.12] [. 3 22] 
15: [2.31] [112] [13.2] 
16: [3.21] [.22] [132.] 
17: [.321] [122] [.321] 
18: [123 .] [..3] [3.12] 
19: [213.] [1.3] [31.2] 
20: [312.] [.13] [312.] 
21: [132.] [113] [3.21] 
22: [231.] [.23] [32.1] 
23: [321.] [123] [3 24-2] 


Figure 10.4-A: All permutations of 4 elements in an order where the first 7 + 1 elements are reversed 
when the first j digits change in the mixed radix counting sequence with radices [2, 3, 4, ...]. 


A surprisingly simple algorithm for the generation of all permutations is obtained by mixed radix counting 
with the radices [2, 3, 4, ...] (column digits in figure|10.4-A). Whenever the first 7 digits change with 


[fxtbook draft of 2008-January-19] 


232 Chapter 10: Permutations 


an increment then the permutation is updated by reversing the first 7+ 1 elements. As with lex order the 
first half of the permutations are the complements of the permutations in the second half, now rewrite 


relation [10.1-1]on page [219] as 

R = ICI (10.4-1) 
to see that the first half of the inverse permutations are the reversed inverse permutations in the second 
half. This can (for n even) also be observed from the positions of the largest element in the inverse 
permutations. An implementation is [FXT: class perm_rev in |comb/perm-rev.h': 
class perm_rev 


{ 

public: 
ulong *d_; // mixed radix digits with radix = [2, 3, 4, ..., n-1, (sentinel=-1)] 
ulong *p_; // permutation 
ulong n_; // permutations of n elements 


public: 
perm_rev(ulong n) 


{ 


n 


n; 

p_ new ulong[n_]; 

d_ new ulong[n_]; 

d_[n-1] = -1UL; // sentinel 
first(); 


} 


~perm_rev() 


delete [] p_; 
delete [] d_; 


oe first() 


for (ulong k=0; k<n_-1; ++k) d_[k] = 0; 
for (ulong k=0; k<n_; ++k) p_I[k] =k; 
} 


void last() 
{ 


0; k<n_-1; ++k) d_[k] = k+ti; 
for (ulong k=0; k<n_; ++k) p_[k] = n_-1-k; 
} 


The update routines are quite concise: 
co next () 
// increment mixed radix number: 
ulong j = 0; 
while ( d_[j]==j+1 ) 1 d_[j]=0; ++j; } 


// j==n-1 for last permutation 
if ( j!=n_-1 ) // only if no overflow 


++a_[j]; 
reverse(p_, j+2); // update permutation 
return true; 


is 


else return false; 


} 
bool prev() 
{ 


// decrement mixed radix number: 
ulong j = 0; 
while ( d_[j]==0 ) { d_[j]=jt1; ++j; } 


// j==n-1 for last permutation 
if ( j!=n_-1 ) // only if no overflow 


--d_[j]; 
reverse(p_, j+2); // update permutation 
return true; 


else return false; 


[fxtbook draft of 2008-January-19] 


10.4: An order from reversing prefixes 233 


} 
}; 


Note that the routines work for arbitrary (distinct) entries of the array p_[]. 


An upper bound for the average number of elements that are moved in the transitions when generating 
all N = n! permutations is e + 2.7182818 so the algorithm is CAT. The implementation is actually fast, 
it generates more than 110 million permutations per second. Usage of the class is as simple as: 


ulong n = 4; // Number of elements to permute 
perm_rev P(n); 

P.first(); 

do 


// Use permutation here 


} 
while ( P.next() ); 


Figure|10.4-A]was produced with [F XT: . The described method is given in [250]. 


10.4.1 Optimizing the update routine 


One can optimize the update routine by observing that 5 out of six updates are the swaps 
(0,1) (0,2) (0,1) (0,2) (0,1) 


We use a counter ct_ and modify the methods first() and next() [FXT: class perm_rev2 in 
comb/perm-rev2.h': 


class perm_rev2 


[--snip--] 

void first( 

{ 
for (ulong k=0; k<n_-1; ++k) d_[k] 0; 
for (ulong k=0; k<n_; ++k) p_[k] = 
ct_ = 5; 


k; 
} 
bool next () 


if ( ct_!=0 ) // easy case(s) 


{ 
--ct . 


swap2(p_[0], p_[1 + (ct_ & 1)]); 
return true; 


else // increment mixed radix number: 


ct_ = 5; // reset counter 


ulong j = 2; // note: start with 2 
while ( d_[j]==j+1 ) { d_[j]=0; ++j; } 
// j==n-1 for last permutation 

if ( j!=n_-1 ) // only if no overflow 


++d_[j]; 
reverse(p_, j+2); // update permutation 
return true; 


else return false; 


} 
[--snip--] 
The speedup is remarkable, about 186 million permutations per second can be generated (about 11.8 


cycles per update). If arrays are used instead of pointers, the rate is about 200 million per second 
(10.8 cycles per update). The routine can be used for permutations of at least three elements [FXT: 


comb/perm-rev2-demo.cc). 


[fxtbook draft of 2008-January-19] 


234 Chapter 10: Permutations 


10.4.2 Method for unranking 


Conversion of a mixed radix (rising factorial) number into the corresponding permutation proceeds as 
exemplified for the 16-th permutation (15 =1-1+1-2+2-6, so d=[1,1,2]): 


1 p=[ 0, 1, 2, 3] =[ 0, 0, 0] // start 

13 p=[ 2, 3, 0, 1] =[ 0, 0, 2] // right rotate all elements twice 
15 p=[ 0, 2, 3, 1] d=[ 0, 1, 2] // right rotate first three elements 
16 p=[ 2, 0, 3, 1] d=[ 1, 1, 2] // right rotate first two elements 


The idea can be implemented as 


void goto_rfact(const ulong *d) 
// Goto permutation corresponding to d[] (i.e. unrank d[]). 
// af] must be a valid (rising) factorial mixed radix string: 


// afj==[d(0), d(1), d(2), ..., d(n-2)] (m-1 elements) where 0<=d(j)<=j+1 
{ 

for (ulong k=0; k<n_; ++k) p_[k] =k; 

for (ulong k=0; k<n_-1; ++k) d_[k] = d[k]; 


for (long j=n_-2; j>=0; --j) rotate_right(p_, j+2, d_[j]); 


10.5 Minimal-change order (Heap’s algorithm) 


permutation swap digits rfact (perm) inv. perm. 
0: L = 4132-3.) (0, 0) i ee [ee 2 ae [.123] 
1: [1.23] (1, 0) i re Lt 2 ve J [1.23] 
2: [2.13] (2, 0) ee feted: sd [12.3] 
3: [.213] (1, 0) [ii.] fe oad ss 4) [.213] 
4: Lad. 3] (2, 0) [oie 2-2] [.2.] [2.13] 
5: [21.3] (1, 0) [12.] [1i12.] [21.3] 
6: [-3°t. 4:2] (3, 0) [..1] [121] [213.] 
(3 ia es ee” (1, 0) [1.1] [.21] [2.31] 
8: Eg Set 20d (2, 0) [.11] ee ee oa [.231] 
9: [3.12] (1, 0) [111] [iii] [123.] 
10: [1.32] (2, 0) [.21] [i.1] [1.32] 
11: [.132] (1, 0) [121] Lee, ag: ic) [.132] 
12: [.231] (3, 1) [..2] [..2] Cs 312] 
13: [26 St (1, 0) [1.2] Lk 2 2] [13.2] 
14: [3.21] (2, 0) [2 t2-] [112] [132.] 
15: [.321] (1, 0) [112] [.12] Cc. 3224] 
16: [23.1] (2, 0) [.22] [.22] [23.1] 
sl Ge E32. 2%] (1, 0) [122] [122] [231.] 
18: L324... ] (3, 2) ee [123] [321.] 
19: [231.] (1, 0) [1.3] [.23] [32.1] 
20: [132.] (2, 0) [.13] [.13] [3.21] 
21: [312.] (1, 0) [113] [113] [312.] 
22: [213.] (2, 0) [.23] [1i.3] [31.2] 
23: [123 .] (1, 0) [123] = 3 ] [3.12] 


Figure 10.5-A: The permutations of 4 elements in a minimal-change order. Dots denote zeros. 


Figure Eel oe the permutations of 4 elements in a minimal-change order: just two elements are 
swapped with each update. The column labeled digits shows the mixed radix numbers (rising factorial 
base, see section [10.3] on page |222) in counting order. Let j be the position of the rightmost change of 
the mixed radix string R. Then the swap is (j + 1,2) where x = 0 if j is odd, and = R; —1 if j is even. 
The sequence of values j + 1 starts 


1,2, 1, 2, 1; 3,1; 2, 2, 2, 1, 3, 4, 2, 2, 2, 1,3, 1, 2, 2,2, 1; 4,2, 2, 2,2... 
The n-th value (starting with n = 1) is the largest z such that z! divides n (entry A055881/ of [214]). The 


column labeled rfact (perm) of the figure shows the rising factorial representations of the permutation, 
see section on page The column is a Gray code only for permutations of up to four elements. 


An implementation of the algorithm (given in [[31]) is [FXT: class perm_heap in |comb/perm-heap.h : 


[fxtbook draft of 2008-January-19] 


10.5: Minimal-change order (Heap’s algorithm) 235 


class perm_heap 


{ 
public: 
ulong *d_; // mixed radix digits with radix = [2, 3, 4, ..., n-1, (sentinel=-1)] 
ulong *p_; // permutation 
ulong n_; // permutations of n elements 
ulong swi_, sw2_; // indices of swapped elements 
[--snip--] 


The computation of the successor is simple: 
bool next() 
{ 


// increment mixed radix number: 
ulong j = 0 


while ( a_[jl==j+1 ) { d_[j]=0; ++j; } 


// j==n-1 for last permutation 
if ( j!=n_-1 ) // only if no overflow 
{ 
ulong k = jti; 
ulong x = ( (k&1) ? d_[j] : 0); 
swap2(p_[k], p_[x]); 
swi_ =k; sw2_ = x; 
++a_[j]; 
return true; 


else return false; 
as 
About 115 million permutations are generated per second. Often one will only use the indices of the 
swapped elements to update the visited configurations: 
void get_swap(ulong &s1, ulong &s2) const { si=swi_; s2=sw2_; } 


Then the statement swap2(p_[k], p_[x]); in the update routine can be omitted which leads to a rate 
of 165 million permutations per second. Figure |10.5-A| shows the permutations of 4 elements, it was 


created with the program [FXT: |comb/perm-heap-demo.cc. 


10.5.1 Optimized implementation 


The algorithm can be optimized by treating 5 out of 6 cases separately, those where the first or second 
digit in the mixed radix number changes. We use a counter ct_ that is decremented [FXT: class 


perm_heap2 in comb/perm-heap2.h/: 


class perm_heap2 


{ 

public: 
ulong *d_; // mixed radix digits with radix = [2, 3, 4, 5, ..., n-1, (sentinel=-1)] 
ulong *p_; // permutation 
ulong n_; // permutations of n elements 
ulong swi_, sw2_; // indices of swapped elements 
ulong ct_; // count 5,4,3,2,1,(0); nonzero ==> easy cases 

[--snip--] 


The counter is set to 5 in the method first(). The update routine is 
bool next () 
{ 


if ( ct_!=0 ) // easy case(s) 


t Sect. 
swi_ = 1+ (ct_ & 1); // == 1,2,1,2,1 
sw2_ = 0; 
swap2(p_[swi_], p_[sw2_]); 
return true; 
} 
else 


ct_ = 5; // reset counter 


// increment mixed radix number: 


[fxtbook draft of 2008-January-19] 


236 Chapter 10: Permutations 


ulong j = 2; 

while ( d_[j]==j+1 ) { d_[j]=0; ++j; } 
// j==n-1 for last permutation 

if ( j!=n_-1 ) // only if no overflow 


$ ulong k = jt+i; 
ulong x = ( (k&1) ? d_[j] : 0); 
swi_ =k; sw2_ =x; 
swap2(p_[swi_], p_[sw2_]); 
++d_[j]; 


return true; 


else return false; 
} 


Note that the routine only works for permutations of at least three elements. Usage of the class is shown 


in [FXT: comb/perm-heap2-demo.cc). The rate is about 190 million updates per second. 


10.5.2 Computing just the swaps 


If only the swaps are of interest we can simply omit all statements involving the permutation array p_[]. 
The implementation is [FXT: class perm_heap2_swaps in comb/perm-heap2-swaps.h|, usage of the class 
is shown in [FXT: |comb/perm-heap2-swaps-demo.cc : 


ulong n = 4; 

ulong *x = new ulong[n]; // permutations 
for (ulong k=0; k<n; ++k) x[k] =k; 
perm_heap2_swaps P(n); 

do 

£ 


ulong swi, sw2; 

P.get_swap(swl, sw2); 

swap2( x[swi], x[sw2] ); // update permutation 
// visit permutation 


} 
while ( P.next() ); 


The update routine works at a rate about 310 million per second (about 7 CPU cycles per update). Using 
arrays instead of pointers results in a rate of about 420 million per second (5.25 cycles per update). 


Heap’s algorithm and the optimization idea was taken from the excellent survey [211] which gives several 
permutation algorithms and implementations in pseudo code. 


10.6 Lipski’s Minimal-change orders 


10.6.1 Variants of Heap’s algorithm 


Various algorithms similar to Heap’s method are given in Lipski’s paper |171|, we take three of those 
and add a similar one. The four orderings obtained for the permutations of five elements are shown 
in figure |10.6-A} The leftmost order is Heap’s order. The implementation is given in [FXT: class 


perm_gray_lipski in comb/perm-gray-lipski.h), the variable r determines the order that is generated: 


class perm_gray_lipski 


[--snip--] 
ulong r_; // order (0<=r<4): 
[--snip--] 


bool next () 
{ 


// increment mixed radix number: 

ulong j = 0; 

while ( d_[j]==j+1 ) { d_[j]=0; ++j; } 
if ( j<n_-1 ) // only if no overflow 


[fxtbook draft of 2008-January-19] 


237 


10.6: Lipski’s Minimal-change orders 


on =D an = =D on =D =D 
DD N 4 N N 4 N N 
ue} ARID PRARDDD BRAD ARARARADARAR 28RARRAR 2PRDARARD 2SRARARARARAD ABRARAR BRA ARAN 


! ANANAMNANANANANANAMN ANANDA PANANAMNANTANAMNANANAMNANANAPANTANAMNANANS 
17-5. erorrrrressrmrnrrwrrrr"_v~_—vY"'’/"rv"s SO tw >">”Pr” > >” & vO > >>” >” ” >” >">” >>>” >" "OO "OO O"Y"”O"” OE” 0 Ov O">"”>"”"—”’r «~sorreweEO”t” WwW” 


AMM MMM MMMM mmmmmm Mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm mime 
se ee ee AMAA ATAANANANNANNANNANANANMMMMOMMM © 2 see eHHAHIAPIHGPIAPIANANANAAN 


“-~ 

Daal 
PD PRDRRA RAR ARIA AMN 
ANANANAMNANANS 
ers sere wer <sr> O00 2 ON” 


Ces Do ee Ue CD Ue UD Ue Le] 
NANNANNNANANNANNANAS 
ASSIA PIMNMNMNMNMNY 


ONANAT 2 (MMATNANN = (MMMM © eH AHH ee EMOMNN es -HPHPIMMNANNANNMM + -HHAHMMNANHTHAMMATH MMM +s ss ets 
MAA INNA ANANNMMT HMOMNN + eA AMM © EMMA H es eHPHINN -MNNPFHIMM © -NAMNMNANNAAMNMNAAHAHM FH es -MYMATAHHD ss ed 
5 “AN (ANN AMNTAMM (NM NA EMF HMM -FOHM FH NA ANMNIANMNS -MNN -MYNANAMNANMNAAMNHPAMNS 6AM CAMS eta: 
Pe i a a a a a a a 
ba 

on an an on Tan an on Tan 

oo N N od N N onl N 


. LNDNIORNIOIRNOIN ODN NNN NON BRR ONIN BRR IR BRINN RONNIE NER ONION OD BRINTON OR BRINN IN IN BRINE INNIS NINN 
van ANANAMYNANANANANANAMN ANANDA PANTANAMNANANANANANAMYNANANAPANANAYNANANA 


SN De DD ee ee ee De De De ee De ee De De | Le 


See ee TS SSE MS SS 02 COED 9 9079 1D) 9G. SO .69 019 DCD 9: OF 909:09,.9 0 


PD PRDRRIDDR BRA IR AN 
AMANANANANANS 
erreres"r_’rerre>s s~srs> a O0@e 0 EO” 


Ce De De DL 


NANNANNANNNAANA A 


TrMMMMMMNANNANNANDA Aras 6 tt ee te ee ee SPHIHAPHIHPINANNNNN DA AAA AAA HAHAHAHAHA MMNMMMM Ws ee ee NMMMMM 
Oo NNAD 8 tt PAHAMMMMONN + (HANNAN MOMPHANN AAA ANN 8 8 ek OPH MANN GSD OMMPANNN ANG Sos PHP AAMM + ests 
oo § EINNAAMM © HAN t HMMNANNMYNMAANNAAHPINN CA ANGA eH HUNAN APINANNMOMOS PATNA SD “AMNMNSHFPHAnA SH +e en 
TA HAN PANY EMT UNM HNYNMNNAMNNTAANPAND (NA CNA Pet CFIN CP NNIONIMOAIANASIN YNMNAAMNAHSPHHA eta: 
ww 
Wo cle J baneeeed he Rel Maem fe feel hee Mad Led feel el feel Kal bel bel heel Kane fame banc he! based Maem! bat bed bel hace fam based haem ee! Reem Rammed hash bac Led Rammd Ramee Rael based Le Rane Renee Rane based Rane Ra Rasmed Rane based Rand Rane Raced Lad Manes Ram Ral Ramlila heme be Lonel Mane bed Lem hee Lael Ranma! tae Lem hme 
fa 

a lon a lon a lon 

N a) N a) N aa) 
+#% | di ls Al ls Ta PEL PONT TO, EFOLLETT LOD LO LO ET I OP LE OL NE A EOE A Ee OL NE ee on. POE LO Le 
DP ANANAHMNANANAMNANANAMN ANANDA HANA NAMNANANAMN ANANDA MNANANAHPANTANAM ANANTH AMNANANAMNANANASG 
Le} eee ere eee eae 000 O05 OS nrae>eqrows o> 0—>)—00 00” 0 ors ES mm Om OSI SOE “Oo EO OS SO Os Or Owrv’w>swvw > *vOO>?™ SS aera sewn" ._ 0" SO YO ORI __ sa rae eT er Oe Or Oe ee eee eee ee 


SD DD DD ee ee De Oe ee ee 
SSSI APAIG GIP SG AGA PIPE PAPA HPHAPIMNMNAYAMNMNIMNMNMAIMNMNIMNMNMNMNIMIMNMNMIMNMIMNMMMNNNANNANANANNANANANAN 
OMMMIMMM + + + + 2 s AAAAAANANNAANNNNANAND SA Stttos se eee AMAA AAA AAHAAAMNNAMNMNMNM 


[Pp es sD sD ts Ws ss Ws Ws Ws Ls DS Ls Ws ts Ws a Ls Ws a a a ts Wt sts 


ROO WG GOGO IGG OGG BGO BGG VG GOS OSE IG OG GB GG ONO TO OaSmesaevs 
ee ee ee ee 
ODMNMMNMNMNMNNANNNNDA Ada st tt tt tt ete AMNMNAMNMMNANAANAS HY IyeIgI gd 
ONAN 8 et PAHAMMMMNN + (TH ANANMMONMMNNSPHSPHAHANN 8 8 EMMPINNMM © 8 EMMA HAMNMNSSH 
INNA TAMM © eAN § HMMNANMNMAHANANNPHAMMNN 2 OPA NMOSH 2 MM © CNAMNM AH ss -MOMNSPHHAAM 
2° "AN CANON EMT 8 HENNY HNMMNAMNNAHPAMNINM (NAS NAAM -HM 2 MN -MNAM (HM -HONAIMNH 


{Pp Hs a Ws Ws ts Ws a DL Ws Ws Ws ts Ls Ws a st a tt Ws sts 


AANFHONDACHAMHTDONOROH 
Be ee ee ee ee Be | 


ANAANNANMMMMMM 


© YMNMYNANAPHHPAANN 


ANAAPIMNMNAANANS Ho 
SFHPHMONPAMNANAPTAHATS 


DY 


AGTIIATPIMNMNMNMMM 
ANANNAHAMYNNSAHPAANN 
HFAMNMNANANAAANANSIHH4 
MAMANMNANANASTATSH 


DY 


DOTAANMNSMO OK OD 
as Bs es ee ee el 
Se Oe Oe ee 


108 
120 


Figure 10.6-A: First half and last permutations of five elements as obtained by variants of Heap’s 


method. Next to the permutations the swaps are shown as (a, y), a swap (2,0) is given as (x). 


[fxtbook draft of 2008-January-19] 


238 Chapter 10: Permutations 


const ulong d = d_[jl; 


ulong x; 
switch ( r_ ) 
{ 


case 0: x = (j&1 ? 0: d);_ break; // Lipski(9) == Heap 
case 1: x = (j&1 ?0: j-d); break; // Lipski(16) 

case 2: x = (j&1 ? j-1 : 4); break; // Lipski(10) 

default: x = (jk1 ? j-1 : j-d); break; // not in Lipski’s paper 
} 


const ulong k = j+i; 
swap2(p_[k], p_[x]); 
swi_ =k; sw2_ = x; 


d_[j] =d+ 1; 
return true; 


else return false; // j==n-1 for last permutation 
} 
{[--snip--] 
The top lines in figure repeat the statements in the switch-block. For three or less elements all 
orderings coincide, with n = 4 elements the orderings for r = 0 and r = 2, and the orderings for r = 1 


and r = 3 coincide. About 110 million permutations per second are generated [FXT: |comb/perm-gray- 


lipski-demo.cc|. Optimizations similar to those for Heaps method should be obvious. 


10.6.2 Variants of Wells’ algorithm 


x=( (jk&1) || (d<=1) ? j : j-d); x=( (j&1) || (d==0) ? 0 : d-1); 
Le [.123] 1: [.123] 
2: [1.23] (1, 0) 2: [1.23] (1, 0) 
3: [12.3] (2, 1) 3: [2.13] (, 0) 
4: [21.3] (1, 0) 4: [.213] (1, 0) 
5: [2.13] (2, 1) 5: [12.3] (2, 0) 
6: [.213] (@, 0) 6: [21.3] (@, 0) 
7: [.231] (3, 2) 7: [31.2] (8, 0) 
8: [2.31] (@, 0) 8: [13.2] (@, 0) 
9: [23.1] (@, 1) 9: [.312] (2, 0) 
10: [32.1] (@, 0) 10: [3.42]. -G, 0) 
11: [3.21] (2, 1) 11 [1i.32] (2, 0) 
12: [.321] (@, 0) 12 [.132] (1, 0) 
13: [.312] (8, 2) 13 [213.] (8, 0) 
14: [3.22] @, 0) 14 [123.] (@, 0) 
15: [31.2] (2, 1) 15 [321.] (2, 0) 
16: [13.2] (@, 0) 16 [231.] (@, 0) 
17: [1.32] (@, 1) 17 [132.] (, 0) 
18: [.132] (1, 0) 18 [312.] (1, 0) 
19: [213.] (8, 0) 19 [3.21] (8, 1) 
20: [123 .] (1, 0) 20 [.321] (1, 0) 
21: [132.] (2, 1) 21 [23.1] (, 0) 
22: [312.] (1, 0) 22 [32.1] (@, 0) 
23: [321.] (2, 1) 23 [.231] (, 0) 
24: [2°32 2] (4, 0) 24 [2.31] (@, 0) 


Figure 10.6-B: Wells’ order for the permutations of four elements (left), and an order where most swaps 
are with the first position (right). Dots denote the element zero. 


A Gray code for permutations given by Wells [241] is shown in the left of figure |10.6-B] The following 
implementation, following Lipski’s paper |171), includes two variants of the algorithm. We just give 


the crucial assignments in the method that computes the successor [FXT: class perm_gray_wells in 
comb/perm-gray-wells.h: 


class perm_gray_wells 


{[--snip--] 


[fxtbook draft of 2008-January-19] 


10.7: Strong minimal-change order (Trotter’s algorithm) 239 


switch ( r_ ) 


case 1: x 
case 2: x 
default: x 


( (j&1) || (d==0) 7? 0: d-1); break; // Lipski(14) 
( (j&1) || (d==0) ? 3 : d-1); break; // Lipski(15) 
( (j&1) || (d<=1) ? j : j-d); break; // Wells’ order == Lipski(8) 


[--snip--] 


’ 


Both expressions (d==0) can be changed to (d<=1) without changing the algorithm. More than 90 million 


permutations per second are generated [FXT: comb/perm-gray-wells-demo.cc). 


10.7 Strong minimal-change order (Trotter’s algorithm) 


10.7.1 Variant where smallest element moves most often 


permutation swap inverse p. direction 
0: [.123] (3, 2) [.123] +++ + 
1: [1.23] (CO, 1) [1.23] +++ + 
2: [12.3] (1, 2) [2.13] +++ + 
3: [123 .] (2, 3) Piet Oe] +++ + 
4: [213.4] (O, 1) [31.2] -+++ 
5: [21.3] (3, 2) [21.3] - +++ 
6: [2.13] (2,. 1) Pate? 2 33 -+++ 
( E42) A> Se] (1, 0) [.213] -+4++ 
8: [.231] (2, 3) [.312] +++ + 
9: [2.31] (O, 1) [13.2] ++ +4 
10: [23.1] (1, 2) E23.1] aie 
lle [2.3 4: J (2, 3) [32.1] +++ + 
12: [321.] (O, 1) [321.] se 
13: [32.1] (3, 2) [5233 bh J --++ 
14: Eesine Zot (2, 1) [132.] --++ 
15: Ease 24, J (1, 0) [ a 82:1) ee 
16: [.312] (3, 2) [.231] +- +4 
17: [3 1222] (O, 1) [ 2-2:3°2 3 +- +4 
18: [31.2] (1, 2) [213 .] +- ++ 
19: [312.] (2, 3) [312.] +- +4 
20: [132.] (1, 0) [3.21.4 i eo 
21: Et 3. 2] (3, 2) [2.31] = 
22: [1.32] (2, 1) [1.32] --++ 
23: Le 8-2. (1, 0) [28 4d 3 2.) a ae 

Figure 10.7-A: The permutations of 4 elements in a strong minimal-change order (smallest element 


moves most often). Dots denote zeros. 


Figure[10.7-A]shows the permutations of 4 elements in a strong minimal-change order: just two elements 
are swapped with each update and these are adjacent. Note that, in the sequence of the inverse permuta- 
tions the swapped pair always consists of elements x and «+1. Also the first and last permutation differ 
by an adjacent transposition (of the last two elements). The ordering can be obtained by an interleaving 
process shown in figure The first half of the permutations in this order are the reversals of the 
second half: the relative order of the two smallest elements is changed only with the transition just after 
the first half and reversal changes the order of these two elements. Mutual permutations lie n!/2 positions 
apart. 


A computer program to obtain all permutations in the shown order was given 1962 by H. F. Trotter 2230] 
(see also and ). However, the order was already known long before in connection with bell 
ringing, under the name Plain Changes, see [157]. 


We compute both the permutation and its inverse [FXT: class perm_trotter in comb/perm-trotter.h): 


class perm_trotter 


[fxtbook draft of 2008-January-19] 


240 Chapter 10: Permutations 


$2S2-2==-255--+-=- perm(4) == 
P=[1, 2, 3] (0, 1, 2, 3] 
--> [0, 1, 2, 3] {1, 0, 2, 3] 
--> [1, 0, 2, 3] [23 2,05 3) 
ee ee --> [1, 2, 0, 3] {1, 2, 3, 0] 
P=[3] ==? [1, 2, 3, 0] [2, Ly 3, 0] 
-—-> [2, 3] [2, ty 0, 3] 
—-> [3, 2] P=[2, 1, 3] [2, 0, dt; 3] 
--> [2, 1, 3, 0] (0, 2, 1, 3] 
--> [2, 1, 0, 3] (0, 2, 3, 1] 
rae [2, 0, 1, 3] [2, 0, 3, 1] 
--> [0, 2, 1, 3] (2, 3, 0, 1] 
[2, 3, 1; 0] 
P=[2, 3, 1] [3, 2, 1, 0] 
--> [0, 2, 3, 1] (3, 2, 0, 1] 
--> [2, 0, 3, 1] [3, 0, 2, 1] 
-S-$-55525-5-4--55 --> [2, 3, 0, 1] (0, 3, 2, 1] 
P=[2, 3] --> [2, 3, 1, 0] L033. 22) 
--> [1, 2, 3] [3, 0, 1, 2] 
--> [2, 1, 3] P=[3, 2, 1] [3:5 205.2) 
--> [2, 3, 1] --> [8, 2, 1, 0] (3, 1, 2, 0] 
--> [8, 2, 0, 1] {1, 3, 2, 0] 
P=[3, 2] Toe [3, 0, 2, 1] [1, 3, 0, 2] 
--> [38, 2, 1] --> [0, 3, 2, 1] (agi, 34° DT 
--> [8, 1, 2] (0, 1, 3, 2] 
--> [1, 3, 2] P=[3, 1, 2] 
--> [0, 3, 1, 2] 
a=? [3, 0, 1, 2] 
--> [8, 1, 0, 2] 
--> [3, 1, 2, 0] 
P=[1, 3, 2] 
--> [1, 3, 2, 0] 
--> [1, 3, 0, 2] 
--> [1, 0, 3, 2] 
--> [0, 1, 3, 2] 
Figure 10.7-B: Trotter’s construction as an interleaving process. 
{ 
public: 
ulong n_; // number of elements to permute 
ulong *x_; // permutation of {0, 1, ..., n-1} 
ulong *xi_;  // inverse permutation 
ulong *d_; // auxiliary: directions 
ulong swi_, sw2_; // indices of elements swapped most recently 
public: 
perm_trotter(ulong n) 
t n_ =n; 
x_ = new ulong[n_+2]; 
xi_ = new ulong[n_]; 
d_ = new ulong[n_]; 


ulong sen = 0; // sentinel value minimal 


x_[0] = x_[n_+1] = sen; 
++x_; 


Note that sentinel elements are at the lower and higher end of the array for the permutation. For each 
element we store a direction-flag = +1 in an array d_[]. Initially all are set to +1: 


void first( 


i<n_; it+) xi_[i] = i; 


for (ulong i=0; 
0; i<n_; i++) x_[i] i; 
0; 


for (ulong i 
for (ulong i 
swi_ =n_- 


i<n_; it+) d_[i] = 1; 
sw2_=n_- 2; // relative to last permutation 


ei wu i 


[fxtbook draft of 2008-January-19] 


10.7: Strong minimal-change order (Trotter’s algorithm) 241 


[--snip--] 


To compute the successor, find the smallest element e1 whose neighbor e2 (left or right neighbor, ac- 
cording to the direction) is greater than e1. Swap the elements e1 with e2 and change the direction of 
all elements that could not be moved. The location of the elements, i1 and i2 are found with the inverse 
permutation, which has to be updated accordingly: 


bool next () 
{ 
for (ulong e1=0; el<n_; ++e1) 


// e1 is the element we try to move 


ulong i1 = xi_[e1]; // position of element e1 
ulong d = d_[e1]; // direction to move el 
ulong i2 = i1 + d; // position to swap with 
ulong e2 = x_[i2]; // element to swap with 
if ( el < e2) // can we swap? 
{ 
xi_[e1] = i2; 
xi_[e2] = i1; 
x_[i1] = e2; 
x_[i2] = e1; 
swi_ = it; sw2_ = i2; 
while ( ei-- ) d_[e1] = -d_[e1]; 
return true; 
} 
} 
first(); 


return false; 


} 
The locations of the swap can be obtained with the method 


void get_swap(ulong &s1, ulong &s2) const 
{ si=swi_; s2=sw2_; } 


The last permutation can be obtained via 
void last() 
{ 


; i<n_; it+) xi_[i] = i; 


for (ulong i=0; 
0; i<n_; i++) x_[i] is 
0; 


for (ulong i 


» x_[sw2_]); 
swap2(xi_[swi_], xi_[sw2_]); 


for (ulong i=0; i<n_; it+) d_[il] -1UL; 

swi_=n_- 1; sw2_=n_- 2; // relative to first permutation 
d_[swi_] = +1; 

d_[sw2_] = +1; 

swap2(x_[sw1_] 


} 
The routine for the predecessor is obtained by adding one character to the routine next (), it’s a minus: 


bool next () 
{ 


{[--snip--] 
ulong d = -d_[e1]; // direction to move el (NOTE: negated) 
[--snip--] 
last(); 


return false; 


} 
Well, we also changed the call first() to last. 


The routines next() and prev() generate about 137 million permutations per second. Figure |10.7-A 
was created with the program [F XT: |comb/perm-trotter-demo.cc]: 


ulong n = 4; 
perm_trotter P(n); 
do 

{ 


// visit permutation 


} 
while ( P.next() ); 


[fxtbook draft of 2008-January-19] 


242 Chapter 10: Permutations 


10.7.2 Optimized routines 


The element zero is moved most often, so we can treat that case separately [FXT: comb/perm-trotter.h): 


bool next () 


{ // most frequent case: el == 


ulong i1 = xi_[0]; // position of element el 
ulong d = d_[0]; // direction to move el 
ulong i2 = i1 + d; // position to swap with 
ulong e2 = x_[i2]; // element to swap with 
if (0 < e2) // can we swap? 
{ 
xi_[0] = i2; 
xi_[e2] = i1; 
x_[i1] = e2; 
x_[i2] = 0; 
swi_ = it; sw2_ = i2; 
return true; 
} 
} 
for (ulong e1=1; el<n_; ++e1) // note: start at el=1 
[--snip--] 


The very same modification can be applied to the method prev(), only the minus has to be added: 


ulong d = -d_[0]; // direction to move el (NOTE: negated) 


Now both methods compute about 174 million permutations per second, corresponding to less than 12.6 
CPU cycles per update. 


We can also treat the second most frequent case separately by adding the block: 
bool next () 
{ 


{ // most frequent case: el == 


{--snip--] 
{ // second most frequent case: el == 
ulong i1 = xi_[1]; // position of element el 
ulong d = d_[1]; // direction to move el 
ulong i2 = i1 + d; // position to swap with 
ulong e2 = x_[i2]; // element to swap with 
if (1 < e2) // can we swap? 
{ 
xi_[1] = i2; 
xi_[e2] = i1; 
x_[i1] = e2; 
x_[i2] = 1; 
d_[0] = -d_[0]; // negate 
swi_ = i1; sw2_ = i2; 
return true; 
} 
} 
for (ulong e1=2; e1<n_; +t+e1) // note: start at e1=2 
[--snip--] 


With this modification the rate increases to about 179 million per second (12.3 cycles per update). 


10.7.3. Variant where largest element moves most often 


A variant of the algorithm moves the largest element most often as shown in say Ca (created with 
[FXT: . Only a few modifications have to be made to the code [FXT: 
class perm_trotter_lg in |comb/perm-trotter-lg-h). The sentinel needs to be greater than all elements 
of the permutations, and the directions start with minus one: 


class perm_trotter_lg 
{ 

[--snip--] 
public: 


[fxtbook draft of 2008-January-19] 


10.7: Strong minimal-change order (Trotter’s algorithm) 


243 


permutation swap inverse p. direction 
O: [..12°3.] (O, 1) be 1.'2,3~) mi Ss 
1: bo a 8°20] (3, 2) [.132] FEROS ES 
2: [.312] (2, 1) [.231] rial a 
3: [3.1.2] (1, 0) [123 .] SPITS 
4: £3 251] (3, 2) [132.] Se et 
5: [.321] (O, 1) [.321] ae 
6: Dan 2t3516 J (1, 2) [273 D2] ae Ri 
(3 [.213] (2,3) [2.21 °3-] Set 
8: dye LG (1,0) [12.3] SVS SS 
9: [2 .-3-1.] (3, 2) Pd [35 3.22! 3) SSeS 
10: [23 Lb] (2, 1) [23.1] S25 
11: B32. 1] (1, 0) [231.] SSS 
12: ies ae | (3, 2) [321.] ame eer 
13: [231.] (O, 1) P3325 te] Sua ob 
14: P28 ed) C1522), [3:24 SNS 
15: [21.3] (2, 3) [22s tJ Set 
16: [L1i2.°3 ] (O, 1) [ 2 1.3.9 aimee anes 
17: bet 3r od (3,52) [3.12] --+- 
18: [09Sr2: +: J (2, 1) [°3:.:2°1 J me 
19: [312.] (1, 0) [3.1.2] et ae 
20: [31.2] (2, 3) [213.] Se ob 
21: [13.2] (O, 1) [2.31] -- ++ 
22: [ds 352.) (1, 2) [1.32] Seek 
23: [1.23] (2, 3) Del 28:3) SS a Se 


Figure 10.7-C: The permutations of 4 elements in a strong minimal-change order (largest element moves 


most often). Dots denote zeros. 


perm_trotter_lg(ulong n) 


[--snip--] 
ulong sen = n_; // sentinel value maximal 
x_[0] = x_[n_+1] = sen; 


[--snip--] 
yore first( 


for (ulong i=0; i<n_; it+) xi_[i] = i; 

for (ulong i=0; i<n_; it+) x_[i] = i; 

for (ulong i=0; i<n_; it+) d_[i] = -1UL; 

swi_ = 0; sw2_=1; // relative to last permutation 


} 
[--snip--] 


In the update routine we look for the largest element whose neighbor is smaller than itself: 


bool next () 
{ 


ulong el = n_; 
while ( e1l-- ) 
{ 


// e1 is the element we try to move 


ulong i1 = xi_[e1]; // position of element el 
ulong d = d_[e1]; // direction to move el 
ulong i2 = i1 + d; // position to swap with 
ulong e2 = x_[i2]; // element to swap with 
if ( el > e2 ) // can we swap? 
{ 

xi_[e1] = i2; 

xi_[e2] = i1; 

x_[i1] = e2; 

x_[i2] = e1; 

swi_ = it; sw2_ = i2; 

while ( ++el<n_ ) d_[e1] = -d_[e1]; 

return true; 
} 


[fxtbook draft of 2008-January-19] 


244 Chapter 10: Permutations 


first(); 
return false; 
The last permutation can be obtained via 
oe last () 


0; i<n_; it+) xi_[i] =i; 

0; i<xn_; i++) x_[i] =i; 
0; i<n_; it+) d_[i] = 

swi_ = 0; sw2_ = 1; // relative to first permutation 


swap2 (x_ [swi_ VS x_[sw2_]); 
swap2(xi_[swi_], xi_[sw2_ 1); 
} 


The method to compute the predecessor is obtained as before. The routines next () and prev() generate 
about 126 million permutations per second. 


10.8 Minimal-change orders from factorial numbers 


10.8.1 Permutations with falling factorial numbers 


permutation ffact pos dir inverse perm. 
O: [.123] [ee as ll [.123] 
1: [1.23] fi. «J 0 +1 [1.23] 
2: [12.3] [2..] 0 +1 [2.13] 
3: [123.] [3..] 0 +1 [3.12] 
4: [213.] [31.] 1 +1 [31.2] 
5: [21.3] [21.] 0 -1 [21.3] 
6: [2.13] [ii.] 0 -1 [12.3] 
ie [.213] ee eee 0 =1 [.213] 
8: [.231] [2.22] 1 +1 [.312] 
9: [2.31] [12.] 0 +1 [13.2] 
10: [23.1] [22.] 0 +1 [23.1] 
11: [231.] [32.] 0 +1 [32.1] 
12: [321.] [321] 2 +1 [321.] 
13: [32.1] [221] 0 -1 [231.] 
14: [3.21] [121] 0 =1 [132.] 
15: [.321] Eos ta) 0 -1 [.321] 
16: [.312] [.11] di =1 [.231] 
17: [3.12] [iii] 0 +1 [123.] 
18: [31.2] [211] 0 +1 [213.] 
19: [312.] [311] 0 +1 [312.] 
20: [132.] [3.1] 1 =I [3.21] 
21: [13.2] [2.1] 0 -1 [2.31] 
22: [1.32] [ 1 1] 0 =1 [1.32] 
23: [.132] [..1] 0 =, [.132] 


Figure 10.8-A: Permutations in minimal-change order (left) and Gray code for mixed radix numbers 
with falling factorial base. The two rightmost columns give the place of change with the mixed radix 
numbers and its direction. Whenever digit p (=pos) changes by d = +1 (=dir) in the mixed radix 
sequence the element p of the permutation is swapped with its right (d = +1) or left (d = —1) neighbor. 


The Gray code for the mixed radix numbers with falling factorial base allows the computation of the 
permutations in minimal-change order in an elegant way. See figure which was created with 


the program [FXT: comb/perm-gray-ffact2-demo.cc). The algorithm is implemented in [FXT: class 
perm_gray_ffact2 in comb/perm-gray-ftact2.h : 


class perm_gray_ffact2 


i 
public: 


[fxtbook draft of 2008-January-19] 


10.8: Minimal-change orders from factorial numbers 245 


mixedradix_gray2 *mrg_; // loopless routine 

ulong n_; // number of elements to permute 

ulong *x_; // current permutation (of {0, 1, ..., n-1}) 

ulong *ix_; // inverse permutation 

ulong swi_, sw2_; // indices of elements swapped most recently 

public: 

perm_gray_ffact2(ulong n) 
: n_(n) 
x_ = new ulong[n_]; 
ix_ = new ulong[n_]; 
mrg_ = new mixedradix_gray2(n_-1, 0); // falling factorial base 
first(); 

} 

[--snip--] 


as first () 
mrg_->first(); 
for (ulong k=0; k<n_; ++k) x_[k] = ix_[k] =k; 
swi_=n_-1; sw2_=n_-2; 
The crucial part is the computation of the successor: 
a next () 


// Compute next mixed radix number in Gray code order: 
if ( false == mrg_->next() ) { first(); return false; } 
const ulong j = mrg_->pos(); // position of changed digit 


const int d = mrg_->dir(); // direction of change 
// swap: 
const ulong x1 = j; // element j 


const ulong i1 = ix_[x1]; // position of j 

const ulong i2 = i1+d; // neighbor 

const ulong x2 = x_[i2]; // position of neighbor 

x_[{ii] = x2; x_[i2] = x1; // swap2(x_[i1], x_[i2]); 
ix_[x1] = i2; ix_[x2] = il; // swap2(ix_[x1], ix_[x2]); 
swi_=i1; sw2_=i2; 

return true; 


} 


The class uses the loopless algorithm for the computation of the mixed radix Gray code, so it is loopless 
itself. An alternative (CAT) algorithm is implemented in [FXT: class perm_gray_ffact in 
gray-flact.h), we give just the routine for the successor: 


private: 


void swap(ulong j, ulong im) // used with next() and prev() 
{ 


const ulong x1 
const ulong il 
const ulong i2 


J; // element j 

ix_[x1]; // position of j 

i1 + im; // neighbor 

const ulong x2 = x_[i2]; // position of neighbor 

x_[il] = x2; _(i2] = x1;  // swap2(x_[i1], x_[i2]); 
ix_[x1] = 12; ix_[x2] = i1; // swap2(ix_[xi], ix_[x2]); 
swi_=i1; sw2_=i2; 


bd 


+ 
public: 
oo next () 
ulong j = 0; 
ulong m1 = n_- 1; // nine in falling factorial base 
ulong ij; 
while ( (ij=i_[j]) ) 
{ 
ulong im = i_[jl]; 
ulong dj = d_[j] + im; 
if ( dj>mi ) // == if ( (dj>m1) || (Clong)dj<o) ) 
i_[j] = -ij; 
else 


[fxtbook draft of 2008-January-19] 


246 Chapter 10: Permutations 


d_[j] = dj; 
swap(j, im); 
return true; 


--m1; 
+45; 


return false; 


} 


The routine for the predecessor (prev()) is obtained by replacing the statement ulong im = i_[j]; 
by ulong im = -i_[j];. The loopless routine computes about 80 million permutations per second, the 


CAT version about 110 million per second [FXT: |comb/perm-gray-ffact-demo.cc). Both are slower than 
the implementations given in section on page 


10.8.2 Permutations with rising factorial numbers 


permutation rfact pos dir inverse perm. 
0: [.123] [ie weed [.123] 
1: [1.23] [1i..] 0 +1 [1.23] 
2: [2.13] [ii1i.] 1 +1 [12.3] 
3: [.213] [.1.] 0 =I. [.213] 
4: [12.3] [.2.] 1 +1 [2.13] 
5: [21.3] fety 2.5. 0 +1 [21.3] 
6: [31.2] [121] 2 +1 [213.] 
Cs [13.2] [.21] 0 =1 [2.31] 
8: [.312] [.11] 1 =I [.231] 
9: [3.12] [iii] 0 +1 [123.] 
10: [1.32] [1i.1] 1 =I [1.32] 
11: [.132] [..1] 0 =, [.132] 
12: [.231] [..2] 2 +1 [.312] 
13: [2.31] [1.2] 0 +1 [13.2] 
14: [eB n i223 dy J [112] 1 +1 [132.] 
15: [.321] [.12] 0 =. [.321] 
16: [23.1] [.22] 1 +1 [23.1] 
17: [32.1] [122] 0 +1 [231.] 
18: [321.] [123] 2 +1 [321.] 
19: [231.] [233° J 0 -1 [32.1] 
20: [132.] [.13] au ml, [3.21] 
21: [312.] [113] 0 +1 [312.] 
22: [213.] [1.3] 1 =1 [31.2] 
23: [123. ] [. 3 ] 0 =. [3.12] 


Figure 10.8-B: Permutations in minimal-change order (left) and Gray code for mixed radix numbers 
with rising factorial base. For even n the first and last permutations are cyclic shifts by one of each other. 


Figure|10.8-B]shows a Gray code for permutations based on the Gray code for numbers in rising factorial 
base. The ordering coincides with Heap’s algorithm (see ae on page |234) for up to four ele- 
ments. A recursive construction for the order is shown in figure |10.8-C} The figure was created with the 


program [F XT: |comb/perm-gray-rfact-demo.cc, (see also [FXT: comb act 2perm- demo.cc)). A constant 


amortized time (CAT) algorithm for generating the permutations is : class perm_gray_rfact in 
comb/perm-gray- Sa hi: 


class perm_gray_rfact 


{ 
public: 

mixedradix_gray *M_; // loopless routine 

ulong n_; // number of elements to permute 

ulong *x_; // current permutation (of {0, 1, ..., n-1}) 

ulong *ix_; // inverse permutation 

ulong swi_, sw2_; // indices of elements swapped most recently 
public: 

perm_gray_rfact(ulong n) 


: n_(n) 


[fxtbook draft of 2008-January-19] 


10.8: Minimal-change orders from factorial numbers 247 


append 3 
012 3 
perm(2)= 102 3 
01 201 3 ==> perm(4): 
10 021 3 0123 
120 3 1023 
append 2 210 3 2013 
O1 2 0213 
10 2 reverse and swap (3,2): 1203 
310 2 2103 
reverse and swap (2,1) 130 2 3102 
20 1 031 2 1302 
02 1 301 2 0312 
103 2 3012 
reverse and swap (1,0) 013 2 1032 
12 0 0132 
21 0 reverse and swap (2,1): 0231 
023 1 2031 
==> perm(3) 203 1 3021 
012 302 1 0321 
102 032 1 2301 
201 230 1 3201 
021 320 1 3210 
120 2310 
210 reverse and swap (1,0): 1320 
321 0 3120 
231 0 2130 
132 0 1230 
312 0 
213 0 
123 0 
Figure 10.8-C: Recursive construction of the permutations. 
x_ = new ulong[n_]; 
ix_ = new ulong[n_]; 
M_ = new mixedradix_gray(n_-1, 1); // rising factorial base 
first(); 
} 
[--snip--] 


ee first ( 


M_->first(); 
for (ulong k=0; k<n_; ++k) x_[k] = ix_[k] =k; 
swi_=n_-1; sw2_=n_-2; 


} 


Let j => 0 be the position of the digit changed with incrementing the mixed radix number, and d = +1 the 
increment or decrement of that digit. The swap to obtain the successor permutation swaps the element 
x1 at position 7 + 1 with the element x2 where 2 is lying to the left of x, and it is the greatest element 
smaller than x; for d > 0, and the smallest element greater than x; for d < 0: 


bool next () 
{ 


// Compute next mixed radix number in Gray code order: 
if ( false == M_->next() ) { first(); return false; } 
ulong j = M_->pos(); // position of changed digit 


if ( j<=1 ) // easy cases: swap == (0,j+1) 
{ 


const ulong i2 = j+1; // il == 

const ulong x1 = x_[0], x2 = x_[i2]; 

x_[0] = x2; x_[i2] = x1; // swap2(x_[ii], x_[i2]); 
ix_[x1] = i2; ix_[x2] = 0; // swap2(ix_[x1], ix_[x2]); 
swi_=0; sw2_=i2; 

return true; 


} 
else 
{ 
ulong i1 = jti, i2 = ii; 
ulong x1 = x_[i1], x2; 
int d = M_->dir(); // direction of change 
if ( d>0 ) 
x2 = 0; 


[fxtbook draft of 2008-January-19] 


248 Chapter 10: Permutations 


for (ulong t=0; t<il; ++t) // search maximal smaller element left 


ulong xt = x_[t]; 
if ( (xt < x1) && (xt >= x2) ) { 12=t; x2=xt; } 


} 
else 
x2 =n_; 
for (ulong t=0; t<il; ++t) // search minimal larger element 
ulong xt = x_[t]; 
if ( (xt > x1) && (xt <= x2) ) { i2=t; x2=xt; } 
} 
x_[ii] = x2; x_[i2] x1; // swap2(x_[i1], x_[i2]); 


ix_[x1] = i2; ix_[x2] 


swi_=i2; sw2_=ii1; 
return true; 


i1; // swap2(ix_[x1], ix_[x2]); 


} 
} 


There is a slightly more efficient algorithm to compute the successor using the inverse permutations: 
bool next() 


[--snip--] /* easy cases as before */ 
else 


ulong i1 = jti, i2 = i1; 
ulong x1 = x_[i1], x2; 
int d = M_->dir(); // direction of change 


if ( d>0 ) // in the inverse permutation search first smaller element left: 
for (x2=xi-1; ; --x2) if ( (i2=ix_[x2]) < ii) break; 
else // in the inverse permutation search first smaller element right: 
for (x2=xit+1i; ; ++x2) if ( (i2=ix_[x2]) < ii) break; 
[--snip--] /* swaps as before */ 


} 
The method is chosen by defining SUCC_BY_INV in the file [FXT:|comb/perm-gray-rfact.h|. About 68 mil- 


lion permutations per second are generated, about 58 million with the first method. 


10.8.3 Permutations with permuted factorial numbers 


The rising and falling factorial numbers are special cases of factorial numbers with permuted digits. We 
give a method to compute the Gray code for permutations from the Gray code for permuted (falling) 
factorial numbers. A permutation of the radices determines how often a digit at any position is changed: 
the leftmost changes most often, the rightmost least often. The permutations corresponding to the mixed 
radix numbers with radix vector [2,3,5,4], the falling factorial last two radices swapped, is shown in 
figure [FXT: \comb/perm-gray-rot1l-demo.cc|. The desired property of this ordering is that the 
last permutation is as close to a cyclic shift by one of the first as possible. With even n the Gray code 
with the falling factorial basis the last permutation is a shift by one. With odd n no such Gray code 
exists: the total number of transpositions with any Gray code is odd for all n > 1, but the cyclic rotation 
by one corresponds to an even number of transpositions. The best we can get is that the first e elements 
where e < n is the greatest possible even number. For example, 


1rs 


f last 
n=6: [O01 45 ] [123450] 
n=7: [01 456 ] [1234506] 
We use this ordering to show the general method [FXT: class perm_gray_rot1 in comb/perm-gray- 
rot Lh: 


class perm_gray_rot1 


rst 
23 
23 


ae 
public: 


[fxtbook draft of 2008-January-19] 


10.8: Minimal-change orders from factorial numbers 


249 


permutation swap xfact pos dir 

0: [242 3) 4] Lie Bow oe Vi [ 

1: [1.234] (0, 1) Pleees 203 Oo +1 [ 

2: [2.134] (0, 2) Deletes i J 1 +1 [ 

3: [.2134] (0, 1) [ss Li do ead Oo -1 [ 

4: [12.34] (0, 2) [ot 2s 1 +1 [ 

5: [21.34] (0, 1) Eee ee ere Oo +1 [ 

6: [21.43] (8, 4) Pott aed 2 +1 [ 

T: [12.43] (0, 1) fee Del sc) Oo -1 [ 

[--snip--] 

91: [3421.] (0, 1) [.243] Oo -1 [ 
92: [2431.] (, 2) [.143] Lee ood [ 
93: [4231.] (, 1) [1143] Oo +1 [ 
94: [3241.] (0, 2) [1.43] t =i [ 
95: [2341.] (0, 1) [..43] oO -1 [ 
96: [234.1] (3, 4) [as i 33° J 2: [ 
97: [324.1] (, 1) Et 233.) Oo +1 [ 

[--snip--] 

106: [314.2] (0, 2) Pl. 2-3-3 i eh [ 
107: [134.2] (0, 1) Pw 22.37) oO -1 [ 
108: [124.3] (1, 4) [..13] 2 Sh [ 
109: [214.3] (0, 1) Pile st23:.3 Oo +1 [ 
110: [412.3] (0, 2) [1113] 1 +1 [ 
111: [142.3] (0, 1) [.113] Oo -1 [ 
112: [241.3] (, 2) [2° 3°] 1 +1 [ 
113: [421.3] (, 1) PAT A2163<,) Oo +1 [ 
114: [321.4] (0, 4) Di De 2 3t 4) 2 ord [ 
115: [231.4] (0, 1) [ow 2) 2 3: ) Oo -1 [ 
116: [132.4] (0, 2) Ee doe 3] ie [ 
117: [312.4] (, 1) [ii.3] Oo +1 [ 
118: [213.4] (0, 2) [ 1 . 3] Tl [ 
119: [123.4] (0, 1) [. . 3] oO -1 [ 


B 
q 


BR: 


NNMNN-: 


0 Wi Bi is 


WWWWWWWWWWWWWW 


Be 


NN: 


NONMNN- 


BR. 
NON-: 


PRWWWWWWH 


BR: 


BR. 


NN: 


PPR PR RE: BR: 
NMNN-: 


BR: 
op BB BGR. 


2 
2 


B 


OWS AA RRA: 
Se — EEE 


os 


MNNNN 


RR. 


ee ee | ee 


a es | ee ee 9 


Figure 10.8-D: Permutations with mixed radix numbers with radix vector [2,3, 5,4]. 


mixedradix_gray *M_; // Gray code for factorial numbers 
ulong n_; // number of elements to permute 

ulong *x_; // current permutation (of {0, 1, ..., n-1}) 
ulong *ix_; // inverse permutation 


ulong swi_, sw2_; // indices of elements swapped most recently 
public: 

perm_gray_roti(ulong n) 

- Must have: n>=1 


n_=(n?n: 1); // at least one 

x_ = new ulong[n_]; 

ix_ = new ulong[n_]; 

M_ = new mixedradix_gray(n_-1, 1); // rising factorial base 


// apply permutation of radix vector with mixed radix number: 
if ( (n_ >= 3) && (n & 1) ) // odd n>=3 
a! 


ulong *m1i = M_->m1_; 
swap2(mi[n_-2], mi[n_-3]); // swap last two factorial nines 


first(); 


} 
[--snip--] 


The permutation applied here can be replaced by any permutation, the following update routines will 


still work: 
bool next () 
{ 


// Compute next mixed radix number in Gray code order: 
if ( false == M_->next() ) { first(); return false; } 


const ulong j = M_->pos(); // position of changed digit 


const ulong i1 = M_->m1i_[j]; // valid for any permutation of factorial radices 


[fxtbook draft of 2008-January-19] 


250 Chapter 10: Permutations 


const ulong x1 = x_[iil]; 
ulong i2=i1, x2; 
const int d = M_->dir(); // direction of change 


if (a0) // in the inverse permutation search first smaller element left: 
for (x2=x1-1;  ; --x2) if ( (i2=ix_[x2]) < ii) break; 


else // in the inverse permutation search first smaller element right: 
{ 
} 


x_[i1] = x2; x_[i2] 
ix_[xi] = i2; ix_[x2] 


swi_=i2; sw2_=i1; 


for (x2=x1i+1;  ; ++x2) if ( (i2=ix_[x2]) < ii) break; 


x1; // swap2(x_[ii], x_[i2]); 
i1; // swap2(ix_[x1], ix_[x2]); 


return true; 
} 
[--snip--] 


Note that instead of taking 7 + 1 as the position of the element to move, we take the value of the nine at 
the position 7. The special ordering obtained here can be used to construct a Gray code with the single 


track property, see section |10.10.2}on page [257] 


10.9 Orders where the smallest element always moves right 


10.9.1 A variant of Trotter’s construction 


An ordering for the permutations where the first element always moves right can be obtained by the 


interleaving process shown in figure|10.9-A} The process is the same as that for Trotter’s order shown in 
figure}10.7-Blon page but without changing the directions. The second half of the permutations is the 
reversed list of the reversed permutations in the first half. The permutations are shown in figure|10.9-B| 

L0.3-Al 


they are the inverses of the permutations corresponding to the falling factorial numbers, see figure 
on page An implementation is [FXT: class perm_mv0 in|comb/perm-mv0.h): 


class perm_mv0 


{ 
public: 
ulong *d_; // mixed radix digits with radix = [n-1, n-2, n-3, ..., 2] 
ulong *x_; // permutation 
ulong ect_; // counter for easy case 
ulong n_; // permutations of n elements 
public: 


perm_mvO(ulong n) 
// Must have n>=2 
{ 


n_ =n; 
d_ = new ulong[n_]; 
d_[n-1] = 1; // sentinel (must be nonzero) 
x_ = new ulong[n_]; 
first(); 
} 
{[--snip--] 


void first( 
{ 


for (ulong k=0; k<n_; ++k) x_[k] =k; 
for (ulong k=0; k<n_-1; ++k) d_[k] = 0; 
ect_ = 0; 
} 
[--snip--] 


The update process uses the falling factorial numbers. Let 7 be the position where the digit is incremented, 
and d the value before the increment. The update 


permutation ffact 
v-- increment at j=2 
[423510] [5411 .] <--= digit before increment is d=1 


[fxtbook draft of 2008-January-19] 


10.9: Orders where the smallest element always moves right 251 


P=[1, 2, 3] perm (4) == 
--> [0, 1, 2, 3] (0, 1, 2, 3] 
--> [1, 0, 2, 3] [1, 0, 2, 3] 
S2aSpSasseatensss = --> [1, 2, 0, 3] [1,.2,. 0, 3] 
P=[3] --> [1, 2, 3, 0] [dt 23.3), 09 
--> [2, 3] (0, 2, 1, 3] 
=>: [33:2] P=[(2, 1, 3] (2, 0, 1, 3] 
--> [0, 2, 1, 3] (2, 1, 0, 3] 
ma [2, 0, 1, 3] [2, 1, 3, 0] 
ea> [2, 1, 0, 3] [0, 2, 3, 1] 
--> [2, 1, 3, 0] (2, 0, 3, 1] 
(2, 3, 0, 1] 
P=[2, 3, 1] [2, 3, 1, 0] 
--> [0, 2, 3, 1] L0;.45-35. 2] 
SSS tse --> [2, 0, 3, 1] [1, 0, 3, 2] 
P=[2, 3] --> [2, 3, 0, 1] [L, -35-0, 2] 
==>) [15. 2;.-3] --> [2, 3, 1, 0] [1, 3, 2, 0] 
==> [2, 1, 3] (0, 3, 1, 2] 
=-> ([2,.°3;,. 1J P=[1, 3, 2] [3, 0, 1, 2] 
==? [O, 1, 3, 2] [3, 1, 0, 2] 
P=[3, 2] =e [15 0, 3, 2] [3, 1, 2, 0] 
--> [1, 3, 2] --> [1, 3, 0, 2] (0, 3, 2, 1] 
--> [3, 1, 2] --> [1, 3, 2, 0] [3, 0, 2, 1] 
--> [8, 2, 1] [3, 2, 0, 1] 
P=[3, 1, 2] [3, 2, 1, 0] 
--> [0, 3, 1, 2] 
--> [8, 0, 1, 2] 
--> [8, 1, 0, 2] 
--> [8, 1, 2, 0] 
P=[3, 2, 1] 
--> [0, 3, 2, 1] 
--> [8, 0, 2, 1] 
--> [8, 2, 0, 1] 
--> [8, 2, 1, 0] 


permutation ffact inv. perm. 

0: [.123] De [se 2035] 

1: Loh 3321.3) [i..] [ol 223) J] 

2: [12.3] P22e5. ae a [2.13] 

3: [2-3 4] [3..] [3.12] 

4: [.213] [gated [i (21.3% J 

5: [2:2 1 3.) eee een fot 2:4. -3.] 

6: [21.3] [21.] [2 t3. J 

7: [213.] [31.] ES. t-s-2° J 

8: [.231] [nw 2 Jac] [ee Bk 2-] 

9: [2.31] [12.] eine pic Hepreee ee 

10: [23.1] [22% 4] [23.1] 
11: [231.] [3-2 -.J b:.3:2 1] 
12: [.132] Essel J bee 153.20] 
13: [1.32] [i. 1] [1.32] 
14: [13.2] [2651-4] P32 9370, J 
15: [132.] [3.1] [3 2 Dt] 
16: [ox 8i bh .2°] eee ees ae Eo 2932. J] 
17: [3.12] [iii] PA 223) ae ol 
18: [31.2] [211] E213 2] 
19: [312.] [311] [312.] 
20: [.321] [4.21.4] Pes 2 tJ 
21: [3.21] [121] fed3-207 J 
22: [32.1] [22° 1] [231.] 
23: [321.] [321] [3° 24. J 


Figure 10.9-B: All permutations of 4 elements and falling factorial numbers used to update the permu- 
tations. Dots denote zeros. 


[fxtbook draft of 2008-January-19] 


252 Chapter 10: Permutations 


[014325] Lie a2 ts J 


is done in three steps: 


[423510] [5411.] 

[432510] [5421 .] move element at position d=1 to the right 
[**4325 ] [* * 21 .] move all but j=2 elements to end 
[014325] [i 21.4] insert identical permutation at start 


We treat the first digit separately as it changes most often (easy case): 
bool next() 
if ( +tect_ < n_ ) // easy case 


swap2(x_[ect_], x_[ect_-1]); 
return true; 


else 


ect_ = 0; 
ulong j = 1; 
ulong mi =n_- 2; // nine in falling factorial base 


while ( d_[j]==m1 ) // find digit to increment 


if ( j==n_-1 ) return false; // current permutation is last 


const ulong dj = d_[jl]; 

d_[j] = dj + 1; 

// element at d[j] moves one position to the right: 
swap2( x_[dj], x_[dj+1] ); 


{ // move n-j elements to end: 
ulong s =n_-j, d=n_; 


do 
{ 
--s; 
--d; 
x_[d] = x_[s]; 
} 
while (s ); 


Bs 


// £i11 in 0,1,2,..,j-1 at start: 
for (ulong k=0; k<j; ++k) x_[k] =k; 


return true; 


} 
The routine generates about 160 million permutations per second [FXT: ;comb/perm-mv0-demo.cc). 


10.9.2 Ives’ algorithm 


An ordering where most of the moves are a move by one to the right of the smallest element is shown 
in figure With n elements only one in n(n — 1) moves is more than a transposition (only the 
update from 12 to 13 in figure|10.9-C). The second half of the list of permutations is the reversed list of 
the reversed permutations in the first half. The algorithm, given by Ives [139], is implemented in [FXT: 


class perm_ives in comb/perm-ives.h): 


class perm_ives 


{ 
public: 

ulong *p_; // permutation 

ulong *ip_; // inverse permutation 

ulong n_; // permutations of n elements 
public: 


perm_ives(ulong n) 


[fxtbook draft of 2008-January-19] 


10.9: Orders where the smallest element always moves right 253 


permutation inv. perm. 
1 12 


OODNMDOAPWNE 
WWW: NNN: RPREH-: 

NN: BRE: Www 
WHF: WHE: WNE: 
/ BRED 

" PRPPNNNWWW 


<< only update with more 
<< than one transposition 


" PRPRPNNRFPPNNNWWW: : - 
PNOWWW: -: 


Be ONY: WWW? FPREN: PRE: WWW: NN 

"PRPs OUNN: WWW: 

SS ee ee ee ee ee ae ee ee ee ee ee ee ee ee ee ee ee ee eee 

err rT oF ld he A a er ee ee Le eee 
" PPPNNNWWW: -: 

— ee ee ee ee ee ee ee ee ee ee ee ee eee ee ee ee ee ee eee 


WHR: WHR: WNHE- 


a 
w 

ome Mmmmamamam MMMM mmm 

NWWW: - 


NN: WWW: BRE- 
PENMNNWWW: : - 


Figure 10.9-C: All permutations of 4 elements in an order by Ives. 


e Must have: n >= 2 


n_ = 0; 
p_ = new ulong[n_]; 
ip_ = new ulong[n_]; 


first(); 


} 
[--snip--] 
The computation of the successor is 
bool next () 
{ 


ulong el = 0, u=n_- 1; 


do 

{ 
const ulong i1 = ip_[e1]; 
const ulong i2 = (il==u ? el : iit1 ); 
const ulong e2 = p_[i2]; 


p_[i1] = e2; p_[i2] = e1; 
ip_[e1] = i2; ip_[e2] = il; 


if ( (p_[ei]!=e1) || (p_[u]!=u) ) return true; 


} 
while (u> el); 
return false; 


[--snip--] 


The rate of generation is about 180 M/s [FXT: comb/perm-ives-demo.cc]. Using arrays instead of pointers 


increases the rate to about 190 M/s. 


As the easy case with the update (when just the first element is moved) occurs so often it is natural to 
create an extra branch for it. When the define for PERM_IVES_OPT is made before the class definition 
then a counter is created: 


class perm_ives 


[--snip--] 

ulong ctm_; // aux: counter for easy case 

ulong ctm0O_; // aux: start value of ctm == n*(n-1)-1 
{[--snip--] 


[fxtbook draft of 2008-January-19] 


254 Chapter 10: Permutations 


When the counter is nonzero the following update can be used: 
bool next() 


if ( ctm_-- ) // easy case 


ip_[0]; // e1 == 
const ulong i2 (ii==n_-1 7? 0 : i1t1); 
const ulong e2 = p_[i2]; 

p_[i1] = e2; p_[i2] = 0; 

ip_[0] = i2; ip_[e2] = i1; 

return true; 


const ulong il 


ctm_ = ctm0_; 


[--snip--] // rest as before 


When arrays are used a minimal speedup is obtained (rate 192 M/s), when pointers are used, the effect 
is a notable slowdown (rate 163 M/s). 


The greatest speedup is obtained by a modified condition in the loop: 


if ( (p_[e1]*e1) | (p_[u]*u) ) return true; 
// same as: if ( (p_[e1]!=e1) || (p_[u]!=u) ) return true; 


The rate is increased to almost 194 M/s. This optimization is activated by defining PERM_IVES_OPT2. 


10.10 Single track orders 


ermutation 


H 
B 
- 4 
ue) 
5 


* PRPNWWNY 


ONDNAORWNYRO 
» PPENWWNWNEENW 
/ MUNBR. .- 
/ NMNWNWWHEENE 
es ee ee ee ee ee ee ee ee ee ee ee ee ee ee ee 


» UNER- 


" PPNWWNWNFENWNWWNEE 
* PPNYNWW: 


DY a a 


* MUNBR- 
Be PRPwWWw: Ww: 


* PPNNWW: 
NBe NBs Bs WR: WOW WN: WNWNHFWNE O 


Pp 
[ 
[ 
[ 
[ 
[ 
[ 
[ 
[ 
[ 
[ 
[ 

11: [ 
[ 
[ 
[ 
[ 
[ 
[ 
[ 
[ 
[ 
[ 
[ 
[ 


a | | | | | | | | | 
mmm om etm eee eee teeter 


WWWWWWNHNNNNNRPRPRRPRER: + + = - 


phe pe fe ee pe ew pp es es 
WWWWWWNHNNNNNRPRPRPRPERER: © + 2 2 


eee ea oT oe eo oo oe oe le 
NNER. 


PENWWNWNEENWNWWNRE: © eres 
WNEENWNWWNEE: + +e: 


NWWNRFR: + + es 
PMN: 


Figure 10.10-A: Permutations of 4 elements in single track order. Dots denote zeros. 


Figure |10.10-A]shows a single track order for the permutations of four elements. Each column in the list 
of permutations is a cyclic shift of the first column. A recursive construction for the ordering is shown 


in figure |10.10-B| The figure was created with the program [FXT: which uses 


[FXT: class perm_st in 


class perm_st 


Ae: 

public: 
ulong *d_; // mixed radix digits with radix = [2, 3, 4, ..., n-1, (sentinel=-1)] 
ulong *p_; // permutation 


[fxtbook draft of 2008-January-19] 


10.10: Single track orders 255 


23 <--= permutations of 2 elements 

32 

11 23 32 <--= concatenate rows and prepend new element 
112332 <--= shift 0 

321123 <--= shift 2 

233211 <--= shift 4 


000000 112332 321123 233211 <--= concatenate rows and prepend new element 


000000 112332 321123 233211 <--= shift 0 
233211 000000 112332 321123 <--= shift 6 
321123 233211 000000 112332 <--= shift 12 
112332 321123 233211 000000 <--= shift 18 


Figure 10.10-B: Construction of the single track order for permutations of 4 elements. 


ulong *pi_; // inverse permutation 


ulong n_; // permutations of n elements 
public: 

perm_st(ulong n) 

{ 
n_ =n; 
d_ = new ulong[n_]; 
p_ = new ulong[n_]; 
pi_ = new ulong[n_]; 
d_[n-1] = -1UL; // sentinel 
first(); 

} 

[--snip--] 


The first permutation is in enup order (see section on page|175): 


const ulong *data() const { return p_; } 
const ulong *invdata() const { return pi_; } 
pe first() 


for (ulong k=0; k<n_-1; ++k) d_[k] = 0; 
for (ulong k=0, e=0; k<n_; ++k) 


{ 
p_[k] = e; 
pi_[e] = k; 
e = next_enup(e, n_-1); 
} 
} 
[--snip--] 


The swap with the inverse permutations are determined by the rightmost position 7 changing with mixed 
radix counting with rising factorial base. We write —1 for the last element, —2 for the second last, and 
so on: 


J 

0: (-2,-1) 

1: (-3,-2) 

2: (-4,-3) (-2,-1) 

3: (-5,-4) (-3,-2) 

4: (-6,-5) (-4,-3) (-2,-1) 

5: (-7,-6) (-5,-4) (-3,-2) 

ji (-j-2, -j-1) ... (-2-(j%1), -1-(5j%1)) 


The computation of the successor is CAT: 
ro next () 
// increment mixed radix number: 
ulong j = 0; 
while ( d_[j]==j+1 ) { d_[j]=0; ++j; } 


if ( j==n_-1 ) return false; // current permutation is last 
++d_[j]; 


for (ulong ei=n_-2-j, e2=el+1; e2<n_; e1+=2, e2+=2) 


[fxtbook draft of 2008-January-19] 


256 Chapter 10: Permutations 


pi_[ei]; // position of element el 
pi_[e2]; // position of element e2 


const ulong il 
const ulong i2 


pi_fe1] = i2; 
pi_fe2] = i1; 
p_[i1] = e2; 
p_[i2] = e1; 


} 


return true; 


All swaps with the inverse permutations are of adjacent pairs. The reversals of the first half of all 
permutations lie in the second half, the reversal of the k-the permutation lies at position n! —1—k 


ermutation 


# 
B 
- 4 
ne] 
5 


* MNWWRE 


* PRPNWWYNY 
WH: WN: Ns FPN: Fe FPWs FPWRWNHRFWN O 


* PRPNWWNWNRFRENW 


=| —_ =—_e_— ee — e — — ee  S  — ee 
/ NNBR.- - 


WWWWWWNHNNNNNRPRPRRERER=: = + 2 8 
* WWRWRENNW SB 


ODNAOBPWNHrFO 
WY a a a a a 


» NUNBR- 


“PP NOWWNWNFENWNHNWWNEE 
* MNWWEeE-: 


* MUNBR- 
"Ms MONRR: B- 


* VMNWWHEFe: 


Pp 
[ 
[ 
[ 
[ 
[ 
[ 
[ 
[ 
[ 
[ 
[ 

11: [ 
[ 
[ 
[ 
[ 
[ 
[ 
[ 
[ 
[ 
[ 
[ 
[ 


a ee | | | | | | | 
mmm om eee eo eee ete 


Re pee Pe pk pe pee pe SS pe pe pO pe 
PRERPEPPRPWWWWWWNNNNNN::: =: >: 


FPENWWNWNEENWNWWNEE: se eee 
WNEENWNWWNEE: + +e: 
| amos | me | came | ame | am | ae | pm | | came: | coe | ame | a | came | a | | | ee | cee | eee: | foe | a | ee | es | ee | 


NWWNRE. sees 
NNER. 


Figure 10.10-C: Permutations of 4 elements in single track order starting with the identical permutation. 


The single track property is independent of the first permutation, one can start with the trivial permu- 
tation using 


void first_id() // start with identical permutation 


0 


for (ulong k=0; k<n_-1; ++k) d_[k] = 0; 
= pi_[k] =k; 


for (ulong k=0; k<n_; ++k) p_[k] 
} 
The ordering obtained is shown in figure|10.10-C} The reversal of the k-the permutation lies at position 
(n!)/2 +k. About 85 million permutations per second can be generated. 


10.10.1 Construction of all single track orders 


A construction for a single track order of n+ 1 elements from an arbitrary ordering of n elements is shown 
in figure (for n = 3 and lexicographic oder). Thereby we obtain as many single track orders 
for the permutations of n elements as there are orders of the permutations of n — 1 elements, namely 
((n — 1)!)!. One can apply cyclic shifts in each blocks as shown in figure The shifts in the first 
(n — 1)! positions (first blocks in the figure) determine the shifts for the remaining permutations. Now 
there are n different cyclic shifts in each position. Indeed all single track orderings are of this form, so 
their number is 


N.(n) = ((n—1))! nv! (10.10-1) 


[fxtbook draft of 2008-January-19] 


10.10: Single track orders 257 


112233 

231312 <--= permutations of 3 elements in lex order (columns) 

323121 

000000 112233 231312 323121 <--= concatenate rows and prepend new element 
000000 112233 231312 323121 <--= shift 0 

323121 000000 112233 231312 <--= shift 6 

231312 323121 000000 112233 <--= shift 12 

112233 231312 323121 000000 <--= shift 18 


Figure 10.10-D: Construction of a single track order for permutations of 4 elements from an arbitrary 
ordering of the permutations of 3 elements. 


single track ordering modified single track ordering 
eee 112233 231312 323121 21.113 1.333. .212.1 332.22 
S23121.- esses 112233 231312 1.333. .212.1 332.22 21.113 
231312 323121 ...... 112233 .212.1 332.22 21.113 1.333. 
112233 231312 323121 ...... 332.22 21.113 1.333. .212.1 
000000 210321 <--= cyclic shifts 


Figure 10.10-E: In each of the first (n — 1)! permutations in a single track ordering (first block left) an 
arbitrary rotation can be applied (first block right), leading to a different single track ordering. 


The number of single track orders that start with the identical permutation, and where the k-th run of 
(n — 1)! elements starts with & (and thereby all shifts between successive tracks are left shifts by (n — 1)! 
positions) is 


N,(n)/n! = ((n—1)!—1)t nV (10.10-2) 


10.10.22 A single track Gray code 


[.1234] [1234.] [234.1] [34.12] [4.123] 
[1.234] [.2341] [2341.] [341.2] [41.23] 
[2.134] [.1342] [1342.] [342.1] [42.13] 
[.2134] [2134.] [134.2] [3-4 2 1] [4.213] 
[12.34] [2.341] [.3412] [3412.] [412.3] 
[21.34] [1.342] [.3421] [3421.] [421.3] 
[31.24] [1.243] [.2431] [2431.] [431.2] 
[13.24] [3.241] [.2413] [2413.] [413.2] 
[.3124] [3124.] [124.3] [24.31] [4.312] 
[3.124] [.1243] [1243.] [243.1] [43.12] 
[1.324] [.3241] [3241.] [241.3] [41.32] 
[.1324] [1324.] [324.1] [24.13] Pa. 432°] 
[.2314] [2314.] [314.2] [14.23] [4.231] 
[2.314] [.3142] [3142.] [142.3] [42.31] 
[3.214] [.2143] [2143.] [143.2] [43.21] 
[.3214] [3214.] [214.3] [14.32] [4.321] 
[23.14] [3.142] [.1423] [1423.] [423.1] 
[32.14] [2.143] [.1432] [1432.] [432.1] 
[321.4] [21.43] [1.432] [.4321] [4321.] 
[231.4] [3b 42-4 [1.423] [.4231] [4231.] 
[132.4] [32.41] [2.413] [.4132] [4i132.] 
[312.4] [12.43] [2.431] [.4312] [4312.] 
[213.4] [13.42] [3.421] [.4213] [4213.] 
[123.4] [23.41] [3.412] [.4123] [4123.] 


Figure 10.10-F: A cyclic Gray code for the permutations of 5 elements with the single track property. 


A Gray code for permutations that has the single track property can be constructed by using a Gray 
code for the permutations of n — 1 elements if the first and last permutation _are cyclic shifts by one 
position of each other. Such Gray codes exist for even lengths only. Figure pore ors a single track 
Gray code for n = 5. For even n we use a Gray code where all but the last element are cyclically shifted 


[fxtbook draft of 2008-January-19] 


258 Chapter 10: Permutations 


[--Gr 


< 
ct 
n 


1: [012345] 
2: [102345] 
3: [201345] 
4: [021345] 
5: [120345] 
[--Gray transitions only--] 
116: [231045] 
117: [132045] 
118: Lei204.5 ] 
119: [213045] 
120: [123045] 
121: {123450] << (, 4, 5) 
[--Gray transitions only--] 
240: [230451] 
241: [234501] << (, 4, 5) 
[--Gray transitions only--] 
360: [304512] 
361: [345012] << (, 4, 5) 
[--Gray transitions only--] 
480: [045123] 
481: [450123] << (, 4, 5) 
[--Gray transitions only--] 
600: [451230] 
601: [501234] << (O, 4, 5) 
ay transition 
[ 12304 
[ 12345 


] 
] << (0, 4, 5) 


ou 


Figure 10.10-G: The single track ordering for odd n with the least number of transpositions contains 
n — 1 extra transpositions. Here the non-Gray transitions are cycles between the elements 0, 4, and 5. 


between the first and last permutation. Such a Gray code is given in section |10.8.3] on page [248] The 
resulting single track order is as close to a yo code as possible, just n — 1 extra transpositions occur 


for all permutation of n elements, see figure|10.10-G| The listings were created with the program [FXT: 
comb/perm-st-gray-demo.cc) which uses [FXT: class perm_st_gray in comb/perm-st-gray.h : 


class perm_st_gray 


{ 
public: 
perm_gray_rot1 *G; // underlying permutations 
ulong *x_; // permutation 
ulong *ix_; // inverse permutation 
ulong n_; // number of elements 


ulong sct_; // count cyclic shifts 


public: 
perm_st_gray(ulong n) 
// Must have n>=2 
{ 


n_ = (n>=2 7? n: 2); 

G = new perm_gray_roti(n-1); 
x_ = new ulong[n_]; 

ix_ = new ulong[n_]; 
first(); 


} 
[--snip--] 
ae first() 


G->first(); 
for (ulong j=0; j<n_; ++j) ix_[j] = x_[j] = j; 
sct_ = n_; 


} 
We define two auxiliary routine to swap elements by their value and by their positions: 


private: 
void swap_elements(ulong x1, ulong x2) 
{ 
const ulong il = ix_[x1], i2 = ix_[x2]; 
x_[i1] = x2; x_[i2] = x1; // swap2(x_[i1], x_[i2]); 


[fxtbook draft of 2008-January-19] 


10.11: Star-transposition order 259 


ix_[x1] = i2; ix_[x2] = il; // swap2(ix_[x1], ix_[x2]); 
} 
void swap_positions(ulong i1, ulong i2) 

const ulong x1 = x_[ii], x2 = x_[i2]; 

x_[i1] = x2; x_[i2] = x1; // swap2(x_[i1], x_[i2]); 


ix_[x1] = i2; ix_[x2] = il; // swap2(ix_[x1], ix_[x2]); 
} 


The update routine consists of two cases. The frequent case is the update via the underlying permutation: 


public: 
oe next () 


bool q = G->next(); 
if (q) // normal update (in underlying permutation of n-1 elements) 


ulong i1, i2; // positions of swaps 
G->get_swap(il, i2); 


// rotate positions according to sct: 
il += sct_; if ( i1>=n_) il-=n_; 
i2 += sct_; if ( i2>=n_ ) i2-=n_; 


swap_positions(il, i2); 
return true; 


} 
The infrequent case happens when the last underlying permutation is encountered: 
else // goto next cyclic shift (once in (n-1)! updates, n-1 times in total) 


G->first(); // restart underlying permutations 
--sct_; // adjust cyclic shift 
swap_elements(0, n_-1); 


if ( 0==(n_&1) ) // n even 
if ( n_>=4 ) swap_elements(n_-2, n_-1); // one extra transposition 


return ( O!=sct_ ); 


10.11 Star-transposition order 


The permutations can be ordered so that successive permutations differ by a swap of the element at the 
first position with some other element (star transposition), figure ee algorithm for the generation 
of such an ordering is given in [157]. The implementation of the algorithm, ascribed to Gideon Ehrlich, 
is given in [FXT: class perm_star in|comb/perm-star.h. The generation of the inverse permutations 
is an option that is activated by the #define PERM_STAR_WITH_INVERSE. If the successive permutations 
differ by a transposition 


swap2(a_[0], a_[swp_]); 
then the inverse can be updated as 
swap2(ia_[a_[0]], ia_la_[swp_]]); 


Note that in the sequence of the inverse permutations the zero is always moved. In the list of the inverse 
permutations the reversed permutations of the first half are in the second half. 


The listing shown in figure]10.11-A]can be obtained with [FXT: . About 77 mil- 


lion permutations per second are generated and about 115 million when the inverse permutation is not 
computed. If the only the swaps are of interest then use [FXT: class perm_star_swaps in 
whose update routine works at a rate about 158 million per second [FXT: 
swaps-demo.cc) 


[fxtbook draft of 2008-January-19] 


260 Chapter 10: Permutations 


permutation swap inverse p. 

O: [.123] [.123] 

1: Li. 23 ] (O, 1) [0.293] 

2: [2. 1-3-] (O, 2) [12.3] 

3: [.213] (O, 1) [ys 22 3: J 

4: [12.3] (O, 2) [2.13] 

5: b21..3 (O, 1) [21.3] 

6: [3 tg 72: 4] (O, 3) [213.] 

T: [.132] (O, 2) [.132] 

8: [t..3 25] (O, 1) [1.32] 

9: [3.12] (O, 2) [123 .] 

10: [.312] (O, 1) [.231] 
11: [13.2] (O, 2) [2.31] 
12: [ 2 3 1] (O, 3) [2°3.. 4] 
13: [ee2 « do (O, 1) [231.] 
14: be 23.1] (O, 2) [ig 31.2) 
15: [2.31] (O, 1) [1-3 42] 
16: [3.21] (O, 2) [132.] 
17: [.321] (O, 1) [3-22 J 
18: [132.] (O, 3) £3.22 J 
19: [231.] (O, 2) [3.25 2) 
20: [321.] (O, 1) [321.] 
21: bat 2372 (O, 2) [3.12] 
22: [213.] (O, 1) [31.2] 
23: (312. ] (O, 2) [312.] 


Figure 10.11-A: The permutations of 4 elements in star-transposition order. Dots denote zeros. 


10.12 Derangement order 


The derangement order for permutations is characterized by the fact that two successive permutations 
have no element at the same position, as shown in figure |10.12-A| The listing was created with the 


program [FXT: comb/perm-derange-demo.cc]. There is no such sequence for n = 3. The implementation 
of the underlying algorithm is |FXT: class perm_derange in comb/perm-derange.h): 


class perm_derange 


ee 

public: 
ulong n_; // number of elements 
ulong *x_; // current permutation 


ulong ctm_; // counter modulo n 
perm_trotter* T_; 


public: 
perm_derange(ulong n) 
// Must have: n>=4 
// n=2: trivial, n=3: no solution exists, n>=4: ok 


{ 


n 


n; 
x_ = new ulong[n_]; 

T.. new perm_trotter(n_-1); 
first(); 


[--snip--] 
The routine to update the permutation is 


bool next () 
{ 


++ctm_; 
if ( ctm_>=n_ ) // every n steps: need next perm_trotter 
{ 

ctm_ = 0; 


if ( ! T_->next() ) return false; // current permutation is last 
const ulong *t = T_->data(); 

for (ulong k=0; k<n_-1; ++k) x_[k] = t[k]; 

x_m_-1] = n_-1; // last element 


aa // rotate 


[fxtbook draft of 2008-January-19] 


10.12: Derangement order 261 


permutation inverse perm. 
0: [.123] [.123] 
1: [3.12] [123.] 
2: [123.] CS. td 
3: [23.1] [23.1] 
4: [1.23] [1.23] 
5: [31.2] [213.] 
6: [.231] L.ei23] 
7: [231.] [32.1] 
8: [12.3] [2.13] 
9: [312.] [312.] 
10: [2.31] rt 3424 
11: [.312] [.231] 
12: [21.3] [21.3] 
13: [321.] [321.] 
14: [1.32] Ei. 3 2] 
15: [.321] [.321] 
16: [2.13] [12.3] 
17: [32.1] [231.] 
18: [.132] [f.132] 
19: f[132.] [3.21] 
20: [.213] [.213] 
21: [3.21] [1i132.] 
22: [213.] rot. 24 
23: [13.2] [2.31] 


Figure 10.12-A: The permutations of 4 elements in derangement order. 


if ( ctm_==n_-1 ) rotate_lefti(x_, n_); 
else // last two elements swapped 
{ 
rotate_right1(x_, n_); 
if ( ctm_==n_-2 ) rotate_right1(x_, n_); 
} 
return true; 


} 


The routines rotate_right1() and rotate_last() rotate the array x_[] by one position [FXT: 
perm/rotate.h). These rotations are the performance bottleneck, the cost of one update of a length- 
nm permutation is proportional to n. Still, about 35 million permutations per second are generated for 
n= 12. 


Derangement order for even n 


An algorithm for the generation of permutations via cyclic shifts suggested in generates a derange- 
ment order if the number n of elements is even, see figure An implementation of the algorithm, 
following [157], is [FXT: class perm_rot in comb/perm-rot.h}. For odd n the number of times that 
the successor is not a derangement of the predecessor equals ((n + 1)/2)! —1. The program [FXT: 


comb/perm-rot-demo.cc| generates the permutations and counts those transitions. 
An alternative ordering with the same number of transitions that are no derangements is obtained via 
mixed radix counting in falling factorial basis and the routine [FXT: comb/perm-rot-unrank-demo.cc 


void ffact2perm_rot(const ulong *fc, ulong n, ulong *x) 


// Convert falling factorial number fc[0, ..., n-2] into 
// permutation of x[0, ... ,n-1]. 
{ 


for (ulong k=0; k<n; ++k) xl[k] = 
for (ulong k=n-1, j=2; k!=0; --k, ++j) rotate_right(x+k-1, j, fc[k-1]); 
} 


Figure}10.12-C]shows the generated ordering for n = 4 and n = 3. The observation that the permutations 
in second ordering are the complemented reversals of the first leads to the unranking routine 


class perm_rot 


{ 


[fxtbook draft of 2008-January-19] 


Chapter 10: Permutations 


262 


Vv 

Vv 
Re ee ce ea 
YAN -ANx 
(0) 


OANM HL 


PT Ie ae ee ee se ee sae ae eee ee ee ee 
gMANd “MONA MNT “YN -ONNA SONG - 
DNA YMA HON *NNANA (NTA HON -YNNA 
a “MN “MNNANA MY) -NNANT MH ON 


DY I a I I PS 


r 


gAMMMmmmmmmmmmmmmmmmmmnn 
AM -ANMAN “MON HM HNM -NAMNNAG -: 
BNM FH SMANAMNN (NMA 7AM HN SMNA 


DY I a I PP PP 


tio 


=| 
q 
0) 
a, 


Figure 10.12-B: Permutations generated via cyclic shifts. The order is a derangement order for even n 


(left), but not for odd n (right). Dots denote zeros. 


Ce ee eae eee sea eee eae eae eae eee oe oe ot 
82M -ANTANM “NM -ANM HM -HANANM - 
DAM -HOM -HNHNM -M -HAHAM NM OO 
OS ACOs SC. aah MOOI: ALC Oo 
5 HAO PHAM CHAM CHAM CHAM CHAM 


DY SS PP I PP PP Ps 


> 
q 
‘d 


Ce en | UD DD ee De | 


p eo 8 © © © © © ee lll neon es ie woe Bin eee i oe Be ee ee Oe 
iS) 
Bt tt PAA ANANNN 8 8 CR MHHONNAAN 
HH 
H ANM -ANM CANM CANM CTANM (TNO 


DY a I 


DANMNHTNOONMDHDOANMNHTOON ODS 
AAA AHA HHHN 


The order is a 


Figure 10.12-C: Alternative ordering for permutations generated via cyclic shifts. 


derangement order for even n (left), but not for odd n (right). 


[fxtbook draft of 2008-January-19] 


10.13: Recursive algorithm for cyclic permutations 263 


ulong *a_; // permutation of n elements 
ulong n_; 
[--snip--] 
void goto_ffact(const ulong *d) 
// Goto permutation corresponding to d[] (i.e. unrank d[]). 
// af] must be a valid (falling) factorial mixed radix string. 


{ 
for (ulong k=0; k<n_; ++k) a_[k] =k; 
for (ulong k=n_-1, j=2; k!=0; --k, ++j) rotate_right(a_+k-1, j, d[k-1]); 
reverse(a_, n_); 
make_complement(a_, a_, n_); 
} 
[--snip--] 


Compare to the unranking for permutations by prefix reversals shown in section |10.4.2}on page [234] 


10.13 Recursive algorithm for cyclic permutations 


permutation inverse ffact-swp 
O: [.123] [.123] [oe 36 ] 
1: [.132] [.132] eee ee 
2: [.213] [.213] ality’ de eed] 
3: [23.1] L.312] Lei] 
4: [.321] [eS 22) Bad [over 2 se 
5: [.312] [.231] [.21] 
6: [1.23] [1.23] [1i. ] 
7: [1.32] [1.32] [1i.1] 
8: [12.3] [2.13] Lait. ] 
9: [123 .] [3.12] [iii] 
10: (132. ] [3.21] [12.] 
11: [13.2] [2.31] [121] 
12: [21.3] [21.3] [2. ] 
13: [213.] [31.2] [22.14] 
14: [2.13] [12.3] [21.] 
15: [2.3 2] [13.2] [211] 
16: [23.1] [23.1] [22.] 
age [231.] [32.1] [221] 
18: [312.] [312.] [3. ] 
19: [31.2] [213.] [3.1] 
20: [321.] [321.] [31.] 
21: [3.2.1] [231.] [311] 
22: [3.21] [132.] [32.] 
23: [3.12] [123.] [321] 


Figure 10.13-A: All permutations of 4 elements (left) and their inverses (middle), and their (swaps-) 
representations as mixed radix numbers with falling factorial basis. Permutations with common prefixes 
appear in succession. Dots denote zeros. 


A simple recursive algorithm for the generation of the permutations of n elements can be described as 
follows: Put each of the n element of the array to the first position and generate all permutations of n— 1 
elements. If n equals one, print the permutation. 


The order obtained is shown in figure}10.13-A] it corresponds to the alternative (swaps-) factorial repre- 
10.3.3 


sentation with falling basis, given in section on page [227| 


The algorithm is implemented in [FXT: class perm_rec in comb/perm-rec.h): 


class perm_rec 


— 
public: 
ulong *x_; // permutation 
ulong n_; // number of elements 


void (*visit_) (const perm_lex_rec &); // function to call with each permutation 
public: 


[fxtbook draft of 2008-January-19] 


264 Chapter 10: Permutations 


perm_rec(ulong n) 
{ 
ne 


n_ 3 
x_ = new ulong[n_]; 


} 


~perm_rec() 
{ delete [] x_; } 


void init() 


for (ulong k=0; k<n_; ++k) x_[k] =k; 


} 
void generate(void (*visit) (const perm_lex_rec &)) 
{ 

visit_ = visit; 

init; 


next_rec(0); 


The recursive function next_rec() is 


void next_rec(ulong d) 


{ 
if ( d==n_-1 ) visit_(*this); 
else 
const ulong pd = x_[d]; 
for (ulong k=d; k<n_; ++k) 
{ 
ulong px = x_I[k]; 
x_[k] = pd; x_[d] = px; // ="= swap2(x_[d], x_[k]); 
next_rec(d+1); 
; x_[k] = px; x_[d] = pd; // ="= swap2(x_[d], x_[k]); 
} 
} 
The algorithm works because at each recursive call the elements x[d],...,x[n-1] are in a different 


order and when the function returns the elements are in the same order as they were initially. With the 
‘for’-statement changed to 


for (ulong x=n_-1; (long)x>=(long)d; --x) 
the permutations would appear in reversed order. Changing the loop in the function next_rec() to 
for (ulong k=d; k<n_; ++k) 
{ 


swap2(x_[d], x_[k]); 
next_rec(d+1, qq); 


rotate_left1(x_td, n_-d); 
produces lexicographic order. 


A modified function generates the cyclic permutations (permutations consisting of exactly one cycle of 
full length, see section|108). The only change is to skip the case z = d in the loop: 


for (ulong k=d+1; k<n_; ++k) // omit k==d 
The cyclic permutations of five elements are shown in figure |{10.13-B| The program [FXT: 


was used to create the figures |10.13-A]and|10.13-B 


void visit(const perm_rec &P) // function to call with each permutation 


// Print the permutation 


} 

int 

main(int argc, char **argv) 

{ 
ulong n = 5; // Number of elements to permute 
bool cq = 1; // Whether to generate only cyclic permutations 
perm_rec P(n); 


if (cq ) P.generate_cyclic(visit) ; 
else P.generate(visit) ; 


[fxtbook draft of 2008-January-19] 


10.14: Minimal-change order for cyclic permutations 265 


permutation cycle inverse ffact-swp 
0: [1234.] (0, 1, 2, 3, 4) [4.123] [iiii] 
1: [124.3] (0, 1, 2, 4, 3) [3.142] [1121] 
2: [13.42] (0, 1, 3, 4, 2) [2.413] [1211] 
3: [1342.] (0, 1, 3, 2, 4) [4.312] [1221] 
4: [143.2] (0, 1, 4, 2, 3) [3.421] [1311] 
5: [14.23] (0, 1, 4, 3, 2) [2.341] [1321] 
6: [2.341] (0, 2, 3, 4, 1) [14.23] [2111] 
Cs [2.413] (0, 2, 4, 3, 1) [13.42] [2121] 
8: [2314.] (0, 2, 1, 3, 4) [42.13] [2211] 
9: [234.1] (0, 2, 4, 1, 3) [34.12] [2221] 
10: [2431.] (0, 2, 3, 1, 4) [43.21] [2311] 
11: [241.3] (0, 2, 1, 4, 3) [32.41] [2321] 
12: [32.41] (0, 3, 4, 1, 2) [241.3] [3111] 
13: [3241.] (0, 3, 1, 2, 4) [431.2] [3121] 
14: [3.142] (0, 3, 4, 2, 1) [124.3] [3211] 
15: [3.421] (0, 3, 2, 4, 1) [143.2] [3221] 
16: [34.12] (0, 3, 1, 4, 2) [234.1] [3311] 
17: [3412.] (0, 3, 2, 1, 4) [423.1] [3321] 
18: [423.1] (0, 4, 1, 2, 3) [3412.] [4111] 
19: [42.13] (0, 4, 3, 1, 2) [2314. ] [4121] 
20: [431.2] (0, 4, 2, 1, 3) [3241.] [4211] 
21: [43.21] (0, 4, 1, 3, 2) [2431.] [4221] 
22: [4.312] (0, 4, 2, 3, 1) [1342.] [4311] 
23: [4.123] (0, 4, 3, 2, 1) [1234. ] [4321] 


Figure 10.13-B: All cyclic permutations of 5 elements and the permutations as cycles, their inverses, 
and their (swaps-) representations as mixed radix numbers with falling factorial basis (from left to right). 


return 0; 


The routines generate about 57 million permutations and about 37 million cyclic permutations per sec- 
ond. 


10.14. Minimal-change order for cyclic permutations 


All cyclic permutations can be generated from a mixed radix Gray code with falling factorial base (see 
section[9.2|on page|210). Two successive permutations differ at three positions as shown in figure|10.14-A 
An constant amortized time (CAT) implementation is [FXT: class cyclic_perm in;comb/cyclic-perm.h/: 


class cyclic_perm 


{ 
public: 
mixedradix_gray *M_; 
ulong n_; // number of elements to permute 
ulong *ix_; // current permutation (of {0, 1, ..., n-1}) 
ulong *x_; // inverse permutation 
public: 
cyclic_perm(ulong n) 
: n_(n) 


ix_ = new ulong[n_]; 
x_ = new ulong[n_]; 


M_ = new mixedradix_gray(n_-2, 0); // falling factorial base 
first(); 


+ 
[--snip--] 


The computation of the successor uses the position and direction of the mixed radix digit changed with 
the last increment: 


private: 
void setup() 


[fxtbook draft of 2008-January-19] 


266 Chapter 10: Permutations 


fact.num. 


H- 


c 
WNORNOWFREFENWORWONNWEONHFOW O 


OU OO OOD QO OI Fe etre et 


PREFPABABNUNNOCOOBBRPRPRPOOORBNNN GA 
B 
oO 


ue] 
K 


BWWWREEEA BEE ENNNABRNNNWWWAO 
NVANNWWRWNUANNOCOROWRWWOOKROEK 
< 
a 


PNOWWNHE- 
FPOWNORFPNWNWORPORPNWREROWNFOWN EH 


ODNODOBPWNFO 


NO 
caeMeeoaeaseeaeaeeeaeeaeeeaeaeeeeeeaeaeaeeaeaea eo er 
Sa SS PS fy eee fe a ye fe 5 a fe Sy fe fy es | ee 
fen es 0 0 ee 0 0 0 ee ee ee 0 

PNWWNHE- BPNWWNHE- 

oe PREENNNNNNNNBFEEE-: 
= SS ee ee ee ee ee ee ee ee ee eee ee ee ee ee eee eee 
POV LOLOL LF NL LOL LL NLD LL NLR LON DNL LOL ONL LO 
SOS AD A AAA AAD AD DA A DB A A IR RAR 
WNORNOWHRENWORWONNWEONHFOWOD 
NOWRPORWONWORNNOWHRWNODROWNE 
SCPRNWWNKRCORNWWNKFOORNWWNHKO 
ee RY BY SY WY? WHY WY’ WY YY YY YY YY YY YY’ 


PRERERPRPRPRPRBRRBEE- 


. 


Figure 10.14-A: All cyclic permutations of 5 elements in a minimal-change order. 


const ulong *fc = M_->data() ; 
for (ulong k=0; k<n_; ++k) ix_[k] =k; 


for (ulong k=n_-1; k>1; --k) 
{ 
ulong z = n_-3-(k-2); // 0, ..., n-3 


ulong i = fc[z]; 
swap2(ix_[k], ix_[i]); 


} 
if ( n_>1) swap2(ix_[0], ix_[1]); 


make_inverse(ix_, x_, n_); 
} 
public: 
je first( 


M_->first(); 
setup(); 
} 


bool next () 
{ 


if ( false == M_->next() ) { first(); return false; } 
ulong j = M_->pos(); 


if ( j && (x_[0]==n_-1) ) // once in 2#n cases 


setup(); // work proportional n 
// only 3 elements are interchanged 


else // easy case 
{ 
int d = M_->dir(); 
ulong x2 = (M_->data())[j]; 
ulong xi x2 ds. 33.3 no-k: 
ulong il x_[x1], i2 = x_[x2], i3 = x_[x3]; 
swap2(x_[x1], x_[x2]); 
swap2(x_[x1], x_[x3]); 
swap2(ix_[i1], ix_[i2]); 
swap2(ix_[i2], ix_[i3]); 


} 


return true; 


[fxtbook draft of 2008-January-19] 


10.15: Permutations with special properties 267 


} 
[--snip--] 


The order so that the permutation is the same as if one would compute it via the function [FXT: 


ffact2cyclic() in \comb/fact2cyclic.cc| which is given in section |10.3.4] on page The listing in 
figure|10.14-A] was created with the program [FXT: comb/cyclic-perm-demo.cc). About 40 million per- 


mutations per second are generated. 


10.15 Permutations with special properties 


10.15.1 The number of certain permutations 


We discuss permutations with special properties, such as involutions, derangements, and permutations 
with prescribed cycle types. 


Permutations with m cycles: Stirling cycle numbers 


n: total m= 1 2 3 4 4 6 7 8 9 
1: 1 i 

2: 2 1 1 

3: 6 2 3 a 

4: 6 11 6 1 

5: 120 24 50 35 10 1 

6: 720 120 274 225 85 15 1 

T: 5040 720 1764 1624 735 175 21 1 

8: 40320 5040 13068 13132 6769 1960 322 28 1 

9: 362880 40320 109584 118124 67284 22449 4536 546 36 1 


Figure 10.15-A: Stirling numbers of the first kind s(n, m) (Stirling cycle numbers). 


The number of permutations of n elements into m cycles is given by the (unsigned) Stirling numbers of 
the first kind (or Stirling cycle numbers) s(n,m). The first few are shown in figure }10.15-A| which was 
created with the program [FXT: |comb/stirlingl-demo.cc|. One has s(1,1) = 1 and 


s(n,m) = s(n-—1,m—1)4+(n—-1)s(n—-1,m) (10.15-1) 
S/ s(n,m)e™ = [J e+m =e" (10.15-2) 
m=0 m=0 


A generating function is given as relation |35.2-71la| on page see also entry |A008275)| of 214]. The 


Stirling numbers of the second kind (Stirling set numbers) are treated in section|15.1jon page Many 
identities involving the Stirling numbers are given in [124) pp.243-253]. We note just a few, writing 
S(n,k) for the Stirling set numbers: 
x” = S~S(n,k) xt = S~ S(n,k) (-1)"-* 2* (10.15-3a) 
k=0 k=0 


where x 


k= ¢(x—1)(a@—2)---(@—k+1) and 2 =2(24+1)(4+2)--:(a+k—1). 


n 


wk = S°s(n,k)(-1)"* ak (10.15-3b) 
k=0 

g® = yale" (10.15-3c) 
k=0 


[fxtbook draft of 2008-January-19] 


268 Chapter 10: Permutations 


Further [124] p.296], with D := 4 and 0 = z4, we have the operator identities 


oe” = S° S(n,k)z* D* (10.15-4a) 
k=0 

zDD" = > a(n,k)(-1) * 0 (10.15-4b) 
k=0 


Permutations with prescribed cycle type 


A permutation of n elements is of type C = [c1, C2, ¢3,.--, Cn] if it has c, fixed points, c2 cycles of 
length 2, c3 cycles of length 3, and so on. The number Z,,c¢ of permutations of n elements with type C’ 
equals 


Znc = mM/(cy!eg!e3!... en! 14 2% 3% ... n°) (10.15-5) 
This relation is given in [87] p.233] which is a good source for identities of generating functions. We 


necessarily have n = 1c, +2co+...+n€p, that is, the c; correspond to a integer partition of n. 


Prefix conditions 


involutions up-down indecomposable derangements 

ae 1 2 3 4 1: 1 3 2 4 1: 23 4 1 1: 21 4 8 
2: 1 2 4 3 2: 1 4 2 3 2: 2 4 1 3 2: 23 4 1 
3: 13 2 4 3: 23 1 4 3: 243 1 3: 2 4 1 8 
4: 1 4 3 2 4: 2 4 1 38 4: 3 1 4 2 4: 3 1 4 2 
5: 213 4 5: 3 4 1 2 5: 3 2 4 1 5: 3 4 1 2 
6: 2 1 4 8 #perm = 5 6: 3 4 1 2 6: 3 4 2 1 
‘Ca 3 2 1 4 T: 3 4 2 1 Cs 4 1 2 3 
8: 3 4 1 2 8: 4 12 3 8: 4 3 1 2 
9: 4 2 3 1 9: 4 13 2 9: 4 3 2 1 
10: 43 2 1 10: 4 2 1 3 #perm = 9 
#perm = 10 11: 4 2 3 1 

12: 4 3 1 2 

13: 4 3 2 1 

#perm = 13 


Figure 10.15-B: Examples of permutations subject to conditions on the prefixes. From left to right: 
involutions, up-down permutations, indecomposable permutations and derangements. 


Some types of permutations can be generated efficiently by a routine that produces the lexicographically 
ordered list of permutations subject to conditions for all prefixes. The implementation (following [157]) 


is [FXT: class perm_restrpref in comb/perm-restrpref.h]. The condition (as a function pointer) has 
to be supplied upon creation of an instance of the class. The program [FXT: comb/perm-restrpref- 
demonstrates the usage, it can be used to generate all involutions, up-down, indecomposable, 


or derangement permutations, see figure|10.15-B}. 


Involutions 


The sequence I(n) of the number of involutions (self-inverse permutations) starts as (n > 1) 
1, 2, 4, 10, 26, 76, 232, 764, 2620, 9496, 35696, 140152, 568504, 2390480, 
This is sequence A000085) of [214]. Compute I(n) using the relation 
I(n) = In—1)+(n-1)I(n—2) (10.15-6) 
N=20; v=vector(N); 
v([t]=1; v[2]=2; 


for (n=3,N,v[n]=v[n-1]+(n-1)*v[n-2]); 
[1, 2, 4, 10, 26, 76, ] 


[fxtbook draft of 2008-January-19] 


10.15: Permutations with special properties 269 


The exponential generating function is 


S- “ = exp(«#+27/2) (10.15-7) 
k=0 , 


The relation is given in [247] p.85], as the special case m = 2 of the exponential generating function 


exp { 5 x*/d (10.15-8) 
d\m 
for the number permutations whose m-th power is identity. 
The corresponding condition function is 


bool cond_inv(const ulong *a, ulong k) 


{ 
ulong ak = alk]; 
if ( (ak<=k) && (alak]!=k) ) return false; 
return true; 

} 


Alternating permutations 


The alternating permutations (or up-down permutations) satisfy aj < a, > a2 < a3 >.... The condition 
function is 


bool cond_updown(const ulong *a, ulong k) 
// up-down condition: ai < a2 > a3 < a4>... 


if ( k<2 ) return true; 
if ( (k%2) ) ~return ( alk)<a[k-1] ) 
else return ( a[k]>a[k-1] ) 


} > 
Note that the routine is for the permutations of the elements 1,2,..., in a one-based array. 
The sequence A(n) of the number of alternating permutations starts as (n > 1) 

1, 1, 2, 5, 16, 61, 272, 1385, 7936, 50521, 353792, 2702765, 22368256, 


It is sequence |A000111 of [214], the sequence of the Euler numbers. The list can be computed using the 
relation 


A(n) = : 3 (" - ‘) A(k) A(n —1—k) (10.15-9) 


N=20; v=vector(N+1) ; 

v([O+1J=1; vfi+i]=1; v[2t+1]=1; \\ start with zero: v[x] == A(x-1) 

for (n=3 ,N,v[n+1]=1/2*sum(k=0 ,n-1,binomial (n-1,k)*v[k+1]*v[n-1-k+1])); v 
[1, 1, 1, 2, 5, 16, 61, 272, 


Indecomposable permutations 


The indecomposable (or connected) permutations satisfy, for k = 0,1,..., —1, the inequality of sets 


{ao, a1, ..., ax} A {0,1,..., k} (10.15-10) 


The condition function is 


ulong N; // set to n in main() 

bool cond_indecomp(const ulong *a, ulong k) 

// indecomposable condition: {a1,...,ak} != {1,...,k} for all k<n 
{ 


[fxtbook draft of 2008-January-19] 


270 Chapter 10: Permutations 


if ( k==N ) return true; 
for (ulong i=1; i<=k; ++i) if ( a[i]>k ) return true; 
return false; 


} 
The sequence C'(n) of the number of indecomposable permutations starts as (n > 1) 
1, 1, 3, 18, 71, 461, 3447, 29093, 273343, 2829325, 31998903, 392743957, 


This is sequence A003319 of 214]. Compute C(n) using 


n—1 


C(n) = n!— Sok C(n—-k) (10.15-11) 
k=1 


N=20; v=vector(N) ; 
for (n=1,N,v[n]=n!-sum(k=1,n-1,k!*v[m-k])); v 
[1, 1, 3, 13, 71, 461, 3447, ... ] 


Derangements 


A permutation is a derangement if a, # k for all k: 


bool cond_derange(const ulong *a, ulong k) 
// derangement condition: f[k]!=k for all k 


return ( a[k]!=k ); 


The sequence D(n) of the number of derangements starts as (n > 1) 
0, 1, 2, 9, 44, 265, 1854, 14833, 133496, 1334961, 14684570, 176214841, 


This is sequence A000166 of 214], the subfactorial numbers. Compute D(n) using either of 


D(n) = (n—1) [D(n—-1)+ D(n- 2) (10.15-12a) 

D(n) = nD(n—1)+(-1)” (10.15-12b) 
n n! 

Din) = Pa “Gow! (10.15-12c) 

D(n) = [(n!+1/2)/e| (10.15-12d) 


where e = exp(1). We use the recursion |10.15-12a 


N=20; v=vector(N); v{1]=0; v([2]=1; 
for (n=3,N,v[n]=(n-1)*(v[n-1]+v[n-2])); v 
(0, 1, 2, 9, 44, 265, 1854, 14833, ... ] 


10.15.2 Permutations with distance restrictions 


We present constructions for Gray codes for permutations with certain restrictions. These are computed 
from Gray codes of mixed radix numbers with factorial basis. We write p(k) for the position of the 
element k in a given permutation. 


Permutations where p(k) <k+1 


Let M(n) the number of permutations of n elements where no element can move more than one place to 
the right. We have M(n) = 2”~. A Gray code for these permutation is shown in figure|10.15-C}which was 


created with the program [FXT: comb/perm-right1l-gray-demo.cc). M(n) also counts the permutations 
that start as a rising sequence (ending in the maximal element) and end as a falling sequence. The 


recursion for the array in the leftmost column of figure}10.15-C]can be obtained by the recursion 


[fxtbook draft of 2008-January-19] 


10.15: Permutations with special properties 271 


ffact perm inv. perm ffact (inv) 

13 i a [04123] [02341] s 24a 
2: Be Bh dar [03124] [02314] e i ts 
3: rar eae [02134] [02134] as 
4: de ve [02143] [02143] « lis. 
5: gee te [01243] [01243] 2a & 
6: ; a [01234] [01234] ae 
T: ; 1. [01324] [01324] 2 & ds 
8: ye a [01423] [01342] «a Dd 
os Lie 2 [10423] [10342] 1.11 
10: : nr ee [10324] [10324] | er eae 
11: Le ae a He [10234] [10234] We a 
12: 1. 1 [10243] [10243] 1s 1 
13: 2s al [20143] [12043] 11 1 
14: 2 5 [20134] [12034] 11 

15: ‘er [30124] [12304] tii. 
16: 4. [40123] [12340] 1iii 


Figure 10.15-C: Gray code for the permutations of 5 elements where no element lies more than one 
place to the right of its position in the identical permutation. 


void Y_rec(ulong d, bool z) 


if ( d=n ) visit(); 
else 


a (z) // forward: 


// words 0, 10, 200, 3000, 40000, 
ulong k = 0; 
do 
{ 
ff[a] =k; 
Y_rec(d+k+1, !z); 
} 
while ( ++k <= (n-d) ); 
} 
a // backward: 


// words ..., 40000, 3000, 200, 10, 0 
ulong k = n-d+1; 
do 
{ 
——k; 
ff[d] =k; 
Y_rec(d+k+1, !z); 


} 
while (k !=0 ); 


The array ff (of length n) must be initialized with zeros and the initial call is Y_rec(O, true) ;. About 
85 million words per second are generated. In the inverse permutations (where no element is more than 
one place left of its original position) the swaps are adjacent end their position is determined by the 
ruler function. Thereby the inverse permutations can be generated using [FXT: class ruler_func in 


comb/ruler-func.h), described in section on page 


Permutations where k—1 < p(k) <k+1 


Let F(n) the number of permutations of n elements where no element can move more than one place to 
the left. Then F'(n) is the (n+ 1)-st Fibonacci number. A Gray code for these permutation is shown in 


figure|10.15-D]| which was created with the program [FXT: comb/perm-dist1-gray-demo.cc. 


[fxtbook draft of 2008-January-19] 


Chapter 10: Permutations 


272 


[me | cos | ces | | ee | | oe | cee | 
OWOWOMLM OW 
OWOMMMOOLMSH 
TOMO OMS HLO 
Nt I7dtMM OY 
FPO cia ced a 
AdanAnaaana 


lelolotoxokoxoxe) 


| | | | oe | | | 


ffact 


aero 
OMNMOODOUOMNMNOOWOW 
OOOWNHTHMNOODOMNHHWH 
AMA HPOL SHH twowo st 
HPIMMNMNANANNANANM OD 
FE AAAANAMMMMMMAN 
BOOCCOCOOCOnH AHH 
AAA AAA HOCCOO 


a | | | | oe | | 


Figure 10.15-D: Gray code for the permutations of 7 elements where no element lies more than one 


place away from its position in the identical permutation. The permutations are self-inverse. 


Ammo oor 
HILO LO HH LO LO HEH LO LO LO LO PH LO LO FH LO LO SH LO 


BEES CD 09.09 09 SLO LO 5 0:00) SP U9 LSE 09-07). 09.02 SILO LDS 
Be OIE Pa Me SED CANN. OU ON ENIEN, O20) STUD LOS? COTES 
AAAANNAANMNMPIMMNNANNA AAAS 


FOO QOD DS DDO VEE ATTEN UN ENO 9 
ANNAN AHA AAA ATAHOODOCOOOCCOCOCOOCCO 


DY I I 


marr aeea ee ae eee eneeea eee 
SPLO LO 00 0 LO LO SETHELOD LO LON LOD SSH LOD LODO) OY) LEO LEO SF SHLD 
LOPFPMMOLUOU MALOU ANN FOU AMMO MYM FLO LOH 
MMPHAPAHIMMAANPTINANMYMNADSAGPIMNYNA 
B DOO ONAN MMMM MANANMAAAOM 
BLANANNOCOCOCOOKH HHH HAAAAAA 
ANA ANAT HAHA HOODOO OOCOOCCOCOCOCO 


ee | | | | | | | | | | | | | | | OY | Be 


ee 
p Sn oe Be sist So Be Be 

8 ee er Oe do 
Pee ae pe Pom ACMI Cans Oe Nt at Gt oy CO Addn 


Figure 10.15-E: Gray code for the permutations of 6 elements where no element lies more than one 


place to the left or two places to the right of its position in the identical permutation. 


[fxtbook draft of 2008-January-19] 


10.15: Permutations with special properties 273 


Permutations where k —1< p(k) <k+d 


A Gray code for the permutations where no element lies more than one place to the left or d places to 
the right of its original position_can be obtained via the Gray codes for binary words with at most d 
successive ones given in section on page Figure |10.15-E|shows the permutations of 6 elements 


with d = 2, it was created with the program T: comb/perm-l1r2-gray-demo.cc,. The array shown 
leftmost in figure|10.15-E]can be generated via the recursion 


void Y_rec(ulong d, bool z) 


{ 
if ( d>=n ) visitQ; 
else 
const ulong w = n-d; 
a (z) 
if ( wl) { ffdJ=1; ff£[d+iJ=1; ff[d+2]=0; Y_rec(d+3, !z); } 
ff[d]J=1; ff[d+1]=0; Y_rec(d+2, !z); 
ff[d]=0; Y_rec(dt+i, !z); 
} 
else 
ff[d]=0; Y_rec(d+i, !z); 
ff[d]J=1; ff[d+1]=0; Y_rec(d+2, !z); 
if (wl) { ffdJ=1; ff[d+1iJ]=1; ff£[d+2]=0; Y_rec(d+3, !z); } 
} 
} 
} 


If the two lines starting if ( w>1 ) are omitted then the Fibonacci words are obtained. About 110 million 
words per second are generated. 


[fxtbook draft of 2008-January-19] 


274 Chapter 10: Permutations 


[fxtbook draft of 2008-January-19] 


275 


Chapter 11 


Subsets and permutations of a 
multiset 


11.1 Subsets of a multiset 


n == 630 
primes ={ 2 3 5 7] 
exponents =[ 1 2 1 1] 
d auxiliary products exponents change @ 
1: 1 [ 1 1 1 1 1] Le at ee ed 4 
2: 2 [ 2 i 1 1 1] Ete te © 3 0 
3: 3 - 28 -3. A 1 1] [.1..] 1 
4: 6 [ 6 3 1 1 1] [ii..] 0 
5: 9 [ 9 9 1 1 1-4 Le Qe nd 1 
6: 18 {[ 18 9 i 1 1] [12..] 0 
(3 5 [ 5 5 5 1 1] Ege ee de J 2 
8: 10 [ 10 5 5 1 1] [i.1.] 0 
9: 15 [ 15 15 5 1 1] [.11.] 1 
10: 30 [ 30 15 5 1 1] [ii1i.] 0 
ot: 45 [ 45 45 5 1 1] [.21.] 1 
12: 90 [ 90 45 5 1 1] [121.] 0 
13: 7 [ 7 7 7 7 1] Le ss tt] 3 
14: 14 {[ 14 7 7 7 1] bala ~« td 0 
15 21 [ 21 21 7 7 1] Ew tei J 1 
16 42 [ 42 21 7 7 cle [ii.1] 0 
17 63 [ 68 63 7 7 1] Eu. 2% tJ 1 
18 126 [126 63 7 7 1] [12.1] 0 
19 35 [ 35 35 35 7 1] Law tt] 2 
20 70 [ 70 35 35 7 1] [1.11] 0 
21 105 [105 105 35 7 1] [.111] 1 
22 210 [ 210 105 35 7 1] [iii1] 0 
23 315 [ 315 315 35 7 1] [.211] 1 
24 630 [ 630 315 35 7 1] [1211] 0 


Figure 11.1-A: Divisors of 630 = 2! - 3?-5!-7! generated as subsets of the multiset of exponents. 


A multiset is set where elements can be repeated. A subset of a set of n elements can be identified with 
the bits of all n-bit binary words. The subsets of a multiset can be obtained as mixed radix numbers: if 
the j-th element is repeated r; times then the radix of digit 7 has to be r; + 1. Thereby all methods of 
chapter [9]on page can be applied. 

-1 


As an example, all divisors of a number x whose factorization x = p° - p{!---p,"4' is known can 
be obtained via the length-n mixed radix numbers with radices [e9 + 1, e1 + 1,..., €n-1 + 1]. The 
implementation [FXT: class divisors in|mod/divisors.h) generates the subsets of the exponent-multiset 


[fxtbook draft of 2008-January-19] 


276 Chapter 11: Subsets and permutations of a multiset 


in counting order (figure}11.1-A]shows the data for « = 630). An auxiliary array T of products is updated 
with each step: if the changed digit (at position 7) became 1 then set t := Tj+1-p,;, else set t := T; - p;. 
Set T; = t for allO <i < j. A sentinel element T,, = 1 avoids unnecessary code. Figure was 


created with the program [FXT: |mod/divisors-demo.cc]. The computation of all products of k out of n 
given factors is described in section on page 


11.2 Permutations of a multiset 


(2, 2, 1) (6, 2) (tty. 15-1) 
1 oe a ht] 1 0 a ok aoe yg fs Es 223] 
2: Ea wth 21] Qi he ose tee Se te 1] 2: £2432] 
32 Es. 6-24.49) Si Pacis a. 122] 3: [£.213] 
4: [.1.12] 4: [~....1. 1] 4: [—.231] 
5: [~.1.21] Bs [Dawe wh oot. J 5: [£.312] 
6: [.11.2] 62 (bas ee doe ad 6: [.321] 
, Ea 1 222, J se. IDeis Sy ae he oe Sh 7: £1.23] 
8: [£.12.1] 8: Ds ee he «dad 8: [1.32] 
9: [.121.] 97 [Lane d.t.a ] 9: [12.3] 
10: [ee2. tt 102 Eade od ewe d 10: [423.2] 
114: [.214.1] 14s Loe gx Tee we Ro] 114: [13.2] 
12%) Mie 2d 123 [0 oe Bea ee Doe J 12: [132.] 
13: [1i..12] 13% “bee we dee Die J 13: [2.13] 
144: [~1i..21] 14: F.2d et awe ] 14: [2.31] 
15: - [ don Den 2] 16s Te ad ae ghey 15: [ 24 .°3:J 
16: [L1i.12.] 168 0. we Ge ee cee ae ed 16: [213.1] 
17 Pia 2. dt) 17s Babs ee 2 hae J] i7: [23 1] 
18% [te 2 2 18s Ds Dna my, Atk. oe ig: 23 12] 
19: [24s 2-2] 192% Pose ache ead 19: [3.12] 
20% “ht ton 2s J 20% Loe ds Hg eed 20: [3.21] 
2i: [112..] 202 fos Pd se ek aw J 21: [31.2] 
22: [12..1] 222 [tin eee we e Do] 22: [312 .] 
23: [12.1.] 23: [toe we a een dt J 23: [32.1] 
24: [121..] 24: [1....1..] 24: [321.] 
25: [2..11] 252 [tow of 1k tow J 
26: [2.1.1] 26: [L1t..1. « J 
27: [2.11.] 272 Cie te x s J 
28: [21..1] 28: Lid... - J 
29: [21.1.] 
B08: E24. 2 cl 


Figure 11.2-A: Permutations of multisets in lexicographic order: the multiset (2,2,1) (left), (6,2) 


(combinations Ce) middle), and (1,1,1,1) (permutations of four elements, right). Dots denote zeros. 


We write (r9,71,---,;T—-1) for a multiset with ro elements of the first sort, r; of the second sort, ..., 
Tp—1 elements of the k-th sort. The total number of elements is n = = rz. For the elements of the 
j-th sort we always use the number j. The number of permutations P(ro,71,...,7%—1) of the multiset 
(r0,1%1,+--;Tk—-1) is a multinomial coefficient: 


! 
P(ro,?iy+-6s7k-1) = ( . » }- ——_ (11.2-1a) 
Hic acme 


TO; T1, T25---. 


_ @ ee Co) a 3+7r-2+1k ‘) (" 2+Tk ') (11.2-1b) 
TO T1 T2 Tk-3 Tk-2 


Relation |11.2-la]is obtained by observing that among the n! ways to arrange all n elements ro! permu- 
tations of the first sort of elements, 7! of the second, and so on, lead to identical permutations. 


[fxtbook draft of 2008-January-19] 


11.2: Permutations of a multiset 


11.2.1 Recursive generation 


Let [ro, 71, T2;---; Tk—-1| denote the list of all permutations of the multiset (ro, 71, r2,-. 
recursion 

TO - [ro = 1, T1, T25-+%5 rr-1] 

T1. [ro, Ty 1; T2522 65 rr—-1] 

[ro, T1, T2;+-+;Tk-1 = TQ. [ro, r1,72—1,..-, Tr-1| 
reat « Pt. Ti Mies 

is used to obtain the following procedure [FXT: |comb/mset-lex-rec-demo.cc): 
ulong n; // number of objects 
ulong *ms; // multiset data in ms[0], ..., ms[n-1] 
ulong k; // number of different sorts of objects 
ulong *r; // number of elements ’0’ in r[O], ’1’ in r[i], ..., ’k-1’ in r[k-1] 


With the recursion 


void mset_rec(ulong d) 


if ( d=n ) visit(); 
else 


for (ulong j=0; j<k; ++j) // for all buckets 


++wct; 
if ( rfj] ) // bucket has elements left 
{ 


++rct; 

--r[jl]; // take element from bucket 
ms[d] = j; // put element in place 
mset_rec(d+1); // recursion 

t++r[j]; // put element back 


} 
} 


2tT 


“5 Tp-1)- The 


(119-2) 


and the initial call mset_rec(0) we generate all multiset permutations in lexicographic order. As given 
the routine is inefficient when used with (many) small numbers r;. An extreme case is r; = 1 for all 
j, corresponding to the (regular) permutations: we have n = k and for the n! permutations the work 
is proportional to n”. The method can be made efficient by maintaining a list of pointer to the next 


nonzero ‘bucket’ nk[] [FXT: class mset_lex_rec in comb/mset-lex-rec.h): 


class mset_lex_rec 


public: 
ulong k_; // number of different sorts of objects 
ulong *r_; // number of elements ’0’ in r[O], ’1’ in r[i], ..., ’k-1’ in r[k-1] 
ulong n_; // number of objects 
ulong *ms_; // multiset data in ms[0], ..., ms[n-1] 
ulong *nn_; // position of next nonempty bucket 


void (*visit_) (const mset_lex_rec &); // function to call with each permutation 


ulong ct_; // count objects 
ulong rct_; // count recursions (==work) 
[--snip--] 


The initializer takes as arguments an array of multiplicities and its length: 


public: 
mset_lex_rec(ulong *r, ulong k) 
{ 
k_ = k; 
r_ = new ulong[k]; 


for (ulong j=0; j<k_; ++j) r_[j] = rlj]l; // get buckets 


n_ = 0; 
for (ulong j=0; j<k_; ++j) n_ += r_[j]; 
ms_ = new ulong[n_]; 


[fxtbook draft of 2008-January-19] 


278 Chapter 11: Subsets and permutations of a multiset 


nn_ = new ulong[k_+1]; // incl sentinel 
for (ulong j=0; j<k_; ++j) nn_[j] = jt; 
nn_[k] = 0; // pointer to first nonempty bucket 


} 
{[--snip--] 
The method to generate all permutations takes a ‘visit’ function as argument: 


void generate(void (*visit) (const mset_lex_rec &)) 


: visit_ = visit; 
ct_ = 0; 
rct_ = 0; 
mset_rec(0); 
} 
private: 


void mset_rec(ulong d); 


#3 


The recursion itself is [FXT: comb/mset-lex-rec.cc : 


void mset_lex_rec::mset_rec(ulong d) 


if ( d>=n_ ) 


else 
for (ulong jf=k_, j=nn_[jf]; j<k_; jf=j, j=mn_[j]) // for all nonempty buckets 
{ 


t++rct_; // work == number of recursions 


--r_[jl; // take element from bucket 
ms_[d] = j; // put element in place 


if ( r_[j]==0 ) // bucket now empty? 
{ 


ulong f = nn_[jf]; // where we come from 
nn_[{jf] = nn_[j]; // let recursions skip over j 
mset_rec(d+1) ; // recursion 
nn_[jf] = f; // remove skip 
else mset_rec(d+1); // recursion 
+t+r_[j]; // put element back 


} 


Note that the test whether the current bucket is nonempty is omitted as empty buckets are skipped. 
Now the work involved with (regular) permutations is (less than) e = 2.71828... times the number of 
the generated permutations. Usage of the class is shown in [FXT: ‘comb/mset-lex-rec2-demo.cc). The 
permutations of 12 elements are generated at a rate of about 25 million per second, the combinations (7?) 
at about 40 million per second, and the permutations of (2,2, 2,3,3,3) at about 20 million per second. 


11.2.2 Iterative generation 


The algorithm to generate the next permutation in lexicographic order given in section on page |220 
can be adapted for an iterative method for multiset permutations [FXT: class mset_lex in 


lex 


class mset_lex 


public: 
ulong k_; // number of different sorts of objects 
ulong *r_; // number of elements ’0’ in r[0O], ’1’ in r[i], ..., ’k-1’ in r[k-1] 
ulong n_; // number of objects 
ulong *ms_; // multiset data in ms[0], ..., ms[n-1], sentinel at [-1] 
public: 


mset_lex(const ulong *r, ulong k) 


[fxtbook draft of 2008-January-19] 


11.2: Permutations of a multiset 279 


{ 
k_ = k; 
r_ = new ulong[k] ; 
for (ulong j=0; j<k_; ++j) r_[j] =rl[jl; // get buckets 
n_ = 0; 
for (ulong j=0; j<k_; ++j) n_ += r_[j]; 
ms_ = new ulong[n_+1]; 
ms_[0] = 0; // sentinel 
++ms_; // nota bene 
first(); 
} 


on first() 


for (ulong j=0, i=0; j<k_; ++j) 
for (ulong h=r_[j]; h!=0; --h, ++i) ms_[i] = j; 


} 
[--snip--] 
The only change in the update routine is to replace the operators > by >= in the scanning loops: 
bool next() 
{ 


// find for rightmost pair with p_[i] < p_[it1]: 

const ulong ni = n_ - 1; 

ulong i = ni; 

do { --i; } while ( ms_[i] >= ms_[iti] ); // can touch sentinel 
if ( (long)i<O ) return false; // last sequence is falling seq. 


// find rightmost element p[j] smaller than p[i]: 

ulong j = ni; 

while ( ms_[i] >= ms_[j] ) { --j; } 

swap2(ms_[i], ms_[j]); 

// Here the elements p[iti], ..., p[m-1] are a falling sequence. 
// Reverse order to the right: 

ulong r = ni; 

ulong s = it 1; 

while (r>s) { swap2(ms_[r], ms_[s]); --r; ++s; } 

return true; 


} 
} 


Usage of the class is shown in [FXT:|\comb/mset-lex-demo.cc : 


ulong ct = 0; 
do 


// visit 
while ( P.next() ); 


The permutations of 12 elements are generated at a rate of about 110 million per second, the combinations 
ee) at about 60 million per second, and the permutations of (2,2, 2,3,3,3) at about 82 million per second. 


[fxtbook draft of 2008-January-19] 


280 Chapter 11: Subsets and permutations of a multiset 


[fxtbook draft of 2008-January-19] 


281 


Chapter 12 


Gray codes for strings with 
restrictions 


We give constructions for Gray codes for strings with certain restrictions, such as forbidding two success- 
sive zeros or nonzero digits. The constraints considered are so that the number of strings of a given type 
satisfies a linear recursion with constant coefficients. 


pp Fit tat sss hp ttt 


DODD DODD sg tec to bs seciden, 2, Gd cates realestate 
ents Sueusra: avece bubs Os Ft as Bite 
AD DD Dar sesiaise es der thes scscte ce DQ 222 s0 ees saana sess W(n) == 
Die Wisner aie 5 VDP dives soe ever 111111 
TAs ests 22s se edd We, eons 2 


[120 W(n-3)] + rev([10 W™m-2)]) + [00 W(n-2)] 
11111111 ses Rea Ups ss ps re ee 
DIDQ2II22- —————— rece Gecaectarne  -«-»-—aadladidsdoa nee dls 

eee 11111111 11111111..... 
VAUD eg RA a ee DOD a iiiew Sd eb 
Dearie leravs TATTT Vee ce eh 111111 
T1904. tts 2Qerv ead Dhiciwws 
de. a 22's 11 dds 62. 2 11 11 


Figure 12.0-A: Obtaining a Gray code by a sublist recursion. 


The algorithms are given as list recursions. For example, write W(n) for the list of n-digit words (of a 
certain type), write W®(n) for the reversed list, and [x .W(n)] for the list with the word x prepended at 
each word. The recursion for a Gray code is 


(00. W(n—2) ] 
W(n) = [10.W®(n—-2)] (12.0-1) 
[120.W(n—3)] 


Such a relation always implies a backward version which is obtained by reversing the order of the sublists 
on the right hand side and additionally reversing each sublist 


[120.WF(n — 3)] 


WR(n) = [10.W(n-2) ] (12.0-2) 
(00. WR(n— 2) ] 


The construction is illustrated in figure/12.0-A] An implementation of the algorithm is [FXT: comb /fib- 


alt-gray-demo.cc : 


[fxtbook draft of 2008-January-19] 


282 Chapter 12: Gray codes for strings with restrictions 


void X_rec(ulong d, bool z) 
if ( d>=n ) 


if ( d<=n+1 ) // avoid duplicates 


visit(); 
else 
if (z) 
rv[d]=0; rvf[dt+ti]=0; X_rec(d+2, z); 
rv[d]=1; rvfdti]=0; X_rec(d+2, ! z); 
rv[d]=1; rvfdti]=2; rv[d+2]=0; X_rec(d+3, z); 
} 
al 
rv[d]=1; rvfdti]=2; rv[d+2]=0; X_rec(d+3, z); 
rv[d]=1; rvfdti]=0; X_rec(d+2, ! z); 
rv[d]=0; rvf[dt+1]=0; X_rec(d+2, z); 
} 


} 


The initial call is X_rec(0O, 0);. The parameter z determines whether the list is generated in forward or 
backward order. No optimizations are made as these tend to obscure the idea. Here we could omit one 
statement rv[d]=1;, replace the arguments z and !z in the recursive calls by constants, and of course 
create an iterative version. 


The number w(n) of words W(n) is determined by a recursion (and some initial values w(n)) that can be 
obtained by counting the size of the list on both sides of the recursion relation |12.0-1]on the preceding 
page: 


w(n) = 2w(n—2)+w(n-3) (12.0-3) 


One can typically set w(0) = 1, there is one empty list and this satisfies all conditions. The numbers 
w(n) are in fact the Fibonacci numbers. 


12.1 Fibonacci words 


A recursive routine to generate the Fibonacci words (binary words not containing two consecutive ones) 
can be given as follows: 


ulong n; // number of bits in words 
ulong *rv; // bits of the word 


void fib_rec(ulong d) 


{ 
if ( d=n ) visit(); 
else 
rv[d]=0; fib_rec(d+1); 
rv[d]J=1; rv[d+i]=0; fib_rec(d+2); 
} 


We allocate one extra element to avoid if-statements in the code: 
int main() 


n= 7; 

rv = new ulong[n+1]; 
fib_rec(0); 

return 0; 


} 


The output (assuming visit() simply prints the array) is given in the left of figure |12.1-A| Note that 
with the n-bit Fibonacci Gray code the number of ones in the first and last, second and second-last, 
etc. tracks are equal. Thereby the sequence of reversed words is also a Fibonacci Gray code. It turns 


[fxtbook draft of 2008-January-19] 


12.1: Fibonacci words 283 


Dia eae cates So 3 dee <3 sre 2 does Bes 2d ee A 
eae tan ee Sag, oe Pare bee fe ocd aorall. oh, Ae ne asco : 
se cin Se ch Ses te a ees Geer e ad ed bom ce a ad Vn 
Bs a oe ee Be 4: .1. sows pel ceo. ge, oo se 
Bs a a eg Da Di a ee aes He ree: ae oa : 
Gist cae we oe Oh 6G ete toe 1 BA dvlsweealimcc, are _ 1 
a ae ee oe Ce oda 2 ar so Z poh a oe sd 
Br. ieee Meee 8: .1.1..41 . oie de = a te 
OF, ok Meee ee Oe 8 eget a Ae be Bp ee ae Vos dh S 
WOE. oie De se ox, ol 10: . rae Core Pe eas Wee De 
Is ee De: 2: Ds deh es! <3 e Dae ds @ at 29d 1 aoe | 
125 cee ae Dh 12: . aiwthy a A es 1. ‘ 
13: .,1.d121.1 13: . . 2 Se i hevgedby, 238. oh 1. 1. 
14: .1d.... 14: 2... be hed he er Th Sar e-- . 

153 os Toe ese 152 ka foe dD see: oer are 

16: . 1... 1 162. mesg ade 4 1 dd 

te: Te 2 Wl ah cea Ah ce et i ap ee pes Ue 

Oe hed Ses 132 oe Ws TD: eet 1. Pcs 

19 De De 19% so 5d eo dis 2 « L 
203 a Ag Towa 20: «6 2 Da age ae 1.1 
212 . te. Den A QA Oe ee Noe ade iW S- BPD 3 
22. sd4x 2 cet ye 22% Ved ven ce 
23: 1 fe Ses sek or oll 23: 1.2..., 
24: 1 aoe “ar 8 24: Ae te e 2 
25: 1 ae ae 208° Doe Mag dee 
26: 1.. 1. 262 doe dT Ad 
PY re eae oo Ble “Vt, Men See cane 
207 os: « o : 23: 1. & fara 
29: 1. , 1 1 29: 1. a ack 
30: 1.1 ae) 30: 1. at 
31: 1.1. zd los i ee a 
g2: 2a foe a ds o28 Ale Sayed 
got 2a Ps ho. got thes 2a ees 
34; 1.1.1.1 34: 1..1..1 


Figure 12.1-A: The first 34 Fibonacci words in counting order (left), and Gray codes through the first 
34, 21, and 13 Fibonacci words (right). Dots are used for zeros. 


out that a simple modification of the routine generates a Gray code through the Fibonacci words [FXT: 
comb/fibgray-rec-demo.cc!: 


void fib_rec(ulong d, bool z) 


{ 
if ( d>=n ) visitQ; 
else 
z= !z; // change direction for Gray code 
if (z) 
{ 
rv[d]=0; fib_rec(dt+1, z); 
rv[d]=1; rv[dti]=0; fib_rec(d+2, z); 
else 
rv[d]=1; rvf[dti]=0; fib_rec(d+2, z); 
rv[d]=0; fib_rec(d+1, z); 
} 
} 


The variable z controls the direction in the recursion, it is changed unconditionally with each step. The 
if-else blocks can be merged into 


rv[d]J=!z; rv[dtiJ= z; fib_rec(dtit+!z, z); 
rv[d]J= z; rv[dtiJ=!z; fib_rec(dti+ z, z); 


The algorithm is CAT (constant amortized time) and fast in practice, about 80 million objects are 
generated per second. A bit-level algorithm is given in section }1.29.2}on page 


The algorithm for the list of the length-n Fibonacci words F'(n) can be given as a recursion: 


(10. FR(n —2)] 


Fin) = (0. FR(n —1) | (12.1-1) 
Merging two steps we find 
(100. F(n—3) ] 
F(n) = : ; : Bees 7 (12.1-2) 
(010. F(n—3) | 


[fxtbook draft of 2008-January-19] 


284 Chapter 12: Gray codes for strings with restrictions 


12.2 Generalized Fibonacci words 


oe ree tee PLGA ois os Sie ache Bae eet eras tee ce 
irdheblSdhrat BAS rnb ce os Bt et Ut ts i sa eit ta i cme amen ete Os Ol et tt tg Ener 
ree 1 putea PRADA yo ciiy 53 tts woo cee DL Dd ccseceod av ene eee PTT 
srl ss ecteanaciets ss DAL sce PAL ee ice LR ceed Pe aes cup dhe 1i1....11 
145.4 oe lee ee | 115..1 nthe ddd obleotsddwle eddie edd ode et Tis 
Ladd hed lela. led ded ddd edd Leelee hell Led. dled 


yt Pt i tt as sist Bet st ft a EB et Ut tI ses te ee 
111111111111 


UD sod ise dese tid is a irre jira ai tencctins etsy Dante eae va mserd tuistay bleh esrcaeeisesrone Semoi 11111111111111111111 

Briss andaege An artenaife cous deed eceaaeeaenaed att tt aap is i te sg Kren nape gure Ut Dit ett | 
neonate i Us tt et ss Ess ear eet ts ss Es ip BE et tit tt Es ie LEP ea 
UA ars 2.2. Bsc i Bs eee rere DUTT ecba x seautt acecanecer sus PUTT esa loss erieec sh ls Eee ere 111111... 

ag, 3 ae DM orate Secaes WA De ers NL bate ddd dse ce DEI soe odie snag LETT soe aerate 1111 2 LL eee LT 

als rc Es Ee oem ese eget ees Eevee Ls Perea ert Es Eevee Ieee Esra Es Une Ol rere ees Peemeeernen eet 


Figure 12.2-A: The 7-bit binary words with maximal 2 successive ones in lexicographic (top) and 
minimal-change (bottom) order. Dots denote zeros. 


sca apiae det-eriditive-oetod st st Ft st ss Es Ki Ui ss es is ene ee SA 
Ssbese.cehes a PUTT CUDA ee coe Gees ecette descend MLD WT oe ce ot cotweceaeore TDD TPAD 6 ects see atest ta terete et 
are ee gs EP eee reefer Cel Ut Speman meee Cll Lr aes Ee El reaper are! Er Eel Dl bs eee 
Voeee LDce es erode oe Plea Ete cede sed bead dae x4 tvcs PIT LD cece EL 
stds: de tele DL Ded deed. The cds 1d es ed 


Figure 12.2-B: Recursive structure for the 7-bit binary words with maximal 2 successive ones. 


We generalize the Fibonacci words by allowing a fixed maximum value r of successive ones in a binary 
word. The Fibonacci words correspond to r = 1. Figure [I2.2-A]shows the 7-bit words with r = 2. The 
method to generate a Gray code for these words is a straightforward generalization of the recursion for 
the Fibonacci words. Write L,(n) for the list of n-bit words with at most r successive ones, then the 
recursive structure for the Gray code is 


0.LPR(n—-1) 
10. L2(n— 2) 
110. L2(n—3) 
L,(n) = (12.2-1) 


17-20. ER(n—1—r +2) 
17-190. ER(n—1—r4+1) 
170. LR(n-1-r) 


Figure |12.2-B] shows the structure for L2(7), corresponding to the three lowest sublists on the right side 
of the equation. An implementation is [FXT: comb/maxrep-gray-demo.cc): 


ulong n; // number of bits in words 
ulong *rv; // bits of the word 
long mr; // maximum number of successive ones 


void maxrep_rec(ulong d, bool z) 


{ 
if ( d=n ) visit(); 
else 


z= !z; 


long km = mr; 
if ( dtkm >n) km=n-d; 


if (z) 

{ 
// words: 0, 10, 110, 1110, 
for (long k=0; k<=km; ++k) 


[fxtbook draft of 2008-January-19] 


12.2: Generalized Fibonacci words 285 


rv[d+k] = 0; 
maxrep_rec(d+i+k, z); 
rv[d+k] = 1; 
} 
else 
{ 
// words: ... 1110, 110, 10, 0 


for (long k=0; k<km; ++k) rv[d+k] = 1; 
for (long k=km; k>=0; --k) 


rv[dtk] = 0; 
maxrep_rec(dt+titk, z); 


} 


Figure |12.2-C| shows the 5-bit Gray codes for r € {1,2,3,4,5}. Observe that all sequences are subse- 
quences of the leftmost column. 


r=5 r=4 r=3 r=2 r=i1 
1% 11.4 4-2 117 4.. oe a eee dos. oe te aod 
2: 1idi. tid... 111 1 ci ee We ya 
3: fo dod. 4 111 1 14s 1 11.1 tee a a Ll 
4: 11id1 1 te Fi 1 11. 11.411 a He, St ae Ah 
5: 11. 1 11. 5 oe leer | 1 ee adi de 
6: 11. : 4. dw A 1-41.51 2 Le Wha x ay Ae ae 4 
T: 11.1 12-2 4 1.6 i 2 Me > dee. Me sow de eh 
8: 11.411 Toe oe Ded 1 hoe Ls tee <e 1 es | 
9: We ones a ok fe ge. De’: ee t. 24, 2 tl sak co 
10: he ee eee se | re : 1 xs ce od al Dee Me ke, eo i) 2 
11: 1... : i re 1 1.14.1 da ab a «ih LG 
12: : 1 14-4 1 fo dies oe ee Dg sak a 
13: Tt 1 te sz ol ‘ Wo Dd ge ge Le se ~ 1 
14: 4 ; 1.24 1.12.4 os ae ge 
15: 1.171 1.111 2x2 Dia ba wy ae a 
16: 1.4111 » «tf 21 se Lok 4 a ‘ 
17: he 4, ede «dod. go er ML oh Ee _— 1 
18: vod, T. om Had Hed a eel 1 x ~ 2 12 
19: are ees ee FAS al ee oe 1 3 Ae At 
20: «1. 4 OL ee we Ue a es, cus nae ee eee 
21: 8 wk tee Sah + fax eo i ke be As ae 
22: oe 2 “ge Dy x 2 « ht . 1 | 
23: ge . « ed 1.4141 » bd 2 ct 
24: aie ay Ae 1 a td qe Lg aad, ¢ 
25: awh! oe BL. od. Loe ds gL? ede us 
26: sks. Lex : ee 1..41 
27: vod as yy 1..41 11.1 
28: ae eee di od dd. a: -e 
29: go dy Deg “LL died ci. 3g 1id1. 
30: ¢ TE s. «4 1id1. 
31: ea ea ae ae tie a. 
32: -idait 


Figure 12.2-C: Gray codes of the 5-bit binary words with maximal r successive ones. The leftmost 
column is the complement of the Gray code of all binary words, the rightmost column is the Gray code 
for the Fibonacci words. 


Let w,(n) be the number of n-bit words W,(n) with <r successive ones. Taking the length of the lists 
on both sides of relation [12.2-1]we obtain the recursion 


w,(n) = > w,(n-1-3) (12.2-2) 
j=0 


where we set w,(n) = 2* for 0 <n <r. The sequences for r <5 start as 


i ee 


KRARAKK 

(ed ame! ee eel ed 
NNMNNNE 
aa BWN 
COCOCON OW 


[fxtbook draft of 2008-January-19] 


286 Chapter 12: Gray codes for strings with restrictions 


For r = 1 we obtain the Fibonacci numbers, entry A000045 of [214]; For r = 2 the tribonacci numbers, 
A000078, 


entry |A000073} for r = 3 the tetranacci numbers, entry |AQ00078; for r = 4 the pentanacci numbers, entry 
for r = 5 the hexanacci numbers, entry |A001592, The variant of the Fibonacci sequence where 
each number is the sum of its k predecessors is also called Fibonacci k-step sequence. The generating 
function for w,(n) is 


Co r k 

Y > w,(n)a” = deco (12.2-3) 
1—Svr gk 

n=0 k=1 


Alternative Gray code for words without substrings 111 (r = 2) 


a oescaulerpiad's Sabedine Ioneuisdu and eh anges cec 111111111111111111111 Ds cae erie sirestanee Meise osduibs Aushigdtire et hee. 
sheets ar idend tara tena ust it 1 ie a Wt tig tt ree gaa ee ce re ee emer 2 Wt to Ut Dt tt 
ere PATTI TTI Ds one ee bee eewe ed Ui FE gee ero Us Dt ttt eer 
nae Ae MDS, Sse, ute ane aosasioeis le Ps eee DUD T A oeaceacaeete DD iis aoe teers ADT conte tee ahasg we 111 
cod ds airs 8 a TAD std tlhe 6 ede ect d aes a Feiler PD ed a eed sD fe oe areee ea 
Te lc at aes RAE y We (ke: ERs TAS: RRS: DSRS ER a | 


Figure 12.2-D: The 7-bit binary words with maximal 2 successive ones in a minimal-change order. 


The list recursion for the Gray code for binary words without substrings 111 is the special case r = 2 of 
relation [12.2-I]on page [284] 
(110. LE(n — 3)] 
Lo(n) = [10.LB(n—-2) |] (12.2-4) 
(0. ER(n-1) ] 


A different Gray code is obtained via 
(10. L5(n—2) |] 


iin) = (11 3) (12.2-5) 
(0. L4(n—-1) J 


The ordering is shown in figure|12.2-D] it was created with the program [FXT:|comb/nol11-gray-demo.cc). 


Alternative Gray code for words without substrings 1111 (r = 3) 


A list recursion for an alternative Gray code for binary words without substrings 1111 (r = 3) is 


a Ls(n~3 3) 
0. p= 1) 
1110. Lyd) 
10. Ln = 2) 


The ordering is shown in figure |12.2-E| it was created with the program [FXT: comb/nol111-gray- 


demo.cc). For all odd r > 3 a Gray code can be obtained by a list recursion where the prefixes with an 
even number of ones are followed by those with an odd number of ones. For example, with r = 5 the 
recursion is 


[ 
L3(n) = ce | (12.2-6) 
[ ] 


iti a7) 
fi. (i =3) 
0.0 =) 
111110. 22 (n—8) 
£10.07 (id) 
10d (2) 


Lh(n) = (12.2-7) 


[fxtbook draft of 2008-January-19] 


12.3: Digit x followed by at least x zeros 287 


De Pd 202 letoed. 55: 111.1 82: .1.1.1. 
25 ds Thies 297. L.1,44. 56: 11.1 83: .1.111. 
3: 1.11..1 30: 111.11. 57: Be ee 84 oe Ld 
43 1.40.41 31: 111..1. 58: er ee Sos ds ed. 
Be I.1.401 S27 LL. 0. 59: aces dL SE ode sie 
63, eds. 33: 111...1 60: alge OF lesa, 
Ce. Needles 34: 111..11 O1e ceed 11 88: .1...11 
Oo: 1s. 0.1. 35: 111.111 62 cates 1 89: .1..111 
Oy ds.111. 36: 111.1.1 OSs. sitasues 90: .1..1.1 
TOs. dhctsdts 37: 111.1.. G4 sigasece 1... Ot. adaedts 
Pie detested 38: «ft... OSs) eseaidys O22 ated. 
oa Cee eae 39: .11.1.1 66: o+sdT1. 93: .1.11.1 
sks ees Sonne 1 40: .11.111 Of: vend. ds 94: 11.11.1 
142 Dott Ate .1d..d1 683 (isdn. 96: ti.d1.. 
15: 41...111 422 1d cd 69 aed 96: 11.1... 
16%. deed 43% Vda 3 LO te tod Of: Tied. 1 
0s. dive leg 44; .11..1. TAY eed db tl 98: 11..111 
18: 41..11. 45: .11.11. C22 oe SL ocd. 09°. dts... 47 
195. dh cdL al 46: ..1.11. (32 sop delcces 100%: Dd ccad 
20: 1.111.1 Als we adieccds (Ae dds LOLs: “Wales 
21: 2.111... cS re omer 75: .111.1. 10250. LL 
223 ded 493 ei dicel 76: .111... 103% dis. 11. 
23: 1.1.1.1 50: ..1..11 77: = .111..1 1042 11.011. 
24: 1.1.111 51: ..1.111 78: .111.11 1052) Add. 
25: 1.1..11 62: ..1.1.1 79: .1.1.11 1063. Vedas. 
26: 1.1...1 DS wailed 80: .1.1..1 L07:- T1.t.<1 
203 Detsss.. 54: eit. Sle «Lede dc. 108: 11.1.11 


Figure 12.2-E: The 7-bit binary words with maximal 3 successive ones in a minimal-change order. 


12.3 Digit x followed by at least x zeros 


Figure 12.3-A: Gray code for the length-5 words with maximal digit 3 where a digit «x is followed by at 
least x zeros. Dots denote zeros. 


Figure shows a Gray code for the length-5 words with maximal digit 3 where a digit x is followed 
by at least x zeros. For the Gray code list Z,(n) of the length-n words with maximal digit r we have 


0:28 (4—1) 
10. ZB (n — 2) 
200. ZB(n— 3) 
Z,(n) = (3000. ZR(n—4) (12.3-1) 


r0” . ZR(n —r —1) 


A implementation is [FXT: |comb/gexz-gray-demo.cc : 


ulong n; // number of digits in words 
ulong *rv; // digits of the word 
ulong mr; // radix== mr+1 


void gexz_rec(ulong d, bool z) 


{ 
if ( d=n ) visit(); 
else 


if (z) 

// words 0, 10, 200, 3000, 40000, ... 

ulong k = 0; 

do 

{ 
rv([d]=k; 
for (ulong j=1; j<=k; ++j) rv[d+j] = 0; 
gexz_rec(dtkt+1, !z); 


[fxtbook draft of 2008-January-19] 


288 Chapter 12: Gray codes for strings with restrictions 


while ( ++k <= mr ); 


else 
// words ..., 40000, 3000, 200, 10, 0 
ulong k = mr + 1; 
do 
{ 
=k; 
rv [d] =k; 


for (ulong j=1; j<=k; ++j) rv[d+j] = 0; 
gexz_rec(d+k+1, !z); 

} 

while ( k != 0); 


} 


Let z,(n) be the number of n-bit words Z,(n), then 


rt+l 
a(n) = ys zr(n— 9) (12.3-2) 


where we set z,(n) = 1 for n < 0. The sequences for r < 5 start as 


n: 0 12 3 4 5 6 7 8 9 10 11 12 13 14 15 
ret: 1 2 3 5 8 13 = 421 34 55 89 144 233 377 610 987 1597 
r=2: 1 3 5 9 17 31 57 105 193 355 653 1201 2209 4063 7473 13745 
r=3: 1 4 7 13 25 49 94 181 349 673 1297 2500 4819 9289 17905 34513 
r=4: 1 5 9 17 33 65 129 253 497 977 1921 3777 7425 14597 28697 56417 
r=5: 1 611 21 41 81 161 321 636 1261 2501 4961 9841 19521 38721 76806 


For r = 1 we obtain the Fibonacci numbers, entry |A000045) of [214]; For r = 2 the tribonacci numbers, 
entry A000213} for r = 3 the tetranacci numbers, entry AQ00288) for r = 4 the pentanacci numbers, entry 


A000322; for r = 5 the hexanacci numbers, entry A000383, Note that the sequences for r > 2 are different 
from those obtained via relation |12.2-2}on page 


12.4 Generalized Pell words 


Gray code for Pell words 


ede saSaNgecreuld seed ovine! Acland barre ten arate. ras len Crnretscrias wate Db Sea 111111111111111111111111111111111 2222222 
edbids lene cleotide aemguerensan 19099111111171111122200028 . oo ee ee ece ee ELITITT1T1diidt we 
siceeieris ae cas 1111111222.......1111111222..............1111111222.......111111122 1111222 
gece PAD oc 2 VDDD os goods pie i > ee seve b Wd Do Mock dL DQ eicig- teas 1112...1112.. 1112... 
o12.12..512,.12...12.42.12:. 002.12 ..12.12.12...12.5192..12.12. 42.12.12 .012 42.1 612.212 


sn'bae BaaNe Greenies SrtA Gy Seetie ete dotn Awad See ats, Gaeta 111111111111111111111111111111 2222222 
ee rer eee 111111111111111112222222222222211111111111111111.........  ....... 
sp suis veneers 11111112222221111111............................1111111222222111111 1111222 
sews DEV QOU Ae ani ates 3 15 steuene 11122111...... PIT 220 14 on ev ecsc pl Ih 2 Le Eee eee pe a Seeeereeer ae 
21221 21221..1221..1221....1221..1221....1221..1221 21221..1221..1221. 221..12 


Figure 12.4-A: Start and end of the lists of five digit Pell words in counting order (top) and Gray code 
order (bottom). The lowest row is the least significant digit, dots denote zeros. 


A Gray code of the Pell words (ternary words without the substrings "21" and "22") can be computed 
as follows: 


ulong n; // number of digits in words 
ulong *rv; // digits of the word 
bool zq; // order: O==>Lex, 1==>Gray 


[fxtbook draft of 2008-January-19] 


12.4: Generalized Pell words 289 


void pell_rec(ulong d, bool z) 


if ( d>=n ) visitQ); 


else 
if ( 0==z ) 
% : 
rv[d]=0; pell_rec(dt+1, z); 
rv[d]=1; pell_rec(d+1, zq°z); 
rv[d]=2; rv[d+1]=0; pell_rec(d+2, z); 
} 
else 
{ . 
rv[d]=2; rv[d+1]=0; pell_rec(d+2, z); 
rv[d]=1; pell_rec(d+1, zq*z); 
rv[d]=0; pell_rec(dt+1, z); 
} 
} 


} 


The global boolean variable zq controls whether the counting order or the Gray code is generated. The 


code is given in [FXT: comb/pellgray-rec-demo.cc). Both orderings are shown in figure }12.4-A] About 


110 million words per second are generated. The computation of a function whose power series coefficients 
are related to the Pell Gray code is described in section |36.12.3]on page 


Gray code for generalized Pell words 


eee eee ee See ee ee ee ee ea 1111111111111111111111111111111 
33332222220 2222221111111111111..................5225006- 111111111122222 
Bob Se acinseue eepecs aa Ieee oecsi ecco ieecek oases 
.123321..123321....123321..123321..123321....123321..123321..123321....123 


Desi, dade Been eee eee 
123301... 198821. 4s.12seely., 123 


PeeED 


Figure 12.4-B: Gray code for 4-digit radix-4 strings with no substring 32 with x 4 0. 


A generalization of the Pell words are the radix-(r + 1) strings where the substring ra with « 4 0 is 
forbidden. Let P,.(n) the length-n words, a gray code for these strings can be generated by the recursion 


0.P.(n—1 


Wn re 


) (12.4-1a) 


if r is even, and 


COM Cer aras) 
ae 
= 
~~ 
| 
— 


P(n) = B-Pr(n—1) (12.4-1b) 


Gat. Pen 
(r)0. PR(n — 2) 


Tr 


if r is odd. Figure|12.4-B| shows a Gray code for the 4-digit strings with r = 3. An implementation of 
the algorithm is [FXT: comb/pellgen-gray-demo.cc : 


[fxtbook draft of 2008-January-19] 


290 Chapter 12: Gray codes for strings with restrictions 


ulong n; // number of digits in words 
ulong *rv; // digits of the word (radix rt1) 
long r; // Forbidden substrings are [r, x] where x!=0 


void pellgen_rec(ulong d, bool z) 


if ( d=n ) visit(); 
else 


const bool p=r&1; // parity of r 
rv[d] = 0; 

if (z) 

{ 


for (long k=0; k<r; ++k) { rv[d] =k; pellgen_rec(dt1, z ~*~ p ~ (k&1)); } 
{ rv[d] =r; rv[d+1] = 0; pellgen_rec(d+2, p ~ z); } 


} 
else 

{ rv[d] =r; rv[d+1] = 0; pellgen_rec(d+2, p ~ z); } 

for (long k=r-1; k>=0; --k) { rv[d] =k; pellgen_rec(d+1, z ~ p ~ (k&1)); } 
} 


} 


With r = 1 we again obtain the Gray code for Fibonacci words. Taking the number p,(n) of words P,(n) 
on both sides of relations [12.4-1aJ and [12.4-1b] we find 


p,(n) = rp,(n) + p,(n — 2) (12.4-2) 


where p,(0) = 1 and p,(1) =r+1. For r < 5 the sequences start as 


n: Oo 1 2 3 4 5 6 7 8 9 10 11 
r=l1: i 2 5 8 13 21 34 55 89 144 233 
r=2: 1 3 7 17.) 4 99 239 577 1393 3363 8119 19601 
r=3: 1 4 13 43 142 469 1549 5116 16897 55807 184318 608761 
r=4: 1 5 21 89 377 1597 6765 28657 121393 (514229 2178309 9227465 
r=5: 1 6 31 161 836 4341 22541 117046 607771 3155901 16387276 85092281 


The sequences are the following entries of [214]: r = 1: A000045; r = 2: A001333, r = 3: |A003688; r = 4: 
A015448, r = 5: A015449, The generating function for p,(n) is 


1+2 


So pr(n)2” = ————, (12.4-3) 
n=0 


l—ra—2? 


12.5 Sparse signed binary words 


Figure 12.5-A: A Gray code through the 85 sparse 6-bit signed binary words. Dots are used for zeros, 
the symbols ‘P’ and ‘M’ denote +1 and —1, respectively. 


Figure|12.5-A|shows a minimal-change order (Gray code) for the sparse signed binary words (nonadjacent 
form (NAF), see section on page[59}. Note that we allow a digit to switch between +1 and —1. [fall 
words with any positive digit (‘P’) are omitted then we obtain the Gray code for Fibonacci words given 


in section on page |282 


A recursive routine for the generation of the Gray code is given in [FXT: |comb/naf-gray-rec-demo.cc’: 


ulong n; // number of digits of the string 
int *rv;  // the string 


[fxtbook draft of 2008-January-19] 


12.5: Sparse signed binary words 291 


void sb_rec(ulong d, bool z) 


if ( d=n ) visit(); 
else 


if ( 0==z ) 
{ 


rv[d]=0; sb_rec(dt+1, 1); 
rv[d]=-1; rvfdt+1]=0; sb_rec(d+2, 1); 
rv[d]=+1; xrv[dt+1]=0; sb_rec(d+2, 0); 


else 


rv[d]=+1; xrvfdt+i]=0; sb_rec(d+2, 1); 
rv[d]=-1; rvfdt+i]=0; sb_rec(d+2, 0); 
rv[d]=0; sb_rec(dt+1, 0); 


} 
} 


About 120 million words per second are generated. 

Let S(n) be the number of n-digit sparse signed binary numbers (of both signs), and P(n) be the number 
of positive n-digit sparse signed binary numbers, then 

n: 012 3 4 5 6 7 8 9 10 11 12 13 14 15 16 
S(m): 13 5 11 21 43 85 171 341 683 1365 2731 5461 10923 21845 43691 87381 
P(n): 123 611 22 43 86 171 342 683 1366 2731 5462 10923 21846 43691 


The sequence S(n) is entry A001045) of (214), the sequence P(n) is entry A005578) We have (with 


e :=nmod 2) 


gn+2 _142¢ 
S(n) = — 2S5(n—1)-1+2e (12.5-1a) 
= S(n—-1)4+2S(n—-2) = 3S(n—2)+2S(n—3) = 2P(n)-1 (12.5-1b) 
P(n) = we tite = 2P(n—-1)-1-e = S(n—-l)+e (12.5-1c) 
= P(n—1)+S(n—-2) = P(n—2)+S(n—2)+S(n—3) (12.5-1d) 
= S(n—2)+S5(m—3)+S(n—4)+...48(2)+5(1) 43 (12.5-16) 
= 2P(n—1)+P(n—2)—2P(n-3) (12.5-1f) 


Almost Gray code for positive words * 


Figure 12.5-B: An ordering of the 86 sparse 7-bit positive signed binary words that is almost a Gray 
code. The transitions that are not minimal are marked with ‘><’. Dots denote zeros. 


If we start with the following routine that calls sb_rec() only after a one has been inserted, we obtain 
an ordering of the positive numbers: 


void pos_rec(ulong d, bool z) 


if ( d>=n ) visit(); 
else 


if ( 0==z ) 
{ 
rv[d]=0; pos_rec(d+1, 1); 
rv[d]=+1; xrvfdt+i]=0; sb_rec(d+2, 1); 


[fxtbook draft of 2008-January-19] 


292 Chapter 12: Gray codes for strings with restrictions 


} 

else 
rv[d]=+1; rvf[dt+1]=0; sb_rec(d+2, 0); 
rv[d]=0; pos_rec(d+1, 0); 

} 


ay 
} 


The ordering obtained with n-digit words is a Gray code, except for n — 4 transitions. An ordering with 
comb/naf| 


only about n/2 non-Gray transitions is obtained by the more complicated recursion [FXT: 
pos-rec-demo.cc| 


void pos_AAA(ulong d, bool z) 


{ 
if ( d=n ) visit(); 
else 
i ( 0==z ) 
rv[d]=+1; rvf[dt+ti]=0; sb_rec(d+2, 0); // 0 
rv[d]=0; pos_AAA(d+1, 1); // 1 
ie 
rv[d]=0; pos_BBB(dt1, 0); // 0 
rv[d]=+1; rvfdt+i]=0; sb_rec(d+2, 1); // 1 
} 
} 


void pos_BBB(ulong d, bool z) 


if ( d=n ) visitQ; 


else 
a ( 0==z ) 
rv[d]=+1; xrvf[dti]=0; sb_rec(d+2, 1); // 1 
rv[d]=0; pos_BBB(dt1, 1); // 1 
else 
rv[d]=0; pos_AAA(d+1, 0); // 0 
rv[d]=+1; rvf[dt+i]=0; sb_rec(d+2, 0); // 0 
} 
} 


} 


The initial call is pos_AAA(0,0). The result for n = 7 is shown in figure}12.5-B} We list the number N 
of non-Gray transitions and the number of digit changes X in excess of a Gray code for n < 30: 


n: 123456789 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 
N: 000012223 4 4 4 5 6 6 6 7 8 8 8 9 10 10 10 11 12 12 12 13 14 
X¥: 000013445 7 8 8 9 11 12 12 13 15 16 16 17 19 20 20 21 23 24 24 25 27 


12.6 Strings with no two successive nonzero digits 


A Gray code for the length-n strings with radix (r + 1) and no two successive nonzero digits is obtained 
by the recursion for the list D,(n): 


0.DE(n—1) 
10.D®(n—-1) 
a Dae 4 

D,(n) = 10 ' Din 4) (12.6-1) 
50. DE(n—1) 


An implementation is [FXT: comb/ntnz-gray-demo.cc): 


[fxtbook draft of 2008-January-19] 


12.6: Strings with no two successive nonzero digits 293 


1s 32.3 26). Sussciedl 51: 1.1.2 76: 2.3.2 
22. Ser2 QE sec 622 tet.3 COS, 23.0 
Si SSenk 283 seed 633 te. 3 (83 2.3.5 
Ae sBees 29%) aa died 64: tia? 79: 3.3. 
6: .3.1. 30: ..1.2 55: 1...1 80: 3.3.1 
62 2de2. SLi. wcdel B65. Dace 81: 3.3.2 
Te. edeSs S23 ae Ws Bl: deeds 82: 3.3.3 
SH «2.3% 3388. 462i. 68: 1..2. 83: 3.2.3 
89> «2.2. 34: 4.201 69: 1..3. 84: 3.2.2 
10: .2.4. 35: ..2.2 60: 2..3. 85: 3.2.1 
Tis a Qi 36: ..2.3 6l: 2.42% 86: 3.2.. 
122° Dench 37: ..3.3 62: 2-04 87: 3.1.. 
132 42..2 36: G.3.2 63% 92 osu. 88: 3.1.1 
14: .2..3 39: ..3.1 64: 2...1 89: 3.1.2 
15: .1..3 40: ..3.. 65: 2...2 90: 3.1.3 
16: «1.22 41: 1.3.. 66: 2...3 Ol: 3.443 
Le dead 42: 1.3.1 67: 2.1.3 923 (Said 
16% yds 43: 1.3.2 68: 2.1.2 93: 3.4.4 
LQe sede dis 44: 1.3.3 69: 2.1.1 04s OB ieticcs 
20: .1.2. 45: 1.2.3 70: 2.1.. O5:> 3.1. 
2i% 41e3s 46: 1.2.2 CLs: 22s 96: 3.42: 
22% Ava 47: 1.2.1 f2* 2.2.4. 97: 3..3. 
23: a2 48: A..2) tox 2.262 
24: woes AQ:> Ad. 74: 2.2.3 
20) gusts ens 50: 1.1.1 75: 2.3.3 


Figure 12.6-A: Gray code for the length-4 radix-4 strings with no two successive nonzero digits. 


ulong n; // length of strings 
ulong *rv; // digits of strings 
ulong mr; // max digit 
void ntnz_rec(ulong d, bool z) 
{ 
if ( d=n ) visit(; 
else 
if ( 0==z ) 
{ 
rv[d]=0; ntnz_rec(dt+1, 1); 
for (ulong t=1; t<=mr; ++t) { rv[d]=t; rv[dt+1]=0; ntnz_rec(d+2, t&1); } 
} 
else 
for (ulong t=mr; t>0; --t) f{ rv[d]=t; rv[d+1]=0; ntnz_rec(d+2, !(t&1)); } 
rv[d]=0; ntnz_rec(dt+1, 0); 
} 
} 


Figure |12.6-A|shows the Gray code for length-4, radix-4 (r = 3) strings. With r = 2 and upon replacing 
1 with —1 and 2 with +1 we obtain the Gray code for the sparse binary words (figure |12.5-A|on page 
290). With r = 1 we again obtain the Gray code for the Fibonacci words. 


Counting the elements on both sides of relation |12.6-1}on the preceding page we find that for the number 
d,(n) of strings in the list D,(n) we have 


d,(n) = d,(n—1)+rd,(n— 2) (12.6-2) 
where d,(0) = 1 and d,(1) =r +1. The sequences of these numbers start as 
n: O12 3 4 5 6 7 8 9 10 11 12 13 14 
r=1: 12 3 5 8 13 21 34 55 89 144 233 377 610 987 
r=2: 13 511 21 43 85 171 341 683 1365 2731 5461 10923 21845 
r=3: 14 7 19 40 97 217 508 1159 2683 6160 14209 32689 75316 173383 
r=4: 15 9 29 65 181 441 1165 2929 7589 19305 49661 126881 325525 833049 
r=5: 16 11 41 96 301 781 2286 6191 17621 48576 136681 379561 1062966 2960771 
These are the following entries of [214]: r = 1: A000045 : |A001045} r = 3: |A006130; r = 4: 


A006131, r = 5: A015440; r = 6: A0Q15441; r = 7: ee r= - TADISEES The neo function 
for d,(n) is 


= 1 
S-d,(n)a” = soiree (12.6-3) 


l—ax2-—rz2z 


[fxtbook draft of 2008-January-19] 


294 


Chapter 12: Gray codes for strings with restrictions 


12.7 Strings with no two successive zeros 


1: .13 21% 11.2 41:23 1 
2: .12 22: 111 42:23. 
3: .1i1 232:-1. ‘1-2 43:33. 
4: .1. 24: 113 44:33 1 
Bie 2m. 25: 1. 3 45: 332 
6: . 21 26: 1. 2 46: 33 3 
7: . 22 27: 1. 1 47: 323 
8: . 23 28: 2.1 48: 322 
9: .33 29: 2.2 49: 321 
10: . 32 30: 2. 3 50: 32. 
Piet ood 31: 213 51: 31. 
122 1g. Os 32: 212 52: 311 
13:13. 33: 211 563: 3 12 
14: 131 34: 21. 564: 3 13 
15: 132 35:22. 65: 3. 3 
16: 133 36: 22 1 56: 3. 2 
17: 123 37: 22 2 67: 3. 1 
18: 122 38: 2 2 3 

193 12-1 39: 233 
20: 12. 40: 232 


Pee 22.2 21% 1.2 4.1 41: 2.1 
2: .121 22: 1212 42: 2.2 
334% 22. 23: 12.2 43: 2.21 
ee a ee 24: 12.1 44: 2.22 
ee eee 25: 11.41 45: 2122 
6: . 112 26: 11.2 46: 2121 
Yrs eee 27: 1112 47: 212. 
Oe .e dea 28: 1111 48: 211. 
9 oD -1 29: 111. 49: 2111 
10: .2. 2 30: 112. 50: 2112 
11: .212 31: 1121 51: 21.2 
12: .211 32: 112 2 562: 21.1 
13%) 2 1. x 33: 1.22 63: 22.1 
14: .22 34: 1 21 564: 22. 2 
15: .221 35: 1.2. 55: 2212 
16: .222 36: 1.1. 56: 2211 
17: 1222 37: 1.11 67: 221. 
18: 1221 38: 1.12 58: 222. 
19: 122 39: 2.12 59: 2221 
20: 121 40: 2.11 60: 222 2 


Figure 12.7-A: Gray codes for strings with no two successive zeros: length-3 radix-4 (left), and length-4 


radix-3 (right). Dots denote zeros. 


A Gray code for the length-n strings with radix (r + 1) and no two successive zeros (see figure}12.7-A) is 
obtained by the recursion for the list Z,(n) as follows: 


01. Z,(n— 2) 01.Z2(n —2) 
02. ZR(n—2) 02. Z,(n — 2) 
03. 2Z,(n— 2) 03. ZR(n—2) 
04. Z%(n — 2) 04. Z,(n — 2) 
05. Z,(n — 2) 05.Z%(n —2) 
Z,(n) = [Or.Z®(n—2)] for r even, Z,(n) = [Or.ZP(n—2)] for r odd. (12.7-1) 
1.Z2(n—-1) 1. Z,(n—1) 
2.Z,(n—1) 2.Z%(n—-1) 
3.ZF(n—1) 3.Z,(n—1) 
4.Z,(n—1) 4, ZB (n—1) 
r.ZR(n—1) r.Z,(n—1) 
An implementation is given in [FXT: comb/ntz-gray-demo.cc): 
ulong n; // number of digits in words 
ulong *rv; // digits of the word (radix rt1) 
long r; // Forbidden substrings are [r, x] where x!=0 
void ntz_rec(ulong d, bool z) 
if (d>=n ) visit; 
else 
bool w= 0; // r-parity: w depends onz... 
if ( rei) we !z; // ... if r odd 
if (z) 
{ 
// words OX: 
rv[d] = 0; 
if ( d+2<=n ) 
for (long k=1; k<=r; ++k, w=!w) { rv[d+i]=k; ntz_rec(d+2, w); } 


} 


else 


ntz_rec(d+1, w); 


[fxtbook draft of 2008-January-19] 


12.8: Binary strings without substrings 1x1 295 


w= !w; 
} 
w “= (r&1); // r-parity: change direction if r odd 
// words X: 
for (long k=1; k<=r; ++k, w=!w) { rv[d]J=k; ntz_rec(d+1, w); } 
} 
else 
// words X: 
for (long k=r; k>=1; --k, w=!w) { rv[d]=k; ntz_rec(d+1, w); } 
w “= (r&1); // r-parity: change direction if r odd 
// words OX: 
rv[d] = 0; 
if ( d+2<=n ) 
for (long k=r; k>=1; --k, w=!w) { rv[d+i]=k; ntz_rec(d+2, w); } 
} 


else 


ntz_rec(d+1, w); 
w= !w; 
} 


With r = 1 we obtain the complement of the minimal-change list of Fibonacci words. Let z,(n) be the 
number of words W,(n), we find 


a(n) = rz-(n-—1)+rz,-(n—-1) (12.7-2) 
where z,(0) = 1 and z,(1) =r+1. The sequences for r < 5 start 

n: Ol 2 3 4 5 6 7 8 9 10 11 

r=1: 12 3 5 8 13 21 34 55 89 144 233 
r=2: 13 8 22 60 164 448 1224 3344 9136 24960 68192 
r=3: 14 15 $57 216 819 3105 11772 44631 169209 641520 2432187 
r=4: 15 24 116 560 2704 13056 63040 304384 1469696 7096320 34264064 
r=5: 16 35 205 1200 7025 41125 240750 1409375 8250625 48300000 282753125 


These (for r < 4) are the following entries of [214]: r = 1: A000045; r = 2: A028859; r = 3: A125145; 
r = 4: A086347| The generating function for z,(n) is 


> 2(n)2” = aS (12.7-3) 


l-rz-r2z 


12.8 Binary strings without substrings 1x1 


A Gray code for binary strings with no substring 1x1 is shown in figure The recursive structure 
for the list V(n) of the n-bit words is 


(100.V(n—3)  ] 
Vin) = [1100.V8(n—4)] (12.8-1) 
(0. V(n—1) ] 
The implied algorithm can be implemented as [FXT: comb/nolx1-gray-demo.cc): 


ulong n; // number of bits in words 
ulong *rv; // bits of the word 


void no1lx1_rec(ulong d, bool z) 


if ( d=n ) { if ( d<=n+2 ) visit(); } 
else 


if (z) 


[fxtbook draft of 2008-January-19] 


296 Chapter 12: Gray codes for strings with restrictions 


Dit a ss Essie earner ee 1 

ee x eee ee 

byitl lis de atic. ered saue A wiah arias Gi ee eer 
B55, :8 4] aus poate sod. esaehane VAT ate eevee eoseide ddd oie eel ee eats ee dd 

sede Getieicdriens Todds ceed le re ree eee ens ee 

i Res eee Pde Wes Lee secs Theale. 

Wide deeds Decl 1d de ed 
ss Riemcie eos eeeiaedote Aeneas, Shoe Mie loners aoeeeme mere 111111111111111111111111 
sisuh Hi Sete @PanGnsr aes sdesnei eens wea enact a 111111111111111111111111..........0000. 
es tnt aches gore aloe Metal APT Ds es eee ea aioe ea aie aes ea ae 
drd ieluey suoguetonss DDT Da se ec sre acerca ieran paces eeaaeie. b Srdsens grace eheie oven ba 
oe aca tapeerts cM Le igre ri sori eetsreteiossayrorsneneieeta Megara sores a Fes Oe es Ip Ee eer ereer erearer ee slenarener 
Suahe: ded Wastteiortinadee oc sia Peer eeecsarierer ee Oy eeeiorertar sipetaetverteciae st dieeearabeoes 
TAS snisos. soey 1111 aig eee 8 dss o-9 ee Sneee 111 VAD ob geecsete ears 11 
11. co ted TTT an Re oe peer aera et re Ey [pene 11. dl 


Figure 12.8-A: The length-8 binary strings with no substring 1x1 (where x is either 0 or 1): lex order 
(top) and minimal-change order (bottom). Dots denote zeros. 


{ 
rv[d]=1; rvfdti]=0; rv[d+2]=0; noixi_rec(d+3, z); 
rv[d]=1; rvfdtiJ=1; rvfd+2]=0; rvf[d+3]=0; nolxi_rec(d+4, !z); 
rv[d]=0; noixi_rec(dt+1, z); 
else 
rv[d]=0; noixi_rec(dt+1, z); 
rv[d]=1; rvfdtiJ=1; rv(d+2]=0; rvfd+3]=0; nolxi_rec(d+4, !z); 
rv[d]=1; rvfdti]=0; rv[d+2]=0; noixi_rec(d+3, z); 
} 
} 
} 
The sequence of the numbers v(n) of length-n strings starts as 


Nn; 01234 5 6 7 8 9 10 11 12 13 14 15 16 17 
v(n): 12469 15 25 40 64 104 169 273 441 714 1156 1870 3025 4895 


This is entry |A006498) of [214]. The recurrence relation is 


vin) = v(n—1)+v(n—- 3) 4+ v(n—- 4) (12.8-2) 
The generating function is 
_ ~ l+a+2a?+4+23 
20 See (12.8-3) 


12.9 Binary strings without substrings Ilxyl 


Figure shows a Gray code for binary words with no substring lxyl. The recursion for the list of 
n-bit words Y(n) is 


[(1000.Y¥(n—4)  ] 
(101000. Y®(n —6)| 
Y(n) = [111000.Y(n—6) ] (12.9-1) 
(11000. Y®(n—5) ] 
[0. ¥(n—-1) ] 


An implementation is given in [FXT: comb/nolxyl-gray-demo.cc!: 


void Y_rec(long pi, long p2, bool z) 


if ( pi>p2) { visitQ; return; } 


[fxtbook draft of 2008-January-19] 


12.9: Binary strings without substrings lxy1l 297 


ES ry reece rene ne ore ee 1 11111111111111111111111111111111111111 


111111111111411111111111111 
UB es Bs ss Bs Es sa sss Bs Us Us Ks BBO Ti: ss Es Ws Ba sss ss Uap eng 
fod so aplediat Sivessacse-to Serra sage Na deretal ch seagate uaganece set eaae: fa, a deeeene. S eB Bs Ty De se i ns es it Pe es Ess iss EL tm a ne er 


Sneed Ae aiie ena aren Sina se get a sdara te fect eee wae teed ee ies (Osea aera warsay gate ne cago aman Se euteice ay oe Meters ot ane Me Wants an Maeanat tate eet 11111111 
Pera dea h Sco aa teaara eee i si es me a rc or re Gt GF et 
111 1 11.. 


Figure 12.9-A: The length-10 binary strings with no substring lxyl (where x and y are either 0 or 1) 
in minimal-change order. Dots denote zeros. 


#define Si(a) rv[p1t+0]l=a 

#define S2(a,b) S1(a); rv[pi1+1]=b; 

#define S3(a,b,c) S2(a,b); rv[p1t+2]=c; 

#define S4(a,b,c,d) S3(a,b,c); rv[pi+3]=d; 

#define S5(a,b,c,d,e) S4(a,b,c,d); rv[pi+4]=e; 
#define S6(a,b,c,d,e,f) S5(a,b,c,d,e); rv[pit5]=f; 


long d = p2 - pl; 

- Cz) 
if (d>=0) f{ 8$4(1,0,0,0); Y_rec(pit4, p2, z); } //1000 
if (d>=2) { S6(1,0,1,0,0,0); Y_rec(pi+6, p2, !'z); } //101000 
if (d>=2) { S6(1,1,1,0,0,0); Y_rec(pi+6, p2, z); } //111000 
if (d>=1) { $5(1,1,0,0,0); Y_rec(pit5, p2, !z); } //11000 
if (d>=0) { S1(0); Y_rec(pit+1, p2, z); } // 0 

a 

else 
if (d>=0) f{ 81(0); Y_rec(pit+1, p2, z); } //0 
if (d>=1) { $5(1,1,0,0,0); Y_rec(pi+5, p2, !z); } //11000 
if (d>=2) { S6(1,1,1,0,0,0); Y_rec(pi+6, p2, z); } //111000 
if (d>=2) { S6(1,0,1,0,0,0); Y_rec(pi+6, p2, !z); } //101000 
if (d>=0) f{ 8$4(1,0,0,0); Y_rec(pit4, p2, z); } //1000 

} 


} 


Note the conditions if ( d>= ? ) that make sure that no string appears repeated. The initial call is 
Y_rec(0, n-1, 0). The sequence of the numbers y(n) of length-n strings starts as 


n: 0123 4 5 6 7 8 9 10 11 12 13 14 15 16 17 
y(n): 12 4 8 12 17 25 41 69 114 180 280 440 705 1137 1825 2905 4610 
The generating function is 


ltao+2e7+47°+32414+22° 


sya = (12.9-2) 


1—x—at—275 —22% 


No substrings 1x1 or lxy1 


A recursion for a Gray code of the of n-bit binary words Z(n) with no substrings 1x1 or 1xyl (shown in 
figure |12.9-B) is 


[(1000.Z(n—4) ] 
Z(n) = (11000. Z®(n—5)] (12.9-3) 
[0 . Z(n—1) ] 


The sequence of the numbers z(n) of length-n strings starts as 


[fxtbook draft of 2008-January-19] 


298 Chapter 12: Gray codes for strings with restrictions 


oe ded Gnedan DUA D2 Sess hic evayscy guna laren ins addenda ate pas ford SaoeaeMemebsanarae used A Mogey acandete, arewanicrenauasaners 1d Ie 
ae TAA send aside are tah epeeaue nse tae aed edad sie aeae dae as 
pe MDD aise, day tue goa senanen saint 2 lie ee ee sO I era Us eee PDT ob coe Sues Tt ace tara : fabs eee 


VA eeccine aes Vad dis 8 Sa ech sda Weide eas. jo Lanner Ts ciiee as 1422427 


Figure 12.9-B: A Gray code for the length-10 binary strings with no substring 1x1 or 1xyl. 


n: 01234 5 6 7 8 910 11 12 13 14 15 16 17 

z(n): 1246 8 11 17 27 41 60 88 132 200 301 449 669 1001 1502 
The sequence is (apart from three leading ones) entry A079972 of where two combinatorial inter- 
pretations are given: 


Number of permutations satisfying -k<=p(i)-i<=r and p(i)-i not in I, i=1..n, 
with k=1, r=4, I={1,2}. 
Number of compositions (ordered partitions) of n into elements of the set {1,4,5}. 


The generating function is 


oo 1 9 2 ) 3 4 
ane” = FEAL + LE + £ (12.9-4) 


l—-a—at—2> 


n=0 


[fxtbook draft of 2008-January-19] 


299 


Chapter 13 


Parenthesis strings 


13.1 Co-lexicographic order 


1: (€C(CQ))))) 14141..... 22: (O)COQO) 11..11.1.. 
2: ((C()Q))) A1dt.1.... 23: OQOCOQO) 1.1.11.1.. 
3: (COCQO))) A114.11.. 24: (€02)))(Q) 111...41.. 
4: (QOC(Q))) 14.411.. 25: (OQO)(Q) 11.4..11.. 
5: OCCCQO))) 1.1111.. 26: OCO)CQ) 1.11..411.. 
6: (((Q)Q)) 11411..4... 27: (OOO) 11..4.41.. 
7: (COOQO)) 114.1.1... 28: OOOO) 1.1.1.11.. 
8: (OCQOQO)) 11.14.41... 29: (((QO)))Q 1111....1. 
9: OCOQO)) 1.114.14... 30: (CQQO))Q 1114.4...1. 
10: ((QO)(Q)) 114..41... 31: (OCO))QO 11.11...1. 
114: (COQOCQO)) 11.14.11... 32: OC(O))O 1.111...1. 
12: QOCOCQ)) 1.41.11... 33: (CO)O)O 111..1..1. 
13: (O)CCOQ)) 11..141... 34: (OOQO)QO 11.1.1..1. 
14: QOQOCQO)) 1.4.111... 35: OCOO)QO 1.11.1..1. 
15: ((€Q))Q) 1141...4.. 36: (O)CQO)QO 11..11..1. 
16: (COQO)QO) 114.1..1.. 37: OOCO)QO 1.1.11..1. 
17: (COCO)QO) 11.11..1.. 38: (CO)OQO 111...4.1. 
18: OCCO)QO) 1.411..1.. 39: (OOOO 11.1..1.1. 
19: (CO)VOQO) 114..4.4.. 40: OCO)JOQO 1.11..14.1. 
20: (OOQOQ) 11.1.1.1.. 44: (OVOQOQO 11..1.1.1. 
2a: OCOOQ) 1.11.1.1.. 42: OQOOOOQO 1.1.1.1.1. 


Figure 13.1-A: All (42) valid strings of 5 pairs of parenthesis in colex order. 


An iterative scheme to generate all valid ways to group parenthesis can be obtained from a modified 
version of the combinations in co-lexicographic order (see section on page|167). For n = 5 pairs the 
possible combinations are shown in figure|13.1-A} This is the output of [FXT:|comb/paren-demo.cc . 


Consider the sequences to the right of the paren strings as binary words. Whenever the leftmost block 
has more than one bit then its rightmost bit is moved one position to the right. If the leftmost block 
consists of a single bit then the bits of the longest run of the repeated pattern ‘1.’ at the left are gathered 
at the left end and further, the rightmost bit in next block of ones (which contains at least two ones) is 
moved by one position to the right and the rest of the block is gathered at the left end (see the transitions 
from #13 to #14 or #36 to #37). 


A sentinel x[k] is used to save one branch with the generation of the next string [FXT: class paren in 
comb/paren.h): 


class paren 

{ 

public: 
ulong k_; // Number of paren pairs 
ulong n_; // ==2*k 


[fxtbook draft of 2008-January-19] 


300 Chapter 13: Parenthesis strings 


ulong *x_; // Positions where a opening paren occurs 

char *str_; // String representation, e.g. "((Q)Q)0" 
public: 

paren(ulong k) 

{ 


k_ = (k>1 7k: 2); // not zero (empty) or one (trivial: "()") 
n_=2 * k_; 
x_ = new ulong[k_ + 1]; 


x_[k_] = 999; // sentinel 


str_ = new char[n_ + 1]; 
str_[n_] = 0; 
first(); 
} 
~paren() 
delete [] x_; 


delete [] str_; 


void first() ‘{ for (ulong i=0; i<k_; ++i) x_[i] = i; } 
void last() { for (ulong i=0; i<xk_; ++i) x_[i] = 2*i; } 
[--snip--] 


The code for the computation of the successor and predecessor is quite concise: 
ulong next() // return zero if current paren is the last 


// if ( k_==1 ) return 0; // uncomment to make algorithm work for k_== 
ulong j = 0; 
i ( x_[1] == 2 ) 


// scan for low end == 010101: 


j= 25 
while ( (j<=k_) && (x_[j]==2*j) ) ++j; // can touch sentinel 
if ( j==k_ ) { first(); return 0; } 

} 


// scan block: 

while ( 1 == (x_[j+1] - x_[j]) ) { ++j; } 

++x_[j]; // move edge element up 

for (ulong i=0; i<j; ++i) x_[i] = i; // attach block at low end 
return 1; 


} 


ulong prev() // return zero if current paren is the first 


// if ( k_==1 ) return 0; // uncomment to make algorithm work for k_== 
ulong j = 0; 

// scan for first gap: 

while ( x_[j]==j ) ++j; 


if ( j==k_ ) { last(Q); return 0; } 
if ( x_[j]-x_[j-1] == 2) --x_[j]; // gap of length one 
else 
ulong i = --x_[jl; 
aad 
--i; 
// j items to go, distribute as 1.1.1.11111 
for ( ; 2*i>j; --i,--j) x_[j] =i; 
for ( ; i; --i) x_[i] = 2*i; 
x_[0] = 0; 
return 1; 
} 
const ulong * data() { return x_; } 
[--snip--] 


The strings are set up on demand only: 


const char * string() // generate on demand 


[fxtbook draft of 2008-January-19] 


13.2: Gray code via restricted growth strings 301 


for (ulong j=0; j<n_; ++j) str_[j] = ’)’; 
for (ulong j=0; j<k_; ++j) str_[x_[j]l] = ’C; 
return str_; 
} 
33 


The 477,638,700 paren words for n = 18 are generated at a rate of about 65 million objects per second. 
Section on page [74] gives a bit-level algorithm for the generation of the paren words in colex order. 


13.2 Gray code via restricted growth strings 


1: [ 0, 0, 0, 0, ] QOQ00 1.1.1.1. 
2: C0, 0, 0, 1, ] OOO) 1.1.11. 
3: EO, 0, 25.05. J QQ) 0 1.11..1 
4: C0, 0, 1, 1, ] OCOO) 4.14.1... 
5: £050, 25.2, 4 O((O)) 1.141... 
6: C0, 1, 0, 0, J CQOIOO 11..1.1. 
v: C0, 1, 0, 1, ] CQ) (QO) 11..41. 
8: L Os dy ts-0,. J COQ) 0 1151...1 
9: PO. dy ty td COOQO) 11.1.1 
10: [0, 1, 1, 2, ] CO(QO)) 11.11 
11: C0, 1, 2, 0, ] (QO 111...1 
12: CO, 1, 2, 1, J (CQ) 0) 111..1 
13: LO, 1, 2, 2, J (CO O)) 111.1 
14: [0, 1, 2, 3, ] C(CO))) 1111 


Figure 13.2-A: Length-4 restricted growth strings (left), and the corresponding paren strings (middle) 
and delta sets (right). 


The valid paren strings can be represented by sequences ao, @1, ..-, @, where ag = 0 and ax < ag_y +1. 
These sequences are examples of so-called restricted growth strings (RGS). Some sources use the term 
restricted growth functions. The RGSs for n = 4 are shown in figure [13.2-A] A RGS can be incremented 
by incrementing the highest (rightmost in figure [13.2-A) digit a; where a; < a;_1 and setting a; = 0 for 
alli > j. A decrement is obtained by decrementing the highest digit a; 4 0 and setting aj = aj_1 +1 for 
alli >. 


The RGSs for a given n can be generated as follows [FXT: class catalan in comb/catalan.h): 


class catalan 
// Catalan restricted growth strings (RGS) 


// By default in near-perfect minimal-change order, i.e. 
// exactly two symbols in paren string change with each step 


Leave: 
int *as_; // digits of the RGS: as_[k] <= as[k-1] + 1 
int *d_; // direction with recursion (+1 or -1) 
ulong n_; // Number of digits (paren pairs) 
char *str_; // paren string 
bool xdr_; // whether to change direction in recursion (==> minimal-change order) 
int dr0_; // dar0: starting direction in each recursive step: 
// dr0=+1 ==> start with as[]=[0,0,0,...,0] == "QQOQ...0O" 
// dr0=-1 ==> start with as[]=[0,1,2,...,n-1] == "((( ... )))" 
public: 
catalan(ulong n, bool xdr=true, int dr0=+1) 
: n_(n) 
as_ = new int[n_]; 
d_ = new int[n_]; 
str_ = new char[2*n_+1]; str_[2*n_] = 0; 
init(xdr, dr0); 
} 
~catalan() 


[fxtbook draft of 2008-January-19] 


Chapter 13: Parenthesis strings 


302 


N N N N N N N 


PON ODNONIODNONIODRN ONION ONION ON ONION ONION ON ODN ON ONION ON ODN ON ON ONION ON ON ON ON ON ON ON ON ON ION ON ON ON TN OS 


ere wm —w~wwoww~w SEO SH MM RRR IRI INI IN IN IN INI OO 
eweoOrers_eows>sovoe>< 0 O—OO0000"""" O_>E>oeer"rseseeewm>ss>S E>) 000000 o2E00 0” O*?>EO>*OWO0ONMC OME 


eo. dt 6 © © © ada 6 eri wrt 8c ew tw ew radi se dod ee ee ado 

ee ee i ee er | 
| a ee ee i ee en er sd 
Cs Be Be i ee soe at ts teri 

Se I I Be re ar a ae er ee ee Oe 
Ba ee es Be ee Be ae a ee eB Be | 
Be Be ee Be ee Be 
Ba ra re a ee Be ee Be 
Br Be De Br er a er BD 


SY YOY BR RB RR RRR RR MMM MIM RRR RABIN IR IRR OOeOeaeespsrea_—=anaesee 
IW SY RI ERERERNTEIRNER ERNIE RNR NOOO esses 0 2 )80 eee 
WSS WG GB WOW HY YI IDV IR IIANIIRNVEANEINEINEINEN INN NIN 
em ES e~_se—ame—amee_seeaesaeesaes ae ese ee eeeeeseesaes rm e>esree>saaeeasaeesaaea< eases ses esas rere es oa~se—_— — YY 


mM MMMM Mmmm mamma mamma mm mmm mmo mmm rrr 
1 a a a a a a 
LT a a a a ee 
Prob t t bt bobeobeot tt tet teotobe tet a 
Prob t t bo bob bette bt te tobe bob be tt Prob bt bt bobo te tet bt tobe te be tbe ttt 
Prob tt bt bobeobe tet tt tobe bob be tt Prob bt bt bebo tobe tt bot tobe be te tet 


toro 
toil 
'oiod 
DS a a a a a a a a a a a a a 


Cn [ee Ue DU UU DU | DU DU | UU Ue DU DU 
PFONONTHODANMNNTDHOOHHOOTHNANMNNTHOOAHNTDAOCOOTHNTHOOTHNMNNTHOONM 
MMMMIMANNNATDAHAHAOODOOCOHAANANNN DAH HOCOOHAANNANNN TAA HOO 
NANANNNANNNANANNANNANNAN SAP AA AAA HHODCOCOCOCCOCOOCON Nn HAHAH HHdH 
DODDDVDDDDVDDDDVDDDWVDDDVDODODOVDOVOOOOOOOOOCOOCOOOCCO0OO 


oe | | | | | | | | | | | | | | | CO | 


From left to right: restricted 


Figure 13.2-B: Minimal-change order for the paren strings of 5 pairs. 


growth strings, arrays of directions, paren strings, delta sets, and difference strings. If the change is not 
adjacent, then the distance of changed positions is given at the right. The order corresponds to dr0 


=-1, 


[fxtbook draft of 2008-January-19] 


303 


13.2: Gray code via restricted growth strings 


N N N N N ie) N N 
PONE NER NO NO NE NE EN OE LE NN RE NE NE ORE OE NL NE RE NE NE NE RE AL RE NE, EE SE AE NEN 
MAN MY MRT MRR SM RSM RRR RN WM MRR RRR NSM IRR SM ITT 
fa ce ies Ta aio ea ie a a en el oe io a hu Las ain os LOAN Lacan ho te hata habe La 
ett a La ites Tas tes ha Pann tt 2. ates hao a ho Laan ha LON eo LN ats bette le 


ms: i er rs an: ars es we ew ars 6 8 ew ee a ee | 
os ee | ee a a a i es 
Oe ee Oe ce Paar a 
i re Md se ee ew ew aes es Oe | 
Be ie ie Be So ee ee CIs ee ee Be ee Bo Be 
a. Wie 8: Mes 28 Be i a Be BB 
Be Be ee ee 
ni a Cs a Ce a Br rr ee ee 
i De rr rr ee ee ee 


LR2>WEOESF RR ROY ~YMHK RRA ROM HKY RMA RRARAY OOO RRO ESE IRI], ROSS” 
SHY HY MOY RR RAR RA RAR RR SY MM RRR RYO MOY RRR RRO 
LOSER ROR ORO I SII RRR RII RRO emery TR IR IR IR 
II WWW WOOO WW HY IYI DIR IIR EIRNIEIRNEINERNEIN EINE 
LONNIE ERNE REN ER NON ON ON NO NOOO O——E—NOE0NeOEe ss OSs 200000 0" v_|»s>Pest 
ONO OEE aR ms a_EROeaE_ Ema _OEea_T_EOeTEOe_CEOe—_T_ ereTEOe ee e_ e* ses > 0°00 0°; 00 0 0 000 0 80000000000 2S ee0@™"”"—"-rrspee 


mare eee eee eee nee oer 
So a 
a a 
t+ttt¢ztz+erertrteteec btebet tt be tb bee aa 
tHe tee tte ett tte ettetteetteeteettgeeteett¢est 
tHE HEHEHE HHH HHH HH Hee tte etteeteetteeteettest 


DY I I a I I PS I PS PS 


Ce [ee Ue ee DU UU DU | LU DU | UU Ue DU Ue UL 
DANTHDOANMNNTDHOOHHOOANNNTHOOANMNHTMONNTDHOOTHNTAHOONNAHO 
DOAAANNNN ATA HODDCOHAANANNMNMNMMMINANN ATH HOOCOOnAS 
DODO OAHAAAHAAAHAANANANNNANNANNANNNANNANN SR AAA AAA HOOCOCOO 
DOWDDWDDDDDWVDDDVDDDVDDDWVDDDOVDGVODOOOVOOOOCOOOCOOOCOC0CO 


ee ee ee | | | | | | | | | | | | | | | | | 


From left to right: restricted 


Figure 13.2-C: Minimal-change order for the paren strings of 5 pairs. 


growth strings, arrays of directions, paren strings, delta sets, and difference strings. If the change is not 
adjacent, then the distance of changed positions is given at the right. The order corresponds to dr0 


=+1, 


[fxtbook draft of 2008-January-19] 


304 Chapter 13: Parenthesis strings 


delete [] as_; 

delete [] d_; 

delete [] str_; 
} 


void init(bool xdr, int dr0) 
{ 


dr0_ 
xdr_ 


( (dr0>=0) ? +1: -1 ); 
xdr; 


ulong n = n_; 
if ( dr0O_>0 ) for (ulong k=0; k<n; ++k) as_[k] 
else for (ulong k=0; k<n; ++k) as_[k] 


for (ulong k=0; k<n; ++k) d_[k] = dr0_; 


} 

bool next() ‘{ return next_rec(n_-1); } 

const int *get() const { return as_; } 

const char* str() ‘{ make_str(); return (const char*)str_; } 
[--snip--] 


The minimal-change order is obtained by changing the ‘direction’ in the recursion, an essentially identical 


mechanism (for the generation of set partitions) is shown in chapter [15] on page The function is 
given in [FXT: \comb/catalan.cc): 


bool 
catalan: :next_rec(ulong k) 


{ 
if ( k<1 ) return false; // current is last 
int d = d_[kl; 
int as = as_[k] + d; 
bool ovq = ( (d>0) ? (as>as_[k-1]+1) : (as<0O) ); 
if ( ovq ) // have to recurse 


ulong nsi = next_rec(k-1); 
if ( O==nsi ) return false; 
d = ( xdr_ ? -d:: drO_ ); 
d_[k] = d; 


as = ( (d>0) ? 0 : as_[k-1]+1 ); 


as_[k] = as; 
return true; 
} 
The program [FXT: comb/catalan-demo.cc) demonstrates the usage: 


ulong n = 4; 
bool xdr = true; 
int drO = -1; 


catalan C(n, xdr, dr0O); 
do 


// visit 
while ( C.next() ); 


About 67 million strings per second are generated. Figure |13.2-B]shows the minimal-change for n = 5 
and dr0=-1, figure |13.2-C/shows the order for dr0=+1. 


More minimal-change orders 


The Gray code order shown in figure }13.2-D]can be generated via a simple recursion: 


ulong n; // Number of paren pairs 
ulong *rv; // restricted growth strings 


void next_rec(ulong d, bool z) 


if ( d==n ) visit(); 
else 


[fxtbook draft of 2008-January-19] 


305 


13.2: Gray code via restricted growth strings 


Ss oe oe oe oe ee 
Be a Ba Be DB Be Do ee ee | 
MN 


DHOOHANHOOANTHOOAHNMNOHANHO 
ANAAHOOCOCOKHHANNANNANNAHAHOO 
ANNANNANNANAN SA AAA HHOOCCOO 
Sos pashan ban hasan hae ban as han ban bashes bashes ean hon bas bashes hae 
elolelelololololelolololololelelelolelole) 


AMNPOOROKDOAAMHOORORDOHN 
NANNANANANAN MMM MOM OOM ONO SSH 
ott dd do ee 
ade: Oe ee 
wivirt se 6 or ee eve sdis ie | 
oo | ers aes 
Be BD De Se ee 


oe) ee ie Be er Be Be Da ee ee ee . 
Bar Be Ba Da De Da De ee ee | 


Be a a BB Be DB Ba Da ee ee ee 


DANHOMNNAOCOHNHOOHNAMHON 
COTA ANANANNAHHAOOMMMMMAN 
COOCOOANMAAAHAAHAANNANANNNANAAN 
lelolelelelololeloeleleleoleleo) baba hm hm bm hm! 
lelololelololelololclololololololelolololo) 


ANMAPLOON ONDOANMHLOOF ORDO 
ANH HHHHNN 


Figure 13.2-D: Strings of 5 pairs of parenthesis in a Gray code order as generated by a recursive 


algorithm. 


{ 


// left neighbor 


const long rvi = rv[d-1]; 


if ( 0==z ) 


// forward 


0; x<=rviti; ++x) 


for (long x 


rv[d] = x; 


(d+1, (x&1)); 


next_rec 


// backward 


0; --x) 


for (long x=rvit1; x> 


rv[d] = x; 


!(x&1)); 


(d+1, 


next_rec 


About 81 million strings per second are generated [FXT: 


The initial call is next_rec(0, 0);. 
comb/paren-gray-rec-demo.cc). 


ee ee ori ee we ee Oe ee 
oe i ey ee er) 
er er) a ee 
Se dao 
ee ee ce i en 
Oe Oe ee 
Cs rs se ee Be ee 
Be ee ee Oe ee ee 
ee ee 


er oso 6 © ew SS ee eer . 
ee 
ee er 
. ee ee Be . oe ee - . ee | 
ands ts terri st st Be 
es 8 8 ee i ee Be ee De 
Be 
CD 4 


OOOO 0 OO OO 
ANMHOORODOHDOANMNHOORK ODO 


Figure 13.2-E: Strings of 5 pairs of parenthesis in Gray code order as generated by a loopless algorithm. 


[fxtbook draft of 2008-January-19] 


306 Chapter 13: Parenthesis strings 


An loopless algorithm (that does not use RGS) given in [225] is implemented in [FXT: class paren gray 
in|comb/paren-gray.h|. The generated order for five paren pairs is shown in figure|13.2-E] About 54 mil- 
lion strings per second are generated [FXT: comb/paren- ee demo.cc,. Still more algorithms for the 


parentheses strings in minimal-change order are given in [69) , and [249] 

0: ... 1411 == (((0))) 

1: ..-4.111 == (C(OQ)) = ...11... 
2: ..-44.11 == (O(Q)) = ...-14.. 
3: ..-4411.1 == OCCO)) 7a ..... 11. 
4: 21.14.21 == OCOQ) = ..11.... 
5: wed Aad == 3CO1O'O) TH bse 14 
6: ..1..141 == (C(O) QO) 7 Jit... 
7: .1...411 == ((O))Q “= .11..... 
8: .1..4.141 == (OQ)Q 7 14. 
9: et..42.1 == OCO)Q = ..... 11. 
10: el.t-4-.2 == QQOQQ “= ...11... 
11: .11.4.1 ==§ OOCQ) = .11..... 
12: 11..11 == (Q)(Q) T= ..... 11. 
13: 1.24..41 == (OIOQOQ = .11..... 


Figure 13.2-F: A strong minimal-change order for the paren strings of 4 pairs. 


For even values of n it is possible to generate paren strings in strong minimal-change order where changes 
occur only in adjacent positions. Figure |13.2-F|shows an example for four pairs of parens. The listing 


was generated with [FXT: graph/graph-parengray-demo.cc that uses directed graphs and the search 
algorithms described in chapter |19}on page]355| 


13.3. The number of parenthesis strings: Catalan numbers 


The number of valid combinations of n parenthesis pairs is 


2n 2n+1 2n—2 
Cy, = ee) = ( n ) = (ey = (° ") = ( 2n ) (13.3-1) 
n+1 2n+1 n n n—-1 
as nicely explained in p.343-346]. These are the Catalan numbers, sequence |A000108 of [214]: 
n: Ch n: Ch n: Cy 
a 1 11: 58786 21: 24466267020 
2: 2 12: 208012 22: 91482563640 
3: 5 13: 742900 23: 343059613650 
A: 14 14: 2674440 24: 1289904147324 
5: 42 15: 9694845 25: 4861946401452 
6: 132 16: 39357670 26: 18367353072152 
ike 429 17: 129644790 27: 69533550916004 
8: 1430 18: 477638700 28: = 263747951750360 
9: 4862 19: 1767263190 29: 1002242216651368 
10: 16796 20: 6564120420 30: 3814986502092304 


The Catalan numbers are generated most easily with the relation 


2(2n+1) 
a = L. 13.3-2 
Ch41 5 C (13.3-2) 
The generating function is 
1-y1-4 
C(x) = <= 25 6.¢ = l+at2a?4+50%+4 1404442254... (13.33) 


n=0 


[fxtbook draft of 2008-January-19] 


13.4: Increment-i RGS and k-ary trees 307 


One further has the convolution property [x C(«)] = x + [x C(«)|° 


n-1 


Cy = SC. a8 (13.3-4) 
k=0 


13.4 Increment-i RGS and k-ary trees 


13.4.1 Generation in lexicographic order 


1: [0000] 21: [0121] 41: [0223] 
2: L0O001] 22: [0122] 42: [0224] 
3: [0002] 23: [0123] 43: [0230] 
4: [0010] 24: [0124] 44: [0231] 
5: [CL0011] 25: [0130] 45: [0232] 
6: [0012] 26: [0131] 464: [0233] 
7 £0013] 27: [0132] 47: [0234] 
8: [0020] 28: [0133] 48: [0235 ] 
9: [0021] 29: [0134] 49: [0240] 
10: [0022] 30: [0135] 50: [0241] 
114: [0023] 31: [0200] 51: [0242 ] 
12: [0024] 32: [0201] 52: [0243 ] 
13: [0100] 33: [0202] 53: [0244 ] 
14; [0101] 34: [0210] 54: [0245 ] 
15: [0102] 35: [0211] 55: [0246 ] 
16: [0110] 36: [0212] 

17: LoO111] 37: [0213] 

18: [0112] 38: [0220] 

19: [0113] 39: [0221] 
20: [0120] 40: [0222] 


Figure 13.4-A: The 55 increment-2 restricted growths strings of length 4. 
We now allow an increment of i in the restricted growth strings (i = 1 corresponds to the paren RGS of 
section |13.2). Figure |13.4-A] shows the increment-2 restricted growths strings of length 4. The strings 
can be generated in lexicographic order via [FXT: class rgs_binomial in |comb/rgs-binomial.h). 


class rgs_binomial 


// Restricted growth strings (RGS) s[0,...,n-1] so that s[k] <= s[k-1]+i 
Lite: 
ulong *s_; // restricted growth string 
ulong n_; // Length of strings 
ulong i_; // s([k] <= s[k-1]+i 
[--snip--] 


ulong next() 
// Return index of first changed element in s[], 
// Return zero if current string is the last 


ulong k = n_; 
start . 
if k==0 ) return 0; 
ulong sk = s_[k] + 1; 
ulong mp = s_[k-1] + i_; 
if ( sk > mp) // "carry" 
s_[k] = 0; 
goto start; 
} 
s_({k] = sk; 
return k; 
[--snip--] 


[fxtbook draft of 2008-January-19] 


308 Chapter 13: Parenthesis strings 


The rate of generation is about 129 M/s for i = 1 (corresponding to paren strings), 143 M/s for 7 = 2, 


and 156 M/s with i = 3 [FXT: |comb/rgs-binomial-demo.cc . 


13.4.2 The number of increment-: RGS 


The number C,,,; of length-n increment-? strings equals 
(O40 ”) 
Cag = ~“* 13.4-1 
a ( ) 
A recursion generalizing relation |13.3-2] is 


Tear (G+ 1) n+ ky 


Craii = (+1) Chi (13.4-2) 
The sequences of numbers of length-n strings for i = 1, 2,3,4 start 
n: 12 3 4 5 6 7 8 9 10 11 
i=1: 12 5 14 42 132 429 1430 4862 16796 58786 
i=2: 13 12 1428 7752 43263 246675 1430715 8414640 
i=3: 14 22 140 969 7084 53820 420732 3362260 27343888 225568798 
i=4: 1 5 35 285 2530 23751 231880 2330445 23950355 250543370 2658968130 


These are respectively the entries |A000108, A001764, |A002293, A002294) of where combinatorial 


interpretations are given. We note that for the generating function C;(x) we have the following expression 
as a hypergeometric function (see section on page (663): 


Ci_-1(2) = ee xv” (13.4-3a) 
n=0 
1/+1), 2/@+1), 3/G@+0, ..., @+D)/G4+1)) G41) 
~ F( Q/i, 3/i, ..., t/t, (6+ 1)/i ji e) (as 3b) 


Note that the last upper and second last lower parameter cancel. Now let f;(x) := 2 C;(a*), then 
file) -—fi@)" = « (13.4-4) 


That is, f;(a) can be obtained as the series reversion of x't' — x. We choose i = 2 for an example: 


? ti=serreverse(x-x73+0(x7(17))) 
x + x73 + 3x75 + 124x77 + 55*x°9 + 273x711 + 1428*x713 + 7752*x715 + O(x717) 
? t2=hypergeom([1/3,2/3,3/3] , [2/2,3/2] ,3°3/272*x)+0(x717) 


1+ x + 3x72 + 12#x73 + 55*x74 + 273*x75 + 1428*x76 + 7752*x77 + ... + O(x717) 
? f=x*subst (t2,x,x°2); 
? ti-f 

O(x*17) \\ f£ is actually the series reversion of x-x73 
f £-£°3 

x + 0(x735) \\.... so f - £°3 == id 


We further have the following convolution property, generalizing relation |13.3-4|on the previous page, 
Chi = S- Ch, i Chai Chg, + Chi, Chessy (13.4-5) 
Jitjet+-.-+9it+I (41) =nr-1 
13.4.3 Gray code for k-ary trees 


The length-n increment-i RGS correspond to k-ary trees with n internal nodes and k = i+1. An loopless 
algorithm for the generation of a Gray code for k-ary tress with only homogeneous changes is given 


in [28]. The RGS used in the algorithm gives the positions (one-based) of the ones in the delta sets, see 
figure }13.4-B} An implementation is [FXT: class tree _gray in comb/tree-gray.h: 


[fxtbook draft of 2008-January-19] 


309 


13.4: Increment-i RGS and k-ary trees 


Pdr es 6 ee es ee Oe ee Oe Oe al 
oO er er a a aw ee avi es ee 
n oot te ew ww 4 aoe et we ee a. a 4 a ee 4 ae e 

dao a] Se | . Oe ee a] adds Oe ee a] oa 
TB + 6+ «© © 6 «6 al ee ee ee ee ee al od ee ee el 
p- i re er er ey ee a — adds eg e 
ee ee ee Se Se ee ee ee 
De ete cal ote a sae eS Mae Win er ae i me ie ae ar, ae Be te, “tee a ae le te OO ee ne ee eee eee | 
TW 6 5 6 6 6 ew ee we ww Ne ee ee 

Sr ee ee ee i re re ee ee ee 


Amo oom am tro om to eto otro oto mmo mo ooo ooo ooo ooo 


q 


CO i a a a a a a 
a ee ee eee ee 
Dtttttte te Heeeteeteteteeeeeeeegtgetgeteerrrrrrrrrrrrrrerards 
EEE E HHH EEE THEE EEE HEE EEE HEE EEE EHH EE EEE EEE EEE EE THEE ETE 


| | | | | | | | | | | | | | | | | Me 


in amma mammrmrmamamrmamarmamamammmammmmrmmmammammammmmmammmmmmmams mmm 
FESO O>.99: 00) Bani BS GO > 900 Pest 8 SO: E00. I>: 9 OD COLD 28 eH TUL SO 00. O92 C080: 0299.00 PSO: ED) 58 GAOT 00.O27.00 b= ek 


im KHER MNMNMNMNONODODODOODOOMNNMNMOAHPHHAHAIMNMNMNMNYMNMOMMONEAEAERERAPHAHAHAOWMOMNOO OW 
zi SHSGHPSHASHAHHPHPIPANANANANAANAANANAANANANANANANAN ANA OO MMMM MMM MMMM MMM OOD 
Ce ee ee ee oe eo ee oe oe oe ee eee oe he bebe bebe ee be be bee be hee be ee hee hee eee 
Q, 


LIL LL PL PE PL PE PL PL PL PL PE PL PL PL PL PLL PL LoL LL PLL LL PL Lotti 


ANMPOORDHDOANMNHNONK OD 
AAA AHH 


Figure 13.4-B: Gray code for 3-ary trees with 4 internal nodes with all changes being homogeneous. 


The left column shows the vectors of (one-based) positions, the symbol ‘A’ is used for the number 10. 


[fxtbook draft of 2008-January-19] 


310 Chapter 13: Parenthesis strings 


class tree_gray 


{ 
public: 
ulong *sq_; // sequence of bit positions (seq[]) elements \in {1,2,...,n} 
ulong *dr_; // aux: direction (dir[]) 
ulong *np_; // aux: next position (nextPos[]) 
ulong *mx_; // aux: max position (max []) 
ulong n_; // n (internal) nodes 
ulong k_; // k-ary tree 


tree_gray(ulong n, ulong k) 

{ ies 

k; 

// all arrays are one-based 

sq_ = new ulong[n_+1]; 

new ulong[n_+1] ; 

new ulong[n_+2]; // one pad element right 
mx_ new ulong[n_+1]; // unchanged in next() 
first(); 


Q 
be) 
“out 


[--snip--] 


void first(ulong k=0) 
+ 
if (k) k= 
for (ulong j=1, 
for (ulong j=0; 
for (ulong j=0; 


k 
) sq_[j] = mx_[j] =e; 
1; // “right" 

=j- 13 


e=1; j<=n_; t+j, et=k_ 

j<=n_; ++j) dr_[j] = 

j<=n_+1; +4+j) np_[j] 
} 

The computation of the successor is a variant of the method given in |41): 


ulong next () 


ulong i = np_[n_+1]; 


if ( i==1) return 0; // current string is last 


if ( dr_[i]==1 ) // direction == "right" 
{ 
if ( sq_[i] == mx_[i] )  sq_[i] = sq_[i-1] + 1; 
else sq_[i] += 1; 
if ( sq_[i] == mx_[i] - 1 ) 
{ 
np_[it+1i] = np_[i]; // can access element nt1 
np_[i] =i - 1; 
dr_[i] = -1UL; // “left" 
} 
else 
if ( sq_[i] == sq_[i-1] + 1 ) 
{ 
sq_[i] = mx_[i]; 
dr_[i] = 1; // “vight" 
np_[it+1i] = np_[i]; // can access element nt1 
np_[i] =i - 1; 
} 
else sq_[i] -= 1; 
} 


if ( i<xn_ ) np_In_t1] = n_; 
return i - 1; 


} 
3; 


The rate of generation is about 97 M/s for 2-ary trees (corresponding to Catalan strings), 120 M/s for 


3-ary trees, and 139 M/s with 4-ary trees [FXT: |comb/tree-gray-demo.cc). 


[fxtbook draft of 2008-January-19] 


311 


Chapter 14 


Integer partitions 


ile 6 == 6* 1+0 + 0 + Q + 0 + 0 == t+i+i+i+i-+?d 
23 6 == 4* 1+ 1* 2+ 0 + Q + 0 + 0 == t+i+i+i+2 
3: 6 == 2* 1+ 2* 2+ 0 + Q + 0 + 0 aa 1+ 2 4+ 2+ 2 

4: 6 == 0 + 3* 2+ 0 + Q + 0 + OQ == 2+2+2 

5: 6 == 3* 1+ 0 + ix 3+0 + 0 + 0 == trei+rli+ 3 

6: 6 == ix 1+ 1* 2+ 1* 3+0 + 0 + 0 == 1+2+3 

(3 6 == QO + OQ + 2x 3+ 0 + 0 + 0 == 3+3 

8: 6 == 2* 1+0 + 0 + 1x 4+0 + OQ == Pr t+ 4 

9: 6 == 0 + 1* 2+ 0 + 1x 4+0 + 0 == 2+4 

10: 6 == ix 1+0 + 0 + Q + i* 5 +0 == 1 +5 

Tis 6 == 0 + 0 + 0 + 0 + 0 + 1i* 6 == 6 


Figure 14.0-A: All (eleven) integer partitions of 6. 


An integer x is the sum of the positive integers less or equal to itself in various ways. The decompositions 
into sums of integers are called the integer partitions of the number x. Figure |14.0-A] shows all integer 
partitions of « = 6. 


14.1 Recursive solution of a generalized problem 


We can solve a slightly more general problem and find all partitions of a number x with respect to a set 
V = {vo,U1,---,Un—1} (where v; > 0), that is all decompositions of the form « = Sa: Ck Up (where 
c; > 0). The integer partitions are the special case V = {1,2,3,...,n}. 


The algorithm to generate the partitions is to assign to the first bucket ro an integer multiple of the first 
set element vo: ro = C- Uo (this has to be done for all c > 0 for which ro < x). Now set cp = c. If 79 = ax 
we already found a partition (consisting of co only), else (if ro < x) solve the remaining problem where 


Pe bein an 
wv’ :=x2—co-vo and V’! := {v1,v2,...,Un—1}-. 


A C++ class for the generation of all partitions is [FXT: class partition_rec in|comb/partition-rec.h : 


class partition_rec 


// Integer partitions of x into supplied values pv[0],...,pv{[n-1]. 
// pvt] defaults to [1,2,3,...,x] 
{ 
public: 
ulong ct_; // Number of partitions found so far 
ulong n_; // Number of values 
ulong i_; // level in iterative search 
long *pv_; // values into which to partition 


ulong *pc_; // multipliers for values 
ulong pci_; // temporary for pc_[i_] 
long *r_; // rest 

long ri_; // temporary for r_[i_] 


[fxtbook draft of 2008-January-19] 


312 Chapter 14: Integer partitions 


long x_; // value to partition 
public: 
partition_rec(ulong x, ulong n=0, const ulong *pv=0) 
{ 
if ( O==n) n=x; 
n_ =n; 
pv_ = new long[n_+1]; 
if ( pv ) for (ulong j=0; j<n_; ++j) pv_[j] = pv[jl; 
else for (ulong j=0; j<n_; ++j) pv_[j] =j +1; 
pc_ = new ulong[n_+1]; 
r_ = new long[n_t1]; 
init (x); 
} 
void init(ulong x) 
{ 
Xx =X 
ct_ = 0; 
for (ulong k=0; k<n_; ++k) pc_[k] = 0; 
for (ulong k=0; k<n_; ++k) r_[k] = 0; 
r_[n_-1] = x_; 
r_In_] = x_; 
i_=n_-1; 
pei_ = 0; 
ri_ = x_; 
} 


“~partition_rec() 


delete [] pv_; 
delete [] pc_; 
delete [] r_; 


ulong next(); // generate next partition 
ulong next_func(ulong i); // aux 
[--snip--] 

3 


The routine to obtains the next partition is given in [FXT: comb/partition-rec.cc|, it is actually an 


iterative version of the algorithm: 


ulong 
partition_rec: :next() 


{ 


if ( i_>=n_ ) return n_; 


r_[i_] = ri_; 
pe_[i_] = pci_; 


i_ = next_func(i_); 
for (ulong j=0; j<i_; ++j) pc_[j] = r_[j] = 0; 
+44; 


pei_ = pce_[i_] + 1; 
return i_- 1; // >=0 


ri_ = r_[i_] - pv_[i_l; 
; 7” 


ulong 
partition_rec: :next_func(ulong i) 


start: 
if ( O!=i ) 


while ( r_[i]>0 ) 


pe_[i-1] = 0; 
r_[i-1] = r_{al; 
--i; goto start; // iteration 


} 


else // iteration end 
if ( O!=r_[i] ) 
{ 


long d = r_[il] / pv_[il; 


[fxtbook draft of 2008-January-19] 


14.2: Iterative algorithm 313 


r_[i] -=d * pv_[il; 
pe_li] = d; 
} 
} 
if ( O==r_[i] ) // valid partition found 
7 ++ot_} 
return i; 
} 
++i; 
if ( i>=n_ ) return n_; // search finished 


r_[i] -= pv_[il]; 
++pc_[i]; 
goto start; // iteration 


} 


The routines can easily adapted to the generation of partitions satisfying certain restrictions, for example, 
partitions into unequal parts (that is, c; < 1). 


The listing shown in figure|14.0-A]can be generated with [FXT: comb/partition-rec-demo.cc : 


void 
print_part(ulong n) 


partition pp(n); 

ulong ct = 0; 

while ( pp.next() <n ) 
{ 


cout << " #" << setw(2) << ct << ": "5 
cout << setw(4) << pp.x_ << " =="; 
pp-print2(); 

cout << "== "; 

pp. print (); 

cout << endl; 

ECU 


} 
cout << "" << n <<": ct=" << ct << endl; 
cout << endl; 


} 


The 190, 569, 292 partitions of 100 are generated in less than 11 seconds, corresponding to a rate of about 
18 million partitions per second. 


14.2 Iterative algorithm 


An iterative implementation for the special case V = {1,2,3,...,n} (the integer partitions) is given in 
[FXT: class partition in|comb/partition.h': 


class partition 


{ 
public: 
ulong *c_; // partition: c[1i]* 1+ c[2]* 2+... + c{n]* n ==n 
ulong *s_; // cumulative sums: s[jt1] = c[1]* 1 + c[2]* 2+... + clj]* j 
ulong n_; // partitions of n 
public: 
partition(ulong n) 
n; 
new ulong[n+1] ; 
new ulong[n+1] ; 


_[0] = 0; // unused 
c_[0] = 0; // unused 


“partition() 
{ 


delete [] c_; 
delete [] s_; 


[fxtbook draft of 2008-January-19] 


314 Chapter 14: Integer partitions 
} 
ig first() 
c_[1] = n_; 
for (ulong i=2; i<x=n_; i++) { c_[i] = 0; } 
s_[1] = 0; 
for (ulong i=2; i<=n_; i++) { s_[i] = n_; } 
} 
void last() 
for (ulong i=1; i<n_; it+) { c_[i] = 0; } 


c_[n_] = 1; 
for (ulong i=1; i<n_; it+) ‘{ s_[i] = 0; } 
// s_[n_+1] = n_; // unused (and out of bounds) 


To obtain the next partition, find the smallest index i > 2 so that [c1,c2,...,ci;-1, ci] can be replaced 
by [z,0,0,...,0,c; + 1] where z > 0. The index i (and z) is determined using cumulative sums. The 
partitions are generated in the same order as shown in figure [14.0-A] The algorithm was given (2006) by 
Torsten Finke [priv.comm.]. 


bool next () 
{ 


} 


if ( c_In_]!=0 ) return false; // last == 1* n (c[n]==1) 


// Find first coefficient c[i], i>=2 that can be increased: 
ulong i = 2; 
while ( s_[i]<i ) ++i; 
++c_[il; 
s_[i] -= i; 
ulong z = s_[il]; 
// Now set c[1], cf[2], ..., cli-1] to the first partition 
// of z into i-1 parts, i.e. set to z, 0, 0, ..., 0: 
while ( --i> 1) 
{ 
s_[i] 
c_[i] 


} 
c_[1] =z; // z* 1 ==2z 
// s_{1] unused 


return true; 


Zz; 
0; 


The preceding partition can be computed as follows: 


bool prev() 
{ 


} 


if ( c_[i]==n_ ) return false; // first == n* 1 (c[1]==n) 


// Find first nonzero coefficient c[i] where i>=2: 


ulong i = 2; 
while ( c_[i]==0 ) ++i; 
--c_[i]; 


s_[i] += i; 

ulong z = s_[il; 

// Now set c[1], c[2], ..., cli-1] to the last partition 
// of z into i-1 parts: 

cue (--i>1 ) 


ulong q = (z>=i ? z/i : 0); // == 2/i; 
c_[il = q; 

s_[it1] = z; 

Z —-= q*i; 


c_[1] = z; 
s_[2] = z; 
// s_{1] unused 


return true; 


{[--snip--] 


» 


[fxtbook draft of 2008-January-19] 


14.3: Partitions into m parts 315 


Note that divisions which result in g = 0 are avoided, leading to a small speedup. The program [FXT: 


comb/partition-demo.cc| demonstrates the usage of the class. More than 140 million partitions per second 


are generated, about 66 million when going backward. 


14.3. Partitions into m parts 


carr Ace 
BRR EBRRBBERREE 
eed ed od ed ed ed 
BPREREBRRBBERRE 
RPRERBPRRRBERREE 
PRR EBRRRBERRE 
PERE RRBRBEREE 
ed ed od ed ed ed ed ed 
NPRBBRBRBBEBREHE 
NWWNNNBRBEEE 
VOPWRWNOBWNE 
ODPO1MIMONOIMNOOwo 
NNMNRPRBRBRBRBEE 
eS 
PRERBRR RRR E 
BERBER RBRBERREE 
ed ed ed ed ed ed 
NPRBBRBRBRBEREHE 
NONRPRPPRERRRRE 
NNMNNBPRRBRBRRBERE 
NNNNNNNFEHRE 
NNMNNMNNNWNNN 
NNMNNWNNWWNNY 
NNWNWWNWWAPW 
NWWAWAOIW ADO] 


io 


Figure 14.3-A: The 22 partitions of 19 into 11 parts in lexicographic order. 


An algorithm for the generation of all partitions of n into m parts is given in p.106] (method ascribed 
to Hindenburg): 


The initial partition contains m—1 units and the element n—m-+1. To obtain a new partition 
from a given one, pass over the elements of the latter from right to left, stopping at the first 
element f which is less, by at least two units, than the final element [...]. Without altering 
any element at the left of f, write f+ 1 in place of f and every element to the right of f with 
the exception of the final element, in whose place is written the number which when added 
to all the other new elements gives the sum n. The process to obtain partitions stops when 
we reach one in which no part is less than the final part by at least two units. 


Figure|14.3-A|shows the partitions of 19 into 11 parts. The data was generated with the program [FXT: 


comb/mpartition-demo.cc). 
An efficient implementation is given as [FXT: class mpartition in comb/mpartition.h): 


class mpartition 
// Integer partitions of n into m parts 


{ 
public: 
ulong *x_; // partition: x[1]+x[2]+...+x[m] =n 
ulong *s_; // aux: cumulative sums of x[] (s[0]=0) 
ulong n_; // integer partitions of n (must have n>0) 
ulong m_; // ... into m parts (must have 0<m<=n) 
public: 


mpartition(ulong n, ulong m) 
: n_(m), m_(m) 


x_ = new ulong [m_+1]; 
s_ = new ulong [m_+1]; 
init; 
“mpartition() 
delete [] x_; 
delete [] s_; 
const ulong *data() const { return x_+1; } 


void init() 


x_[0] = 0; 

for (ulong k=1; k<m_; ++k) x_[k] = 1; 
x_[m_] = n_ - m +1; 

ulong s = 0; 


[fxtbook draft of 2008-January-19] 


316 Chapter 14: Integer partitions 


for (ulong k=0; k<=m_; ++k) { st=x_[k]; s_[k]=s; } 


bool next () 
{ 


ulong u = x_[m_]; // last element 
ulong k = m_; 
while ( --k ) { if ( x_[k]+2<=u ) break; } 
if ( k==0 ) return false; 
ulong f = x_[k] + 1; 
ulong s = s_[k-1]; 
while (k < m_ ) 

x_[k] = f; 

s += f; 

s_[k] = s; 

++k; 

x_[m_] = - s_[m_-1]; 


/1 s_{m_ ie =n_; // unchanged 
return true; 


} 
3; 


The auxiliary array of cumulative sums allows the recalculation of the final element without rescanning 
more than the elements just changed. About 105 million partitions per second can be generated. 


A (complicated) construction for a Gray code for integer partitions is given in [198]. 


14.4 The number of integer partitions 


n: Pr n: Pr n: Py n: P;, n: PF, 
1: 1 11: 56 21: 792 31: 6842 Al: 44583 
2: 2 12: 77 22: 1002 32: 8349 42: 53174 
3: 3 13: 101 23: 1255 33: 10143 43: 63261 
4: 5 14: 135 24: 1575 34: 12310 44: 75175 
5: 7 15: 176 25: 1958 35: 14883 45: 89134 
6: 11 16: 231 26: 2436 36: 17977 46: 105558 
7: 15 17: 297 27: 3010 37: 21637 47: 124754 
8: 22 18: 385 28: 3718 38: 26015 48: 147273 
9: 30 19: 490 29: 4565 39: 31185 49: 173525 

10: 42 20: 627 30: 5604 40: 37338 50: 204226 


Figure 14.4-A: The number of integer partitions of n for n < 50. 


The total number of integer partitions of n is sequence A000041 of [214], the values for 1 < x < 50 are 
shown in figure }14.4-A]} If we denote the number of partitions of n into exactly m parts by P(n,m) then 


P(njm) = P(n—1,m—1)+ P(n-—m,m) (14.4-1) 


were we set P(0,0) = 1. We obviously have P,, a a): Figure shows P(n,m) for 
n < 16, it was created with the program [FXT: . We note that the number 
of partitions into m parts equals the number of partitions with maxima par equal to m. This can easily 
be seen by drawing a diagram and its transposed as follows (for the partition 5 + 2+2-+ 1 of 10): 


43111 5221 

5 XXXXX 4 XXXxX 

2 XX 3 XXX 
2 XX 1X 
1 xX 1X 
1X 


Thereby any partition with maximal part m (here 5) corresponds to a partition into exactly m parts. 


[fxtbook draft of 2008-January-19] 


14.4: The number of integer partitions 317 


n: P(n) P(n,m) for m = 

4 : ; 2 4 5 6 7 8 9 10 11 12 13 14 15 16 
2: 2 1 1 

3: 3 1 1 il 

4: 5 1 2 1 1 

5: 4 1 2 2 1 1 

6: 11 1 3 3 2 1 1 

T: 15 1 3 4 3 2 1 1 

8: 22 1 4 5 5 3 2 1 1 

9: 30 1 4 iC 6 5 3 2 1 1 

10: 42 1 5 8 9 7 5 3 2 1 1 

11: 56 1 5 10 11 10 7 5 3 2 1 1 

12: Ce 1 6 12 15 13 11 7 5 3 2 1 1 

13: 101 1 6 14 18 18 14 11 7 5 3 2 1 1 

14: 135 1 7 16 23 23 20 15 11 it 5 3 2 1 1 

15: 176 1 7 19 27 30 26 21 15 it 7 5 3 2 1 1 

16: 231 1 8 21 34 37 35 28 22 15 11 7 5 3 2 1 1 


Figure 14.4-B: Numbers P(n,m) of partitions of n into m parts. 


The generating function for the partitions into exactly m parts is 


P(inwm) 2c” = —=_——— (14.4-2) 
n=l Ia =<") 
For example, the row for m = 3 in figure|14.4-B|corresponds to the power series 
? m=3; (x*m/prod(k=1,m,1-x*k)+0(x717)) 
x73 + x74 + 24x75 + 3x76 + 4x77 + 5*x78 + 7*x79 + 8*x710 + \ 


10*x711 + 12*x712 + 14*x713 + 16*x714 + 19*x715 + 21*x716 + O(x*17) 


The generating function for the number P,, of integer partitions of n can be given as {109} p.357] 


3 Px” : : (14.4-3a) 
na = 6S = A 
n=0 tiene (1 = an) n(x) 
Then we have 
nz) = 1+ >> (-1)" (eve es ea) (14.4-3b) 
n=1 
and 
= = Gh 2 on (14.4-3c) 
n(a) oS a2") 
co n?2 
x 
= 14+5>— 5 (14.4-3d) 
mat (hear 1 =") ] 
? N=10;x=t+0(t7N); 
? 1/prod(k=1,N,1-x*k) 
1+ t + Qet72 + 3*t73 + 5#t74 + 7#t75 + 11*t°6 + 15*t77 + 22*t78 + 30*t79 + O(t710) 
\\ == 1+sum(n=1,N,x*n/prod(j=1,n,1-x*j)) 
\\ == 1+sum(n=1,N,x*(n°2)/(prod(k=1,n, (1-x*k))*2)) 
\\ == 1/(1+sum(n=1,N, (-1) “n* (x7 (n¥ (34n-1) /2) +x (n¥ (34n+1)/2)))) 
Relation |14.4-3c]is the special case a, = x" (and N — oc) of [180] p.83] 
1 a a 
— = 14+ 5 (14.4-4) 
ea (1 — an) » Tea (1 — ag) 
For the number D,, of partitions of n into distinct parts we have the generating function 
n(z) = J[[G+2") = 50D," (14.4-5) 
n=1 n=0 


[fxtbook draft of 2008-January-19] 


318 Chapter 14: Integer partitions 


We have (the number of partitions into distinct parts equals the number of partitions into odd parts) 


n+(z) = ee _ hea eee (14.4-6) 


Thereby relation |14.4-3b} allows fast computation of 7;(#). The sequence of coefficients D,, is entry 
A000009) of [274]: 


[1, 1, 1, 2, 2, 3, 4, 5, 6, 8, 10, 12, 15, 18, 22, 27, 32, 38, 46, 54, 
64, 76, 89, 104, 122, 142, 165, 192, 222, 256, ] 


The number of partitions where at most r elements of each partition are equal has the generating function 


ee r+1 
(lt+a+a?+...42") = ner) 


(14.4-7a) 


n=1 


= : (14.4-7b) 
Ho mod r+1 (i 2-7 2”) 


The second relation tells us that the number of such partitions equals the number of partitions into parts 
not divisible by r+ 1. 


[fxtbook draft of 2008-January-19] 


319 


Chapter 15 


Set partitions 


ob ee es 1: {1, 2, 3, 4} 
pi={1} oe {1, 2, 3}, {4} 
--> p={i, 2} 3: {1, 2, 4}, {3} 
--> p={1}, {2} 4: {1, 2}, {3, 4} 
epee EE 5: {1, 23, {3}, {4} 
pi={1, 2} 6: {1, 3, 4}, {2} 
--> p={1, 2, 3} Te {1, 3}, {2, 4} 
--> p={1, 2}, {3} 8:  {1, 3}, {2}, {4} 
pi={1}, {2} 9: 113 Abs 24h er 


25. pati oh, ak 10: {1}, {2, 3, 4} 


--> p={1}, {2, 3} 11: {1}, {2, 3}, {4} 

see. pHi}, 4235. 428 12: 415 4h, 12h; 3} 
------------------ 13: Aloe oy Abe toy 
pi={1, 2, 3} 14: Cae, thy ASS ae 


--> p={1, 2, 3, 4} 15: {1}, {2}, {3}, {4} 

--> p={1, 2, 3}, {4} 
pi={1, 2}, {3} 

--> p={1, 2, 44, {3} 

--> p={1, 2}, {3, 4} 

--> p={1, 2}, {3}, {4} 
pi={1, 3}, {2} 

--> p={1, 3, 44, {2} 

--> p={1, 3}, {2, 4} 

--> p={1, 3}, {2}, {4} 
pi={1}, {2, 3} 

--> p={1, 4}, {2, 3} 

--> p={1}, {2, 3, 4} 

--> p={1}, {2, 3}, {4} 
pi={1}, {2}, {3} 

--> p={1, 4}, {2}, {3} 

--> p={1}, {2, 4}, {3} 

--> p={1}, {2}, {3, 4} 

--> p={1}, {2}, {3}, {4} 


Figure 15.0-A: Recursive construction of the set partitions of the 4-element set S4 = {1, 2, 3, 4} (left). 
The resulting list of all set partitions of is shown on the right. 


For a set of n elements, say S, := {1, 2,..., n}, a set partition isa set P = {s, so, ..., 5} of non-empty 
subsets s; of S;, whose intersection is empty and whose union equals S. 


[fxtbook draft of 2008-January-19] 


320 Chapter 15: Set partitions 


For example, there are 5 set partitions of the set $3 = {1, 2, 3}: 


{ {1, 2, 3} } 

{ {1, 2}, {3} } 
{ {1, 3}, {2} } 
{ {1}, {2, 3} } 
{ {1}, {2}, {3} } 


The following sets are not set partitions of $3: 


OPRWNE 


{ {1, 2, 3}, {1} } // intersection not empty 
{ {1}, {3} } // union does not contain 2 


As the order of elements in a set does not matter we sort them in ascending order. For a set of sets we 
order the sets in ascending order of the first elements. 


Recursive generation 


We write Z,, for the list of all set partitions of the n-element set S,,. In order to generate Z,, we observe 
that with a complete list Z,_, of partitions of the set S;,,_; we can generate the elements of Z,, in the 
following way: For each element (set partition) P € Z,_1, create set partitions of S, by appending the 
element n to the first, second, ..., last subset and one more by appending the set n as the last subset. 
For example, the partition {{1, 2}, {3, 4}} © Z4 leads to 3 partitions of 55: 
P={{1, 2}, {3, 4} } 
--> { {1, 2, 5}, {3, 4} } 


--> { {1, 2}, {3, 4, 5} } 
--> { {1, 2}, {3, 4}, {5} } 


Now we start with the only partition of the one-element set, {{1}}, and apply the described step n — 1 
times. The construction is shown in the left column of figure the right column shows all set 
partitions for n = 5. 


15.1 The number of set partitions: Stirling set numbers and 
Bell numbers 


n = B(n) k: 1 2 3 4 5 6 7 8 9 10 

1: = i 1 

2: = 2 1 1 

3: = 5 f 3 1 

4: = 15 if 7 6 1 

o: 7 52 1 15 25 10 1 

6: = 203 1 31 90 65 15 1 

wae = 877 1 63 301 350 140 21 1 

8: = 4140 1 127 966 1701 1050 266 28 1 

9: = 21147 1 255 3025 7770 6951 2646 462 36 1 

10: = 115975 1 511 9330 34105 42525 22827 5880 750 45 1 
Figure 15.1-A: Stirling numbers of the second kind and Bell numbers. 

The sequence of numbers of set partitions of $,, for n > 1 is 1, 2, 5, 15, 52, 203, 877, .... These are the 


Bell numbers, sequence A000110 of . The Bell numbers can be computed using the observation that 
in every step of the computation a partition of S,_; into k subsets leads to k + 1 partitions of S,. Of 
these partitions k contain k subsets and one contains k + 1 subsets. 


If we write the number of partitions of S, into k subsets as a triangular array, then the entry can be 
computed as the sum of its upper left neighbor plus & times its upper neighbor. We start with a single 


one in the row for n = 1. The scheme is shown in figure The numbers are the Stirling numbers 
of the second kind (or Stirling set numbers), see sequence |A008277| of [214]. 


[fxtbook draft of 2008-January-19] 


15.2: Generation in minimal-change order 321 


The sum over all elements of row n gives the n-th Bell number. Another way of computing the Bell 
numbers is given in section on page [131] The array shown can be generated with the program 


[FXT: |comb/stirling2-demo.cc). 


We further have the recursion 


Bia S »(") B, (15.1-1) 


As pari/gp code: 
? N=11; v=vector(N); v[i]=1; 


? for (j=2, N, v[j]=sum(k=1, j-1, binomial(j-2,k-1)*v[k])); v 
[1, 1, 2, 5, 15, 52, 203, 877, 4140, 21147, 115975] 


The ordinary generating function for the Bell numbers can be given as 


co Co k 
> Bne® = Soa = 144202 4508 415044 5205+... (15.12) 
n=0 k=0 TTj-1 (1—jz) 


The exponential generating function is 
exp(exp(z)-1) = S~ Bn = (15.1-3) 
n=0 , 


? sum(k=0,11,x*k/prod(j=1,k,1-j*x))+0(x*8) \\ OGF 
1 + x + Q2ex72 + 5*x73 + 15*x74 + 52*x75 + 203*x76 + 877*x°7 + O(x78) 
? serlaplace(exp(exp(x)-1)) \\_ EGF 
1+ x + 2x72 + 5*x73 + 15*x74 + 52*x75 + 203*x76 + 877*x77 + 4140*x78 + ... 


Dobinski’s formula for the Bell numbers is 


1 co 
B, = oa (15.1-4) 


15.2 Generation in minimal-change order 


A modified version of the recursive construction generates the set partitions in a minimal-change order. 
We can generate the ‘incremented’ partitions in two orders, forward (left to right) 


P={{1, 2}, {3, 4} } 
--> { {1, 2, 5}, {3, 4} } 
--> { {1, 2}, {3, 4, 5} } 
--> { {1, 23, {3, 4}, {5} } 


or backward (right to left) 


P={{1, 2}, {3, 4} } 

--> { {1, 2}, {3, 4}, {5} } 

--> { {1, 2}, {3, 4, 5} } 

--> { {1, 2, 5}, {3, 4} } 
The resulting process of interleaving elements is shown in figure The method is similar to Trotter’s 
construction for permutations, see figure|{10.7-B]on page If we change the direction with every subset 
that is to be incremented, we obtain the minimal-change order shown in figure |15.2-B] for n = 4. The 
left column is obtained by starting with the forward direction in each step of the recursion, the right by 


starting with the backward direction. The lists can be computed with [FXT: comb/setpartition-demo.cc. 


The C++ class [FXT: class set_partition in|\comb/setpartition.h| stores the list in an array of signed 
characters. The stored value is negated if the element is the last in the subset. The work involved with 
the creation of Z,, is proportional to a k By, where By is the k-th Bell number. 


The parameter xdr of the constructor determines the order in which the partitions are being created: 


[fxtbook draft of 2008-January-19] 


322 Chapter 15: Set partitions 


Sagano eee eee eee = see setpart (4) == 
P={1} P={1, 2, 3} {1, 2, 3, 4} 
--> {1, 2} --> {1, 2, 3, 4} {1, 2, 3}, {4} 
--> {1}, {2} --> {1, 2, 3}, {4} {1, 2}, {3}, {4} 
{1, 2}, {3, 4} 
P={1, 2}, {3} {1, 2, 4}, {3} 
--> {1, 2}, {3}, {4} {1, 4}, {2}, {3} 
--> {1, 2}, {3, 4} {1}, {2, 4}, {3} 
--> {1, 2, 4}, {3} {1}, {2}, {3, 4} 
{1}, {2}, {3}, {4} 
------------------ P={1}, {2}, {3} {1}, {2, 3}, {4} 
P={1, 2} --> {1, 4}, {2}, {3} {1}, {2, 3, 4} 
--> {1, 2, 3} --> {1}, {2, 43, {3} {1, 4}, {2, 3} 
--> {1, 2}, {3} --> {1}, {2}, {3, 4} {1, 3, 4}, {2} 
--> {1}, {2}, {3}, {4} {1, 3}, {2, 4} 
P={1}, {2} {1, 3}, {2}, {4} 
-->{1}, {2}, {3} P={i}, {2, 3} 
-->{1}, {2, 3} --> {1}, {2, 3}, {4} 
-->{1, 3}, {2} --> {1}, {2, 3, 4} 
--> {1, 4}, {2, 3} 
P={1, 3}, {2} 


--> {1, 3, 4}, {2} 
--> {1, 3}, {2, 4} 
--> {1, 3}, {2}, {4} 


Figure 15.2-A: Construction of a Gray code for set partitions as an interleaving process. 


1: {1, 2, 3, 4} 1: {1}, {2}, {3}, {4} 
2: {1, 2, 3}, {4} 2: {1}, {2}, {3, 4} 
3: {1, 2}, {3}, {4} 3: {1}, {2, 4}, {3} 
4: {1, 2}, {3, 4} 4: {1, 43, {2}, {3} 
5: {1, 2, 4}, {3} 5: {1, 4}, {2, 3} 
6: {1, 4}, {2}, {3} 6: {1}, {2, 3, 4} 
7: {1}, {2, 4}, {3} 7: {13, {2, 3}, {4} 
8: {1}, {2}, {3, 4} 8: {1, 3}, {2}, {4} 
9: {1}, {2t, {3}, {4} 9: {1, 3}, {2, 4} 
10: {1}, {2, 3}, {4} 103: (1s 3, 442) 
11: {1}, {2, 3, 4} 11: {1, 2, 3, 4 

12 {1, 43, {2, 3} 12: {1, 2, 3}, {4} 
13: {1, 3, 4}, {2} 13: {1, 2}, {3}, {4} 
14: {1, 3}, {2, 4} 14: {1, 2}, {3, 4} 
15: {1, 3}, {2}, {4} 19s Ad, 25 4b, ASh 


Figure 15.2-B: Set partitions of S4 = {1, 2, 3, 4} in two different minimal-change orders. 


[fxtbook draft of 2008-January-19] 


15.2: Generation in minimal-change order 323 


class set_partition 
// Set partitions of the set {1,2,3,...,n} 
// By default in minimal-change order 


{ 
public: 
ulong n_; // Number of elements of set (set = {1,2,3,...,n}) 
int *p_; // pl] contains set partitions of length 1,2,3,...,n 
int **pp_; // pp[k] points to start of set partition k 
int *ns_; // us{k] Number of Sets in set partition k 
int *as_; // element k attached At Set (0<=as[k]<=k) of set(k-1) 
int *d_; // direction with recursion (+1 or -1) 
int *x_; // current set partition (==pp[n]) 
bool xdr_; // whether to change direction in recursion (==> minimal-change order) 
int drQ_s // dr0: starting direction in each recursive step: 
// dr0=+1 ==> start with partition {{1,2,3,...,n}} 
// dr0=-1 ==> start with partition {{1},{2},{3},...,{n}}} 
public: 
set_partition(ulong n, bool xdr=true, int dr0=+1) 


: n_(n) 


ulong np = (n_*(n_+1))/2; // == \sum_{k=1}"{n}{k} 
p_ = new int[np]; 


pp_ = new int *[n_t1]; 

pp_[0] = 0; // unused 

pp_[1] = pi; 

for (ulong k=2; k<=n_; ++k) pp_[k] = pp_[k-1] + (k-1); 
ns_ = new int[n_+1]; 

as_ = new int[n_ti]; 

d_ = new int[n_+1]; 

x_ = pp_[n_]; 


init(xdr, dr0); 


[--snip--] // destructor 
bool next() ‘{ return next_rec(n_); } 
const int* data() const { return x_; } 


ulong print() const 

// Print current set partition 

// Return number of chars printed 
{ return print_p(n_); } 


ulong print_p(ulong k) const; 
void print_internal() const; // print internal state 


protected: 
[--snip--] // internal methods 


2 


The actual work is done by the methods next_rec() and cp_append() [FXT: comb/setpartition.cc!: 


int 
set_partition::cp_append(const int *src, int *dst, ulong k, ulong a) 
// Copy partition in src[0,...,k-2] to dst[0,...,k-1] 


// append element k at subset a (a>=0) 
// Return number of sets in created partition. 


{ 
ulong ct = 0; 
for (ulong j=0; j<k-1; ++j) 
{ 
int e = src[jl; 
if (e>0O) dst[j] =e; 
else 
if ( a==ct ) { dst[j]=-e; ++tdst; dst[j]=-k; } 
else dst[j] =e; 
+t+ct; 
} 
} 
if ( a>=ct ) { dst[k-1] = -k; ++ct; } 
return ct; 
} 


[fxtbook draft of 2008-January-19] 


324 Chapter 15: Set partitions 


int 

set_partition: :next_rec(ulong k) 

// Update partition in level k from partition in level k-1 (k<=n) 
// Return number of sets in created partition 


{ 
if ( k<=1 ) return 0; // current is last 
int d = d_[kl; 
int as = as_[k] +d; 
bool ovq = ( (d>0) ? (as>ns_[k-1]) : (as<0) ); 
if ( ovq ) // have to recurse 
ulong nsi = next_rec(k-1); 
if ( O==nsi ) return 0; 
d = ( xdr_ ? -d:: dr0O_ ); 
d_[k] = d; 
as = ( (d>0) 7? 0: ns_[k-1] ); 
as_[k] = as; 
ulong ns = cp_append(pp_[k-1], pp_[k], k, as); 
ns_[k] = ns; 
return ns; 
} 
1: asl 0000 ] x[ +1 +2 +3 -4 J {1, 2, 3, 4} 
2: asLO0001] x[ +1 +2 -3 -4 ] {1, 2, 3}, {4} 
3: asf 0010] x[ +1 +2 -4 -3 ] {1, 2, 4}, {3} 
4: asf0011] x[ +1 -2 +3 -4 ] {1, 2}, {3, 4} 
5: asL0012] x[ +1 -2 -3 -4 ] {1, 2}, {3}, {4} 
6: asLO0100] x[ +1 +3 -4 -2 ] {1, 3, 4}, {2} 
7: aslLO101] x[ +1 -3 +2 -4 ] {1, 3}, {2, 4} 
8: asl 0102] x[ +1 -3 -2 -4 ] {1, 3}, {2}, {4} 
9: aslt0110] x[ +1 -4 +2 -3 ] {1, 4}, {2, 3} 
10: asf 0111] x[ -1 +2 +3 -4 ] {1}, {2, 3, 4} 
11: asf 0112] x[ -1 +2 -3 -4 ] {1}, {2, 3}, {4} 
12: asf 0120 ] x[ +1 -4 -2 -3 ] {1, 4}, {2}, {3} 
13: asf 0121] x[ -1 +2 -4 -3 ] {1}, {2, 4}, {3} 
14: asl 0122] x{ -1 -2 +3 -4 ] {1}, {2}, {3, 4} 
15: asl 0123] x[ -1 -2 -3 -4 ] {1}, {2}, {3}, {4} 


Figure 15.2-C: The partitions of the set S, = {1, 2, 3, 4} together with the internal representations: 
the ‘signed value’ array x[] and the ‘attachment’ array as[]. 


The partitions are stored as an array of signed integers that are greater than zero and smaller or equal 
to n. A negative value indicates that it is the last of the subset. For example, the set partitions of $4 
together with their ‘signed value’ representations are shown in figure The array as[] contains 
a restricted growth string (RGS) with the condition a; < 1+ max;<;(a;). A different sort of RGS is 


described in section on page 301] 


The copying is the performance bottleneck of the algorithm. Therefore ‘only’ about 11 million partitions 
are generated per second. An O(1) algorithm for the Gray code starting with all elements in one set is 


given in [148]. 

For some applications the restricted growth strings (RGS) may suffice. We give an implementation for 
their generation and algorithms to generate two classes of generalized RGS that contain the RGS for set 
partitions as a special case. 


15.2.1 RGS for set partitions in minimal-change order 


The C++ implementation [FXT: class set_partition_rgs in |comb/setpartition-rgs.h) generates the 


RGS for set partitions in lexicographic or minimal-change order. ‘The R are updated by the recursive 
routine [FXT: |comb/setpartition-rgs.cc): 


int 


[fxtbook draft of 2008-January-19] 


15.2: Generation in minimal-change order 325 


set_partition_rgs: :next_rec(ulong k) 


{ 
if ( k<=1 ) return 0; // current is last 
int d = d_[kl; 
int as = as_[k] + d; 
bool ovq = ( (d>0) ? (as>ns_[k-1]) : (as<0) ); 
if ( ovq ) // have to recurse 
{ 
if ( 0==next_rec(k-1) ) return 0; 
d = ( xdr_ ? -d:: dr0O_ ); 
d_[k] = d; 
as = ( (d>0) ? 0: ns_[k-1] ); 
as_[k] = as; 
ulong ns = ns_[k] = max2(ns_[k-1], as_[k]+1); 
return ns; 
} 


An iterative version of the update routine is 


bool next () 
{ 


ulong k = n_; 
while ( (ulong) (as_[k] + d_[k]) > (ulong)ns_[k-1] ) // <O or >max 
{ 


if ( --k <= 1) return 0; 
as_[k] += d_[k]; 
ns_[k] = max2(ns_[k-1], as_[k]+1); 
while ( ++k<=n_ ) 


ulong d = d_[k]; 
d = ( xdr_ ? -d : dr0_ ); 


d_[k] = d; 
ulong as = ( ((int)d>0) ?7 0: ns_[k-1] ); 
as_[k] = as; 
; ns_[k] = max2(ns_[k-1], as_[k]+1); 
return 1; 


} 
It is activated (by default) via the define 
#ifdef SETPART_RGS_ITERATIVE 


A program that shows the usage of the class is [FXT: |comb/setpartition-rgs-demo.cc. Note that while 


the RGS correspond to a Gray code for set partitions the RGS can change in more than one position, 
see the left column of figure}15.2-C| About 78 million RGS per second are generated with the recursive 
update routine, with the iterative update the rate is about 140 million per second. 


15.2.2 Max-increment RGS * 


The generation of RGSs s = [so, 51,..-, Sn—1] where s, < i+ max;<;,(s,;) is a generalization of the RGSs 
for set partitions (where i = 1). Figure |15.2-D}]show RGSs in lexicographic order for i = 2 (left) and 


i = 1 (right). The strings can be generated in lexicographic order using [FXT: class rgs_maxincr in 
comb/rgs-maxincr.h: 


class rgs_maxincr 


{ 
public: 
ulong *s_; // restricted growth string 
ulong *m_; // m_[k-1] == max possible value for s_[k] 
ulong n_; // Length of strings 
ulong i_; // s({k] <= max_{j<k}(s[j]+i) 
// i==1 ==> RGS for set partitions 
public: 


rgs_maxincr(ulong n, ulong i=1) 


[fxtbook draft of 2008-January-19] 


Chapter 15: Set partitions 


326 


max(5,1) 


RGS(5, 1) 


max (4,2) 


RGS (4, 2) 


Pa ee a ee ee es ee ee es OR 
AMMAN AANA ANNANNANNANMN AANA ANNANANN MAHAN AANNANNNANMINNANNMOMNNANNMONANN OOOO OO SH 
SMM AHHH ANNAN BA HHH ANANN NAAT HANNAN NANNANNANANNANN ANNAN NAO OOOO 
se eee ANNA HAHAHAHAHAHA HAHAHAHAHAHA HAHAHAHAHAHA HAHAHAHA NANANANNANNANANANAAA 
Bo ROE eR La Sh aa oe Sr ee oe ee ooo oe oe ee ee ee eee eee heehee ere 


WILL i LL PE LP PL EE LE LL LL LE PL LE PL PL LL LL LLL 


PATTIE AIA IAAP TAPIA AIPA AIPA APA AAPA AAP AP AP AP AP AP AP AP AP AP AP APA TAP AP TAP TAP AR Ae se see eae ae eae ee 
St PANN NN 8 PN NNN 8 PATNA NN 88 tPA HANNAN NNO MMM OY 
a WA tt tt HH HHH HHH NANNANNANNANNANNANANANNAN ANNAN A 
a Seana beeen babe ee bebe te beeen he eee eee 


CU CU UU UU UU CD CUD UU UD CUD UU UU UU UU 
PANT ANMNNANANNANYNPAANMTAANMNNANNNANMEMMMMPONANAMNIANNANMNAAAANMNIAIMOMNMNANTOASHHHAHWO Oo 
rr AAA AAA AAA AANA AANANANNANNANNANANAN ANNAN ANNAN ANNAN NNN NNN NN ON 


DY I I I a I I I ES a I WE a I 


Foes UU CD CU UU UU UD CU Ce UU CUD UU Dc UU UD Ue 
TAN PANY HANMOMSH PANY CANM CANO CANO HW CANO CANONS CANO CHAM CANO HLOO 
So PAIN NNN N 8 PRA NNNANN NM MMOO MOM © 8 eee AAATAANANANNANNANMOMNMNMNMNNSSGISSD 
a AAA ANA ANA AAA NAATAAANANANNANNANNNANANANN ANNAN NN ANN NN NN NNN NON ON 


Figure 15.2-D: Length-4 max-increment RGS with maximal increment 2 and the corresponding array 


of maxima (left), and length-5 RGSs with maximal increment 1 (right). Dots denote zeros. 


[fxtbook draft of 2008-January-19] 


15.2: Generation in minimal-change order 327 


n; 
new ulong[n_]; 
new ulong[n_]; 
i; 
irst(); 


n 
m 
s 
i 
f 
} 
~rgs_maxincr () 
delete [] m_; 
delete [] s_; 
= first() 
ulong n = n_; 


for (ulong k=0; k<n; ++k) s_[k] 
for (ulong k=0; k<n; ++k) m_[k] 


} 
{[--snip--] 
The computation if the successor returns the index of first (leftmost) changed element in the string. Zero 
is returned if the current string is the last: 


ulong next () 


if ( k==0 ) return 0; 


ulong sk = s_[k] + 1; 
ulong m1 = m_[k-1]; 
if ( sk > mit+ti_ ) // "carry" 


s_[k] = 0; 
goto start; 
} 
s_({k] = sk; 


if ( sk>mi ) mil = sk; 
for (ulong j=k; j<n_; ++j ) m_[j] = m1; 


return k; 


} 
[--snip--] 


About 115 million RGSs per second are generated with the routine. Figure |15.2-D] was created with 
the program [F XT: |comb/rgs-maxincr-demo.cc). The sequence of numbers of Max-increment RGSs with 
, and 4, start 


increment 7 =1, 2, 


n: O i 2 3 4 5 6 9 
i=l: 1 2 5 1 5 20 87 4140 21147 115975 
i=2: 1 3 12 59 339 2210 16033 127643 1103372 10269643 
i=3: 1 4 22 150 1200 10922 110844 1236326 14990380 195895202 
i=4: 1 5 35 305 3125 36479 475295 6811205 106170245 1784531879 


The sequence for i = 2 is entry A080337)of [214], it has the exponential generating function (EGF) 


= ise exp(2z) 3 
dX Bn2 mr oT «OxP (: + exp(ax) + ae ae (15.2-1) 
The sequence of numbers of increment-3 RGSs has the EGF 
— ‘ exp(2 11 
s Bn 3 — = exp (« + exp(x) 4 set CE efUELy ) (15.2-2) 
n=0 a 2 3 6 


Omitting the empty string, we restate the EGF for the Bell numbers as 


5 
a” 7B” "a 


= m ae 
D> Baa = exp(a+exp(z)-1) = —+oat 
= n! QO! ol! 


[fxtbook draft of 2008-January-19] 


Chapter 15: Set partitions 


328 


The EGF for the increment-7 RGS is 


(15.2-4) 


15.2.3. F-increment RGS * 


Sa RS, aa A DA aA a 
ae Ze? “es el LO . . . . “WoO . . . . “WoO . . . . “LO . . . . “MOMOMOMONOMOMNOUMUWWMWW~ 
oc N 
LD sek RY Se we eee Gar ee ey te a ee eh aS ae a ee eS Se a A LOLOLOLO LN LN LN LNLN LN LN 
WY 
a ge aR RM TO Oe a 


De I a PP 


—_ 
Am MMMM mame om oom oo ooo eo momo oom mor ror 


™ fo) 


(9.0 ae et en AAA AANANANANANAN MMMM OD HS St TH LO LO LO LO LL LO) LO) LOD). LED). LED). 


pe St 
ANMNYTOORODHDOANMNHMOOK ODO 
Mn ANANTH HTH HANN 


a So SR ee a a ers NANNN © 6 8 tee NANNNANNNANANNNANNNANNNNANANNNANNNANNANANAN SD SSS ttt 
Te er Beg ee ter Naey pe tee wer ess en ats Get Pie «seh Ria) we ges vas ee een ten NANNANNANNNANNANNANNANANN ANNAN ANNAN NAN ANNAN NNN ANON 


DY I I a I I PE a PS I I PS I 


moo Oh oh Io eo eto oo ee eo eee eo oo eto oer 


= 
N AN AN -ANMYMNSH HAN CAN CANMS CANONS CANONS CANO CANO CANMSHLOO 
wy Soe PAIN NNN N 8 PSNNNNN ee AAAAANNAANMNMNMONMNNSIISSHIHSDH 
ie 8 FS ae Nya Wiens, 36h. GBP sat Pe: 58 ANAT HAAAANANANNANNNANNANNNANN ANNAN NNN ANNAN NANOS 
a i i 


Figure 15.2-E: Length-4 F-increment restricted growth strings with maximal increment 2 and the 
corresponding array of values of F’ (left), and length-3 RGSs with maximal increment 5 (right). 


denote zeros. 


Dots 


To obtain a different generalization of the RGS for set partitions we rewrite the condition s, < i+ 


[fxtbook draft of 2008-January-19] 


15.2: Generation in minimal-change order 329 


max;<z(s;) for the RGS considered in the previous section: 


Sk < M(k)+i where M(0) = 0 and (15.2-5a) 
M(k+1) = en ms ae ee 0 (15.2-5b) 


The function M(k) is max;<,(s;) in notational disguise. We define F-increment RGSs with respect to a 
function F as follows: 


Se < F(k)+i where F(0) = 0 and (15.2-6a) 
F(k+1) = { Fk) a ete (15.2-6b) 


For 7 = 1 we obtain the RGSs for set partitions. Figure|15.2-E} shows all length-4 F-increment RGSs for 
i = 2 (left), and all length-3 RGSs for 7 = 5 (right), together with the arrays of F-values. The listings 


were created with the program [F XT: \comb/rgs- fincr-demo.cc). It uses the implementation [FXT: class 
comb /rgs-fincr.h : 


rgs_fincr in 


The function F(k) is a ‘maximum’ that is increased only if the last increase (s% — 5,1) was maximal. 
5.28 


class rgs_fincr 


{ 
public: 
ulong *s_; // restricted growth string 
ulong *f_; // values F(k) 
ulong n_; // Length of strings 
ulong i_; // s[k] <= f[k]ti 
[--snip--] 


ulong next () 
// Return index of first changed element in s[], 
// Return zero if current string is the last 


£ 
ulong k = n_; 
start: 
--k; 
if ( k==0 ) return 0; 
ulong sk = s_[k] + 1; 
ulong m1 = f_[k-1]; 
ulong mp = mi + i_; 
if ( sk > mp) // "carry" 
s_[k] = 0; 
goto start; 
} 
s_[k] = sk; 
if ( sk==mp ) mi += i_; 
for (ulong j=k; j<n_; ++j ) f_[j] = m1; 
return k; 
} 
[--snip--] 


The sequences of numbers of F-increment RGSs with increments i =1, 2, 3, and 4, start 


n: O i 2 3 4 5 6 7 8 9 
i=1: 2 5 15 52 203 877 4140 21147 115975 
i=2: 1 3 11 49 257 1539 10299 foo 609441 5284451 
i=3: 1 4 19 109 742 5815 51193 (498118 5296321 60987817 
i=4: 1 5 29 201 1657 15821 170389 2032785 26546673 376085653 


These are respectively entries A000110) (Bell numbers), |A004211 aan and |A004213) of 214]. In 


general, the number F,,; of F-increment RGSs (length n, ae a Ae i) is 
Pg = Sor Sah) (15.2-7) 


[fxtbook draft of 2008-January-19] 


330 Chapter 15: Set partitions 


where S(n,) are the Stirling numbers of the second kind. The exponential generating functions are 


CO n . = 1 

So Fae—y = OP (2 z) ) (15.2-8) 
AS 

n=0 


I 


t 


The ordinary generating functions are 


oo 
5 Fri yn 
n=0 


(15.2-9) 


I 

3 
iM 
x3 
IL 

els 

| 

>. 

> 

8 


[fxtbook draft of 2008-January-19] 


331 


Chapter 16 


A string substitution engine 


Number of symbols = 3 
Start: x 


BxABxBxABxABx 

‘ BABB AGxABxBxABxBxA 
‘BrcAlbeBixAbxABxBxABxBxABxABxBxABxAB 

* Bx ABEBSA Bx ABuBxABXBx ABXABXBxABXABXBxABXBXABXABXBXABABXA 


Oo ON DOF WN FP OO 
Boo 
tl 
(oe) 


Figure 16.0-A: Rules, axiom, and first steps of the evolution for a specific substitution engine. 


String substitution: A finite set of symbols (‘alphabet’), a set of substitution rules that map symbols 
to words (strings of symbols) and a start value (‘axiom’). The rules have to be applied in parallel. An 
example, let {a, A, B} be the symbols and {a +> A, At Ba, B +> Bz} the substitution rules. Start 
with a single x. The observed evolution is shown in figure[16.0-A] It is trivial to implement such a specific 
system, for the above: 


void fx(ulong n); 
void fA(ulong n); 
void fB(ulong n); 


void fx(ulong n) 


{ 
if ( O==n ) { cout << "x"; return; } 
fA(n-1); 


void fA(ulong n) 
£ 


if ( O==n ) { cout << "A"; return; } 
£B(n-1); fx(n-1); 


void fB(ulong n) 
{ 


[fxtbook draft of 2008-January-19] 


332 Chapter 16: A string substitution engine 


if ( 0==n ) { cout << "B"; return; } 
£B(n-1); fx(n-1); 


int main() 


ulong n = 10; // max depth 
for (ulong k=0; k<=n; ++k) 
{ 


fx(k); 
cout << endl; 


return 0; 


A utility class to create string substitution engines at run time is given in [FXT: class string_subst 
in comb/stringsubst.h|: 


class string_subst 


public: 
// example values generate rabbit sequence: 
ulong nsym_; // # of symbols 
// == 
char *symbol_; // alphabet 
[fat 20%, Le 
char **symrule_; // symrule_[i] string to replace i-th symbol with 
// == { NON, Wa. ss "40" }; for 0 |-> 1, 1 |-> 10 


ulong xlate_[256]; // translate char --> rule 
// ?a? --> symrule[xlate_[’a’]] 


ulong cmax_; // max string length 
char ¥*cc_; // string to hold result 
ulong ctc_; // count chars of result actually produced 


public: 
string_subst(int cmax, int nsym, char*const* symrule) ; 


Rules and symbols have to be supplied on construction. The member function subst takes an axiom and 
the number of generations as arguments and returns the numbers of produced characters. It calls the 
recursive function do_subst: 


void do_subst(ulong n, const char *rule) 
if ( O==n ) // add symbols to string: 
for (ulong i=0; ctc_<cmax_; ++i) 


char c = rule[il]; 
if ( 0==c ) break; 
cc_[ctc_] = c; 
++ctc_; 


} 
else // recurse: 
for (ulong i=0; O!=rule[i]; ++i) 


ulong r = (ulong)rule[il]; 
ulong x = xlate_[r]; 
do_subst(n-1, symrule_[x]); // recursion 


} 
} 


ulong subst(ulong maxn, const char *start) 
// maxn:=number of generations, start:=axiom 


{ 
ctc_ = 0; 
do_subst(maxn, start); 
cc_[ctc_] = 0; // terminate string 
return ctc_; 
} 


The resulting string is stored in an array of characters that can be accessed via the member function 


[fxtbook draft of 2008-January-19] 


333 


string(). The characters that do not fit into the array are silently discarded. Using an array of 
one million characters, the rules and axiom as follows 


Number of symbols = 5 
Start: a 
a --> -bF+aFa+Fb- 
b --> +aF-bFb-Fat+ 
> + 
a --> —. 
F --> F 


Then one obtains (displaying only the string lengths from the fourth generation on): 
0: (#=1) 
a 


1s (#=11) 
-bFt+aFat+Fb- 

2: (#=51) 
-+aF-bFb-Fat+F+-bF+aFat+Fb-F-bF+aFa+Fb-+F+aF-bFb-Fat+— 

3: (#=211) 


-+-bF+aFa+Fb-F-+aF-bFb-Fat+F+aF-bFb-Fat+-F-bF+aFa+Fb-+F+-t+aF-bFb- \ 
FatF+-bF+aFa+Fb-F-bF+aFa+Fb-+F+aF-bFb-Fat+-F-+aF-bFb-FatF+-bF+a \ 
Fa+Fb-F-bF+aFa+Fb-+F+aF-bFb-Fat+-+F+-bF+aFa+Fb-F-+aF-bFb-FatF+a \ 
F-bFb-Fa+—-F-bF+aFat+Fb-+- 

4: (#=851) 
5 (#=3411) 
6 (#=13651) 
T? (#=54611) 
8: (#=218451) 
9: (#=873811) 

10 (#=1000000) // <-- truncation 

it (#=1000000) 


The computation takes a split second only. The strings generated by the shown rule correspond to the 
Hilbert curves in successively finer resolutions if one initializes 


position: (x, y) = := (0,0) 
direction: (dx, dy) := (1,0) 
and identifies: 
?-) == "turn left": { t= dx; dx=-dy; dy=t; } 
24+? == "turn right": { t=-dx; dx= dy; dy=t; } 
7F? == "advance": { line(x, y, x+dx, ytdy); xt=dx; yt=dy; } 
either ’a’ or ’b’ == (ignore) 


The program [FXT: ds/stringsubst-demo.cc, prints evolutions for several rules. A 3-dimensional Hilbert 


(space-filling) curve is generated by the rule a+ *<aF*<aFa-F*>>aFavF+>>aFa-F>a->, all other symbols 
are mapped to themselves. The curve is obtained by interpreting the symbols (unequal to F) of the string 


as rotations [FXT: |\ds/stringsubst-hilbert3d-demo.cc. 


The number of symbols that occur in each generation can be computed by a simple matrix power. With i 
different symbols let n;(k) be the number of occurrences of the j-th symbol at generation k. Then n,(0) 
is determined by the axiom and 


N(k) := [ni(k),no(k),...,ni(k)|” (16.0-1) 
can be computed as 
N(k) = M* N(0) (16.0-2) 


where M is a matrix with columns according to the occurrences of the symbols in the transfer rules. For 
example, with the rules and axiom 


Number of symbols = 3 


Start: x 
Rules: x A B 
x -—o A 1 --> [0, 1, 0] 
A --> Bx 2 --> [1, 0, 1] =: transpose(M) 
B --> Bx 3 --> [1, 0, 1] 
we obtain 
011 Fri Fy Fy 
M= 1 0 0 MF = Frog Frey Fri k>2 (16.0-3) 
011 Fri Fy Fy 


[fxtbook draft of 2008-January-19] 


334 Chapter 16: A string substitution engine 


where Fy, is the k-th Fibonacci number. For the tenth generation, k = 10: 


34 55 55 
M?°/1,0,0)) = {21 34 34] [1,0,1]7 = (34,21, 34]7 (16.0-4) 
34 55 55 
So we have 34 ‘x’, 21 ‘A’ and 34 ‘B’ or a total of 89 symbols. 
For the engine corresponding to a 3D Hilbert curve 


Number of symbols = 5 


Start: a 
Rules: 
a --> -bFt+aFat+Fb- 1 --> [2, 2, 2, 2, 3] 
b --> +aF-bFb-Fat+ 2 --> [2, 2, 2, 2, 3] 
+ --> + 3 --> [0, 0, 1, 0, 0] =: transpose(m) 
---> - 4 --> [0, 0, 0, 1, 0] 
F --> F 5 --> [0, 0, 0, 0, 1] 
we find 
k total [  n(a), n(b), n(+), n(-), n(F) ] 
0 i [ i, 0, 0, 0, 0] 
1 11 [ 2s 2s 25 25 3 ] 
2 51 [ 8, 8, 10, 10, 15 J] 
3 211 [ 32, 32, 42, 42, 63 ] 
4 851 [ 128, 128, 170, 170, 255 J 
5 3411 [ 512, 512, 682, 682, 1023 J 
6 13651 [ 2048, 2048, 2730, 2730, 4095 ] 
va 54611 [ 8192, 8192, 10922, 10922, 16383 ] 
8 218451 [ 32768, 32768, 43690, 43690, 65535 J] 
9 873811 [ 131072, 131072, 174762, 174762, 262143 ] 
10 3495251 [ 524288, 524288, 699050, 699050, 1048575 ] 


In chapter [36] on page the string substitution idea is used to construct fast iterations for various 
functions whose power series are determined by the limiting string. 


An efficient algorithm for finding the n-th letter of the string produced by k iterations of a substitution 
rule is described in [213]. The problem of the identification of a finite automaton (substitution engine) 
that generates a given infinite string is discussed in [164]. The mathematical properties of sequences 
generated by finite automata are studied in [10}. 


[fxtbook draft of 2008-January-19] 


335 


Chapter 17 


Necklaces and Lyndon words 


A sequence that is minimal among all its cyclic rotations is called a necklace (see section[3.8.1}on page[128} 
for the definition in terms of equivalence classes). When there are k possible values for each element one 
talks about an n-bead, k-color (or k-ary length-n) necklaces. We restrict our attention to the case were 
only two sorts of beads are allowed and represent them by 0 and 1. 


O 1 Oe? - Saneuts 1 Oe a adeorens 1 
1 Mee a ectnece 1 6 Media te.acaus 1 8 
n=1: #=2 Qe eee 6 PT eee 11 8 
3: seeded 6 Be. ikea 14. 8 
O: nt 1 4: ...111 6 Be ees 111 8 
4: 1 2 Be deel 3 5: weeded 8 
2: i1 1 6: .«.t.21 6 6: iaece dD 8 
n=2: #=3 7: ..41.1 6 7: secon Vig dl 8 
8: ..1111 6 8: waa hl 1d 8 
Of dae 1 9: .1.4.1 2 9: re are | 4 
1: ai 3 10: .1.111 6 10: etree oth. 1 8 
2° 11 3 di: 211.121 3 Li seve A. 0 8 
3: 111 1 12: .11411 6 12: pierede i 14 8 
n=3: #=4 13: 1411111 1 13: wee dd. 8 
n=6: #=14 14: edd td 8 
Oe seats 1 15: Popo es Bea 8 
4s aed 4 OF eiesdas 1 16: eeced F124 8 
22 «14 4 : ore 1 7 17: edge dnd 8 
3: .1.1 2 25. sees i1 7 18: pom (ars Ba fe 8 
4: .111 4 Se seceded! 7 19: wedied 11 8 
Bs Att. 1 A: vee dD 7 20: wed 11.7 8 
n=4: #=6 6: es edd 7 21% ..1.1111 8 
6: ...1.11 7 22: edhe 1d 4 
C2, cewpgddel 7 23: wad 1.0 8 
Oi acboa sth 1 8: ...14111 7 24: ..11.111 8 
esl 5 9: wohec dt 7 25: 2.111212 8 
26 aceded 5 10: ..1.1.1 7 26: Pee i | 8 
S32 oped ot 5 41:  ..41.1411 7 27: ..111111 8 
4: ..111 5 12: ..11.11 7 28: re re oes a | 2 
62 ade 5 13: ..4114.1 7 29: .1.14.111 8 
6: .1411 5 14: ..11111 7 30: 1.11.11 8 
7: 111411 1 45: 22.1.0 7 31: .1.11111 8 
n=5: #=8 16: .1.1111 7 32: .11.1111 8 
17: .11.111 7 33: 111.114 4 
18: .1411111 7 34: .1111111 8 
19: 1111111 1 35: 11111111 1 

n=7: #=20 n=8: #=36 


Figure 17.0-A: All binary necklaces of lengths up to 8 and their periods. Dots represent zeros. 


Scanning all binary words of length n as to whether they are necklaces can easily be achieved by testing 
whether the word x is equal to the return value of the function bit_cyclic_min(x,n) shown in sec- 
tion [1.12]on page [27] For n up to 8 one obtains the sequences of binary necklaces shown in figure [17.0-A] 
As 2” words have to be tested this approach gets ineffective for large n. Luckily there is both a much 
better algorithm for generating all necklaces and a formula for their number. 


Not all necklaces are created equal. Each necklace can be assigned a period that is a divisor of the length. 


[fxtbook draft of 2008-January-19] 


336 Chapter 17: Necklaces and Lyndon words 


That period is the smallest (nonzero) cyclic shift that transforms the word into itself. The periods are 
given directly right to each necklace in figure [17.0-A] For n prime the only periodic necklaces are those 
two that contain all ones or zeros. Aperiodic (or equivalently, period equals length) necklaces are called 
Lyndon words. 


For a length-n binary word x the function bit_cyclic_period(x,n) from section on page 27|returns 
the period of the word. 


17.1 Generating all necklaces 


We give several methods to generate all necklaces of a given size. An efficient algorithm for the generation 


of bracelets (see section |3.8.1.4/on page}129) is given in [207]. 


17.1.1 The FKM algorithm 


1: ee .] jet N 1: io .] jet N 

a: —. 1] j-4 NOL 2: [. .1]  je6 NOL 
3: [...2] je4 NL 3: [. 1.]  j=5 

4. [..4.]  js3 4: [....41] 56 NL 
5: [..114] jr4 N L Be [...1..]  jr4 

6: Ley De] j=4 N L 6: ie t. 1] j=6 N L 
7 C~..2.]  js3 7: [ . 11.] 5-5 

8: ees 21] j=4 N L 8: Les we Lad] j=6 N L 
9: Le eee j=4 N L 9: [ x. «7 ef j=3 N 
10: [ws 2 1] j=2 N 10: Lee el to J j=5 

14: [—.4.2] je4 NOL 11: [..4.41] je6 NL 
12; [—..11.]  j-3 12: [e's d@end, ge@ 

13; [.111] je4 wo 13: [..414.14] Jfe6 wou 
144. [—..112] joa NL 14: [..441.]  je5 

15: [—.12.]  j-3 15: [..44141] je6 NL 
16: [.121] j=4 N L 16: Ea dt ft J j=2 N 
17: [.122] j=4 N L 17: [.1 eee j=5 

18: [.2.2] j=2 N 18: Dats 2 aa] j=6 N L 
19: [aod 2. al j=3 19: Pe td ead] j=3 N 
20: [.211] j=4 N L 20: Pen tt. 2 J j=4 
21: [£.212] ja NL 21: [.1411.] jes 
22: D2 2s. J j=3 22: [.11111] j=6 N L 
23: [.221] j=4 N L 23: [iiiit11] j=i N 
24: [.222] j=4 N L 23 (6, 2) pre-necklaces. 
25: [1111] jel N 14 necklaces and 9 Lyndon words. 
26: [1112] j=4 N L 
27: [1121] j=3 
28: [ 2-f.222:] j=4 N L 
29: Ped, 2 te. j=2 N 
30: ee ie? | j=3 
31: [1222] j=4 N L 
32: [2222] j= nN 


32 (4, 3) pre-necklaces. 
24 necklaces and 18 Lyndon words. 


Figure 17.1-A: Ternary length-4 (left) and binary length-6 (right) pre-necklaces as generated by the 
FKM algorithm. Dots are used for zeros, necklaces are marked with ‘N’, Lyndon words with ‘L’. 


The following algorithm for generation of all necklaces actually produces pre-necklaces a subset of which 
are the necklaces. A pre-necklace is a string that is the prefix of some necklace. The FKM algorithm (for 


Fredericksen, Kessler, Maiorana) to generate all k-ary length-n pre-necklaces proceeds as follows: 


[fxtbook draft of 2008-January-19] 


17.1: Generating all necklaces 337 


1. Initialize the word F = [f1, fo, ..., fn] to all zeros. Set j = 1. 
2. (Visit pre-necklace F’. If 7 divides n then F is a necklace. If 7 equals n then F’ is a Lyndon word.) 


3. Find the largest index j so that f; < k—1. If there is no such index (then F = [k—1, k—1, ..., k—-1], 
the last necklace), then terminate. 


4. Increment f;. Fill the suffix starting at fj;+1 with copies of [fi,..., fj]. Goto step 2. 


The crucial steps are [FXT: comb/necklace-fkm-demo.cc’: 


for (ulong i=1; i<=n; ++i) ffi] = 0; // Initialize to zero 


bool nq = 1; // whether pre-necklace is a necklace 
bool lq = 0; // whether pre-necklace is a Lyndon word 
ulong j = 1; 

while ( 1) 

{ 


// Print necklace: 

cout << setw(4) << pct << ":"; 
print_vec(" ", f+1, n, true); 
cout << " j=" << j3 

if (ng) cout <<" N"; 

if (lq) cout <<" L"; 

cout << endl; 


// Find largest index where we can increment: 

j= 33 

while ( f[j]==k-1 ) ‘{ --j; }; 

if ( j==0 ) break; 

++f£[j]; 

// Copy periodically: 

for (ulong i=1,t=j+1; t<=n; ++i,++t) f[t] = f[i]; 
nq = ( (n4j)==0 ); // necklace if j divides n 

lq = ( j==n ); // Lyndon word if j equals n 


} 


Two example runs are shown in figure }17.1-A} An efficient implementation of the algorithm is [FXT: 
class necklace in |comb/necklace.h): 


class necklace 


public: 
ulong *a_; // the string 
ulong *dv_; // delta sequence of divisors of n 


ulong n_; // length of strings 
ulong mi_; // m-ary strings, mi=m-1 
ulong j_; // period of the word (if necklaces) 
public: 
necklace(ulong m, ulong n) 
n_=(n?n: 1); // at least one 
mi_ = ( mi ? m-1: 1); // at least two 
a_ = new ulong[n_+1]; 
dv_ = new ulong[n_+1]; 
for (ulong j=1; j<=n; ++j) dv_[j] = ( 0==(n_4j ) ); // divisors 
first(); 
} 
[--snip--] 
void first () 
for (ulong j=0; j<=n_; ++j) a_[j] = 0; 
j- = 45 
[--snip--] 


The method to compute the next pre-necklace is 


ulong next_pre() // next pre-necklace 
// return j (zero when finished) 


// Find rightmost digit that can be incremented: 


[fxtbook draft of 2008-January-19] 


338 Chapter 17: Necklaces and Lyndon words 


ulong j = n_; 
while ( a_[j] == mt_) f --j; } 


// Increment: 
// if ( O==j_ ) return 0; // last 
+t+a_[j]; 


// Copy periodically: 
for (ulong k=j+1; k<=n_; ++k) a_[k] = a_[k-j]; 


J. = 35. 
return j; 


Note the commented out return with the last word, this gives a speedup (and no harm is done with the 
following copying). The array dv allows determination whether the current pre-necklace is also a necklace 
(or Lyndon word) via simple lookups: 


bool is_necklace() const 


return ( 0!=dv_[j_] ); // whether j divides n 
} 


bool is_lyn() const 


return ( j_==n_ ); // whether j equals n 


} 
ulong next() // next necklace 
do 
{ 
next_pre(); 


if ( 0==j_ ) return 0; 


} 
while ( 0==dv_[j_] ); // until j divides n 


return j_; 
} 
ulong next_lyn() // next Lyndon word 
{ 
do 
{ 
next_pre(); 
if ( 0==j_ ) return 0; 
} 
while ( j_==n_ ); // until j equals n 
return j_; // ==n 
} 


The rate of generation for pre-necklaces is about 98 M/s for base 2, 140 M/s for base 3, and 180 M/s for 
base 4 [FXT: comb/necklace-demo.cc}. An specialization of the algorithm for binary necklaces is [FXT: 
class binary_necklace in comb/binary-necklace.h). It can generate pre-necklaces at about 124 M/s 


(when arrays are used instead of pointers), see [FXT: comb/binary-necklace-demo.cc]. 


The binary necklaces that fit into a machine word can be generated via [FXT: class bit_necklace in 


bits /bit-necklace.h) which produces about 32 million necklaces per second. The program [FXT: bits/bit- 


ecklace-demo.cc) shows the usage of the class. 


The binary necklaces of length n can be used as cycle leaders in the length-2” zip permutation (and its 
inverse) that is discussed in section [2.5] on page An algorithm for the generation of all irreducible 
binary polynomials via Lyndon words is described in section on page 


[fxtbook draft of 2008-January-19] 


17.1: Generating all necklaces 339 


0: OS ee ais T= 1 oT 1 
1: a= ..... 11 = 3 == we, 11 
2-3 a= ...1..1 = 9 == ee eee 
3: a= ..11.11 = 27 == ae ee eee 
4: a= 1.1...1 = 81 == weed had 
5: a= 111.1.. = 116 == wed dd od 
6: a= 1.1111. = 94 == -1.1111 
7: a= ..111.. = 28 == excel 
8: a= 1.1.1.. = 84 == ras loa 
9: a= 11111.1 = 125 == -1411111 
10: a= 1111..1 = 121 == Ae 
11: a= 11.11.1 = 109 == 11.4111 
12: =1..1..1 = 73 pas ere Es | 
13: =1.111.. = 92 .-1.111 
14: =..1.11. = 22 == ene Deseded. 
15: =1....1. = 66 == ee ea 
16 : a= 1...f11 = 71 == ee See 
17: a= 1.1.11. = 86 == 1.4.11 
18 : a= cocidan = 4 CT ee 1 <--= sequence restarts 
19 : =...11.. = 12 == wee. 11 
20 : a= .1..1.. = 36 == ives Dead 
21 : a= 11.11.. = 108 == pare es Rege Ee 
22 : a= 1...11. = 70 == weed ded 
23 : a= 1.1..11 = 83 == ted 
24 : a= 1111.1. = 122 == -1.1111 
25 : a=_111.... = 112 == Deen ddd 
[--snip--] 


Figure 17.1-B: Generation of all (18) 7-bit Lyndon words as binary representations of the powers 
modulo 127 of the primitive root 3. The right column gives the cyclic minima. Dots are used for zeros. 


17.1.2 Binary Lyndon words with length a Mersenne exponent 


The length-n binary Lyndon words for n an exponent of a Mersenne prime M,, = 2” —1 can be generated 
efficiently as binary expansions of the powers of a primitive root r of m until the second word with just 
one bit is reached. With n = 7, m = 127 and the primitive root r = 3 we get the sequence shown in 
figure The sequence of minimal primitive roots r, of the first Mersenne primes M,, = 2” — 1 is 
entry of [214]: 


22-2 17: 3 107: 3 

3: 3 19: 3 127: 43 

5: 3 31: 7 521: 

7: 3 61: 37 607: 5 <--= 5 is a primitive root of 2**607-1 
13: 17 89: 3 1279: 5 


17.1.3 A constant amortized time (CAT) algorithm 


A constant amortized time (CAT) algorithm to generate all k-ary length-n (pre-)necklaces is given in [73]. 
The crucial part of a recursive algorithm [FXT: |comb/necklace-cat-demo.cc, is the function 


ulong K, N; // K-ary pre-necklaces of length N 


ulong f[N]; 
void crsms_gen(ulong n, ulong j) 
{ 
if (n>N) visit(j); // pre-necklace in f[1,...,N] 
else 
f(n] = f[n-j]; 


crsms_gen(n+1, j); 


for (ulong i=f[n-j]+1; i<K; ++i) 
f[n] = i; 
crsms_gen(nt1, n); 
} 


After initializing the array with zeros the function must be called with both arguments equal to one. The 
routine generates about 71 million binary pre-necklaces per second. Ternary and 5-ary pre-necklaces are 
generated at a rate of about 100 and 113 million per second, respectively. 


[fxtbook draft of 2008-January-19] 


340 Chapter 17: Necklaces and Lyndon words 
17.1.4 An order with fewer transitions 
MS adie ace 1 11: ..141111 21: woletc tt 
De) gb aad 11 12: . 111.1 22: net dee ATL 
De. daueecs 111 13: wad ted 23: ..1.11.1 
Bee fa wands 1.1! 14: ..1.111 24: ..1..111 <<4+1 
5: ..11.1 We: beads dl 25: Pada edie 
6: ..1111 16: ..11.111 <<4+1 26: .11.1111 <<+2 
7: ..1.11 17: ..11.1.1 27: .1111111 
8: Ga tececle aes lt 18: ..1111.1 28: 21.11.11 <<4+1 
9: Pear ei bee | 19: ..111111 29: Pt Ue Fes 
10: rears: Fei es Bal 20° 2.201. 30: PW te 


Figure 17.1-C: The 30 binary 8-bit Lyndon words in an order with few changes between successive 


words. Transitions where more than one bit changes are marked with a ‘<<’. 


n: Xn n: Xn n Xn n: Mn n: Xn 
1: 0 ve 2 13: 95 19: 2598 25: 85449 
2: 0 8 5 14: 163 20: 4546 26: 155431 
3: 0 9 11 15: 290 21: 8135 27: 284886 
4: 0 10 15 16: 479 22: 14427 28: 522292 
5: 1 11: 34 17: 859 23: 26122 29: 963237 
6: 1 12: 54 18: 1450 24: 46957 30: 1778145 


Figure 17.1-D: Excess (with respect to Gray code) of the number of bits changed. 


The following routine generates the binary pre-necklaces words in the order that would be obtained by 
selecting valid words from the binary Gray code: 


void xgen(ulong n, ulong j, int x=+1) 


if (n>N) visit(j); 
else 
if ( -1==x ) 
if ( 0==f[n-j] ) { f[n] = 1; xgen(mti, n, -x); } 
f[n] = f[n-j]; xgen(mt1, j, +x); 
else 
f[n] = f[n-j]; xgen(n+1, j, +x); 


if ( 0==f[n-j] ) { f[n] = 1; xgen(mti, n, -x); } 


} 
} 
} 


The program [FXT: \comb/necklace-gray-demo.cc) computes the binary Lyndon words with the given 


routine. The ordering obtained has fewer transitions between successive elements but is in general not a 
Gray code (for up to 6-bit words a Gray code is generated). Figure [17.1-C] shows the output with 8-bit 
Lyndon words. The first 2!”/2J — 1 Lyndon words of length n are in Gray code order. The number X,, 
of additional transitions of the length-n Lyndon words is, for n < 30, shown in figure 


17.1.5 An order with at most three changes per transition 


An algorithm to generate necklaces in an order such that at most 3 elements change with each update 
is given in [242]. The recursion can be given as (corrected and shortened) [FXT: comb/necklace-gray3- 
demo.ce): 


long +f; // data in f[1..m], 
long N; // word length 
int k; // k-ary necklaces, k==sigma in the paper 


f[0] = 0 
void gen3(int z, int t, int j) 
{ 


[fxtbook draft of 2008-January-19] 


17.1: Generating all necklaces 341 


<<+1 
<<+2 


<<+1 
<<+2 


<<+2 


<<t1 32: <<+1 


NNNNNBRBRBRBRHRHE 
BWNRFOWOONDOBW 
B 


<<+1 


NORPOWOONDUOPWNR 
PRRPRRRRRRE: BR 
PRR RRR RRR 

— 

Ww 

oO 
RPRERRRRRRRRE 
PRR RBRBRRR RRR 


BRE 
Ww 
[o>) 
RB 
Be 


<<+1 


Figure 17.1-E: The 30 binary 8-bit necklaces in an order with at most 3 changes per transition. Tran- 
sitions where more than one bit changes are marked with a ‘<<’. 


n: Xn n: Xn n: Xn n: Xn n: Xn 
1: 0 T 6 13: 200 19: 6462 25: 239008 
2: 1 8: 12 14: 360 20: 11722 26: 441370 
3: 2 9: 20 15: 628 21: 21234 27: 816604 
A: 2 10: 38 16: 1128 22: 38754 28: 1515716 
Ds 2 11: 64 17: 1998 23: 70770 29: 2818928 
6: 4 12: 116 18: 3606 24: 129970 30: 5256628 


Figure 17.1-F: Excess (with respect to Gray code) of number of bits changed. 


if (t >N) { visit(j); } 
else 


a ( (z&1)==0 ) // z (number of elements ==(k-1)) is even? 
for (int i=f[t-j]; i<=k-1; ++i) 
f[t] = i; 
gen3( z+(il=k-1), tt+1, (il=f[t-j]?t:j) ); 


or 
for (int i=k-1; i>=f[t-j]; --i) 
f(t] = i; 
gen3( z+(i!=k-1), tt1, (i!=f[t-j]?t:j) ); 
} 


The variable z counts the number of maximal elements. The output with length-8 binary necklaces is 
shown in figure}17.1-E}] Selecting the necklaces from the reversed list of complemented Gray codes of the 
n-bit binary words produces the same list. 


17.1.6 Binary necklaces of length 2” via Gray-cycle leaders * 


The algorithm for the generation of cycle leaders for the Gray code permutation given section on 


page [97] and relation |1.18-10c]on page written as 
S.Yae = Yoga (17.1-1) 


(Y is the yellow code, or bit-wise Reed-Muller transform) allow us to generate the necklaces of length 2”: 
The cyclic shifts of Y 2 are equal to Y g* x for k = 0,...,1 —1 where 1 is the cycle length. Figure|17.1-G 
shows the correspondence between cycles of the Gray code permutation and cyclic shifts, it was generated 


with the program [FXT: comb/necklaces-via-gray-leaders-demo.cc . 


[fxtbook draft of 2008-January-19] 


342 Chapter 17: Necklaces and Lyndon words 


k = 7: 16 cycles of length= 8 


Le Aes dl saoerane ae ] = 1..1.11 L 4tyhodds. J 
LS dies 1 [ .1111111 ] --> 11.111.1 [ ....1.11 ] 
Be ot scene celled... --> 1.11..11 [ 4....1.1 ] 
ES: De stewie 114 [ 11.1.1.1 ] --> 111.1.1 [ disscels J 
b= Aiseodee [Teddies J --> 1..11111 [ .11....1 ] 
b= doecel.d DT d.tt..11 J ==>) 11 des: Pavitt. cas J 
L= disecdd. DPditectt. J => Liddte.. DF .tdt... J 
L= 1....111 [ ...11..1 ] --> 111..1.. [ ..1.11.. ] 
b= do dee [dds ee J 
EL] 4..d..01 [ 2...4211 ] = 41..1.111 [ 111.1..1 ] 
L= 4... [ dedi.d. J --> 11.111. [ 1111.1... ] 
ES Aisdisdd. if wits J ==> 1.11.1 [ .1111.1. ] 
b= 12.112. [ 2.ttdt.. J --> 111.1.11 [ 1111.1 ] 
L= 1..1.1.1 [ .1....11 ] ==> 10111 [ t..1111. J] 
L= Agiedetia- ‘DL oiencdtthe J --> 11.1...1 [ .1..1111 ] 
L= 1..1:114 [ 211.1..1 ] =-> 1.111..2 [ 1.1..111 J 
--> 111..1.1 [ 11.1..11 ] 


Figure 17.1-G: Left: the cycle leaders (minima) L of the Gray code permutation where is highest bit has 
index 7 and their bit-wise Reed-Muller transforms Y(L). Right: the last two cycles and the transforms 
of their elements. 


If no better algorithm for the cyclic leaders of the Gray code permutation was known we could generate 
them as Y~'(N) = Y(N) where WN are the necklaces of length 2”. The same idea, and relation|1.18-11b 
on page [49] give the relation 


S,Bce = Be*a (171-2) 


where B is the blue code and e the reversed Gray code. 


17.1.7 Binary necklaces via cyclic shifts and complements * 


WN 
pow a 
Re 


Re RRRReR. - 
s RBRRBRRE 
RPRREBRBRE 


oRWNE 
he Be BRR RE 


PRRRBRBRBRERERREE 
ed 


WNRFOCOONDOPWNR 
a dd el 


ny 
sR RPRRR. 


/ eRe. 
er rd 


Re 


BRR 
he RRR BR BRR RRR 


Ree RRR RR 
ONMDOPWNFOWOONDOARWNE 
BRE BR BREE. 
Ree RR BR RRR 
h RRR BR BRR RRR 
hs RRR RR 
Ce dd ee oy 

Ww N 

Ww 00 

are 
Beary area 
+ 


RPRERBRBRRRRHR 


OODNDOPWNRFOWOONDOEWNFE 
os pee 
1 BRR: 


PREREBRERBREBRE RRB REBE 


NoOorPwnr 

ee eer 

BA. pape ee 

* RRR - 

Re RR. 
PRR RRE 
PRERPRBRBRRRRBE 


Figure 17.1-H: Nonzero binary necklaces of lengths n = 3,4,...,8 as generated by the shift and 
complement algorithm. 


A recursive algorithm to generate all nonzero binary necklaces via cyclic shifts and complements of the 
lowest bit is described in [201]. An implementation of the method is given in [FXT: comb/necklace- 
sigma-tau-demo.ce 


inline ulong sigma(ulong x) { return bit_rotate_left(x, 1, n); } 
inline ulong tau(ulong x) { return x ~*~ 1; } 


void search(ulong y) 


visit (y); 
ulong t = y; 


[fxtbook draft of 2008-January-19] 


17.2: The number of binary necklaces 343 


while ( 1 ) 
{ 


t = sigma(t); 
ulong x = tau(t); 
if ( (x&1) && (x == bit_cyclic_min(x, n)) ) search(x); 
else break; 
} 
} 


The initial call is search(1). The generated ordering for lengths n = 3,4,...,8 is shown in figure}17.1-H 


17.2 The number of binary necklaces 


n: Ny, n: Nn n: Nn n: Nn 
1: 2 11: 188 21: 99880 3l: 69273668 
2: 3 12: 352 22: 190746 32: 134219796 
3: 4 13: 632 23: 364724 33: 260301176 
A: 6 14: 1182 24: 699252 34: 505294128 
5: 8 15: 2192 25: 13842184 35: 981706832 
6: 14 16 4116 26: 2581428 36: 1908881900 
7: 20 17: 7712 27: 4971068 37: 3714566312 
8: 36 18: 14602 28: 9587580 38: 7233642930 
9: 60 19: 27596 29: 18512792 39: 14096303344 

10: 108 20: 52488 30: 35792568 40: 27487816992 


Figure 17.2-A: The number of binary necklaces for n < 40. 


n: Ln n: In n: In n: In 
1: 2 11: 186 21: 99858 31: 69273666 
2: 1 12: 335 22: 190557 32: 134215680 
3: 2 13: 630 23: 364722 33: 260300986 
4: 3 14: 1161 24: 698870 34: 505286415 
5: 6 15: 2182 25: 1342176 35: 981706806 
6: 9 16: 4080 26: 2580795 36: 1908866960 
7: 18 17: 7710 27: 4971008 37: 3714566310 
8: 30 18: 14532 28: 9586395 38: 7233615333 
9: 56 19: 27594 29: 18512790 39: 14096302710 

10: 99 20: 52377 30: 35790267 40: 27487764474 


Figure 17.2-B: The number of binary Lyndon words for n < 40. 


The number of binary necklaces of length n equals 


n 


1 1 ; 
Nn = — > edo? = — > assur) (17.2-1) 
nm n 
d\n j=1 


Replace 2 by & to get the number for & different sorts of beads (possible values at each digit). The values 
for n < 40 are shown in figure|17.2-A| The sequence is entry A000031) of [214]. 


The number of Lyndon words (aperiodic necklaces) equals 


1 1 
In = — > H(d)2"/4 = = S > M(n/d) 2" (17.2-2) 
nm nr 
d\n d\n 


[fxtbook draft of 2008-January-19] 


344 Chapter 17: Necklaces and Lyndon words 


The Mobius function - is defined in relation |35.1-6] on page [657] The values for n < 40 are given in 


figure }17.2-B} The sequence is entry |A001037 of [214]. For prime n = p we have L, = N, — 2 and 


a 
2 == (%) (17.2-3) 
Dp pak 


The latter form transpires that there are exactly (2) /p Lyndon words with k ones for 1 < k < p—1. 
The difference of two is due to the necklaces that consist of all zeros or ones. The number of irreducible 
binary polynomials (see section[38.5]on page|823) of degree n also equals L,,. For the equivalence between 
necklaces and irreducible polynomials see section [38.6] on page 


Let d be a divisor of n. There are 2” binary words of length n, each having some period d that divides 
n. There are d different shifts of the corresponding word, thereby 
= diy (17.2-4) 


d\n 


Mobius inversion gives relation |17.2-2| The necklaces of length n and period d are obtained by concate- 
nation of n/d Lyndon words of length d, so 


Nn = So La (17.2-5) 
d\n 
We note the relations (see section |35.1.4}on page |659) 
(l1-2y) = |[[@-y*)* (17.2-6a) 
k=1 
So Le ye = S- i log (1 — 2y*) (17.2-6b) 
k=1 k=1 
Defining 
no(x) = |] U-By*) (17.2-7a) 
k=1 
we have 
m(z) = |[@-y*y% (17.2-7b) 
k=1 
mo(z) = |] mys)" (17.2-7c) 
k=1 


17.3. The number of binary necklaces with fixed content 


Let N;»\ be the number of binary length-n necklaces with exactly no zeros (and ny; = n— no ones). We 


call these necklaces with fixed density. One has 
1  (m/5 
Non\y = = 17.3-1 
@) = 20 (7) (17.31) 


where g = gcd(n,no). One has the symmetry relation Ni ny = Ni n= Ni ny. A table of small values 


no n—ng ny 
is given in figure 


[fxtbook draft of 2008-January-19] 


17.3: The number of binary necklaces with fixed content 345 


ee OOP Oe Or Oe Oe ee Qe Ge Gung 
1: 2 1 1 

2: 3 1 1 1 

3: 4 1 1 1 1 

4: 6 1 1 2 1 1 

5: 8 1 1 2 2 1 1 

6: 14 1 1 3 4 3 1 1 

7: 20 1 1 3 5 5 3 1 1 

8: 36 1 1 4 7| 10 4 4 1 1 

9: 60 1 1 4| 10 14) 14} 10 4 1 1 

10: 108 1 1 5 12} 22) 26) 22 12 5 1 1 
11: 188 1 1 5 15} 30) 42) 42) 30] 15 5 1 
12: 352 1 1 6} 19} 43] 66} 80] 66] 438); 19 6 
13: 632 1 1 6} 22} 55) 99} 132} 132) 99| 55 22 
14: 1182 1 1 7| 26) 73) 1438} 217} 246) 217| 143 73 
15: 2192 1 1 7| 31 91) 201) 335} 429) 429) 335] 201 
16: 4116 1 1 8} 35] 116] 273) 504} 715] 810} 715} 504 
17: 7712 1 1 8} 40} 140] 364} 728/1144]1430| 14380} 1144 
18: | 14602 1 1 9} 46] 172) 476] 1038 | 1768 | 2438 | 2704 | 2438 
19: | 27596 1 1 9} 51} 204) 612) 1428 | 2652 | 3978 | 4862 | 4862 
20: | 52488 1 1} 10} 57] 245) 776)1944 |3876|6310| 8398 | 9252 


Figure 17.3-A: The number of binary necklaces with a prescribed number of ones. 


me F@E@L@F@ FO F@H@ 4a F@ a Aa) 

af 2 1 1 

2: 1 0 1 0 

3: 2 0 1 1 0 

4: 3 0 1 1 1 0 

5: 6 0 1 2 2 1 0 

6: 9 0 1 2 3 2 1 0 

7: 18 0 1 3 5 5 3 1 0 

8: 30 0 1 3 7 8 7 3 1 0 

9: 56 0 1 4 9| 14] 14 9 4 1 0 

10: 99 0 1 4) 12) 20) 25) 20; 12 4 1 0 

11: 186 0 1 5| 15} 30) 42) 42] 30) 15 5 1 

12: 335 0 1 5| 18] 40] 66] 75} 66) 40] 18 5 

13: 630 0 1 6} 22) 55] 99] 182] 132) 99] 55) 22 

14 1161 0 1 6; 26) 70} 143] 212} 245) 212] 143) 70 

15 2182 0 1 7} 30} 91] 200) 333} 429) 429] 333) 200 

16 4080 0 1 7| 35 | 112] 273] 497] 715) 800} 715| 497 

17 7710 0 1 8| 40| 140] 364] 728}1144 1430 }1430 | 1144 

18: | 14532 0 1 8| 45] 168] 476]1026 |1768 | 2424 }2700 | 2424 

19: | 27594 0 1 9} 51| 204] 6121428 |2652 |3978 |4862 | 4862 

20: | 52377 0 1 9| 57| 240] 775 |1932 |3876 |6288 |8398 | 9225 
Figure 17.3-B: The number of binary Lyndon words with a prescribed number of ones. 


[fxtbook draft of 2008-January-19] 


346 Chapter 17: Necklaces and Lyndon words 


Let Ly ny be the number of binary length-n Lyndon words with exactly no ones (Lyndon words with fixed 
no 
density), then 


Lin) = * Hs) a (17.3-2) 


where g = gcd(n,no). The symmetry relation is the same as for N, ("): A table of small values is given 
no 


in figure |17.3-B 


Let N(no,71,...,%~1) be the number of k-symbol length-n necklaces with n; occurrences of symbol j. 


For the number of such necklaces with fixed content we have (n = oer n,; and): 
(n/d)! 
N bee = — 17.3-3 
(no, M1, » UR 1) ee ) Tig a) -- (nm_1/d)! ( ) 
where g = gcd(no,1,---,-1). The equivalent formula for the Lyndon words with fixed content is 
(n/d)! 
L aoe = — 17.3-4 
(no, 1, » Vk 1) oe EOMENE -- (ng_1/d)! ( ) 


where g = gcd(no,m1,...,x—-1). The relations were taken from [202] and [208] which also give efficient 
algorithms for the generation of necklaces and Lyndon words with fixed density and content, respectively. 
The number of strings with fixed content is a multinomial coefficient, see relation |11.2-lajon page [276] 


[fxtbook draft of 2008-January-19] 


347 


Chapter 18 


Hadamard and conference matrices 


The 2” x 2*-matrices corresponding to the Walsh transforms (see chapter [22] on page 429) are special 
cases of so-called Hadamard matrices. Such matrices also exist for certain sizes n x n for n not a power 
of two. We give construction schemes for Hadamard matrices that come from the theory of finite fields. 


If we denote the transform matrix for an N-point Walsh transform by H, then 
HH”? = Nid (18.0-1) 
where id is the unit matrix. The matrix H is orthogonal (up to normalization) and its determinant equals 
det(H) = det (HH7)'? = NN? (18.0-2) 


Further, all entries are either +1 or —1. An orthogonal matrix with these properties is called a Hadamard 
matrix. We know that for N = 2” we always can find such a matrix. For N = 2 we have 


(18.0-3) 


and we can use the Kronecker product (see section on page [433) to construct Hoy from Hy via 


+H y/2 +Hy/2 | 
H, = = H.®H 18.0-4 
paw -Hy;2 pinnae ( ) 


The problem of determining Hadamard matrices (especially for N not a power of two) comes from 
combinatorics. Hadamard matrices of size N x N can only exist if N equals 1, 2, or 4k. 


18.1 Hadamard matrices via LFSR 


We start with a construction for certain Hadamard matrices for N a power of two that uses m-sequences 


that are created by shift registers (see section on page|833]and section on page|838). Figure 


[A]shows three Hadamard matrices that were constructed as follows: 
1. Choose N = 2” and create a maximum length binary shift register sequence S of length N — 1. 
2. Make S' signed, that is, replace all ones by —1 and all zeros by +1. 


3. The N x N matrix H is obtained by filling the first row and the first column with ones and filling 
the remaining entries with cyclical copies of s: for r=1,2,... N—1andc=1,2,...N—1 set 
H,.. = Soret mod N—1- 


[fxtbook draft of 2008-January-19] 


348 Chapter 18: Hadamard and conference matrices 


Signed SRS: Signed SRS: Signed SRS: 
-+t++—-4+ +--+ -4+--- -++-4+-- -+- 

Hadamard matrix H: Hadamard matrix H: Hadamard matrix H: 
++ eeeterterttteteeeeest t++tete e+e t+ +++ 
+--+ + 4+ -+ +--+ -4+--- +-++-4-- +-+- 
+--+ ++ -+4+--4+-4+-- +--++-4- +--+ 
t+--- +++ -+4+--4+-4- +---++- + ++ -- 
t+---- +++ -4+4+--4+- 4+ t++--- +4 - 

t++---- ttt -+4+--4- +-+---+ 4+ 

+-+---- +++ -4+ +--+ ++ -+--- + 

t++-4---- +++ -4+4+-- +++ -4+-- - 

+--+ -4+---- tte -¢ ¢- 

+--+ -4+---- t+ +e - + + 

t++--+¢+-4+---- t+ +e - + 

++ +--+ -+--- - t+ He - 

t+-+¢4+--4+-4+---- +t + + 

t++-+¢+ +--+ -4+---- + + 

++ +--+ +--+ -4+---- + 

+++ ¢-+ +--+ -4+---- 


Figure 18.1-A: Hadamard matrices created with binary shift register sequences (SRS) of maximum 
length. Only the sign of the entries is given, all entries are +1. 


For given n we can obtain as many different Hadamard matrices as there are m-sequences. 


The matrices in figure|18.1-A] where produced with the program [FXT: comb/hadamard-srs-demo.cc). 


#include "bpol/lfsr.h" // class lfsr 
#include "auxi/copy.h" // copy_cyclic() 


#include "matrix/matrix.h" // class matrix 
typedef matrix<int> Smat; // matrix with integer entries 


[--snip--] 
ulong n = 5; 
ulong N = 1UL << n; 
[--snip--] 
// --- create signed SRS: 
int vec[N-1]; 
lfsr S(n); 
for (ulong k=0; k<N-1; ++k) 
{ 


ulong x = 1UL & S.get_a(); 
vec[k] = (x? -1: +1); 


S.next(); 

} 

// --- create Hadamard matrix: 

Smat H(N,N); 

for (c=0; c<N; ++c) H.set(0, c, +1); // first row = [1,1,1,...,1] 

for (ulong r=1; r<N; ++r) 

{ 
H.set(r, 0, +1); // first column = [1,1,1,...,1]°T 
copy_cyclic(vec, H.rowp_[r]+1, N-1, N-r); 

[--snip--] 


The function copy_cyclic() is defined in [FXT: aux1/copy.h): 


template <typename Type> 

inline void copy_cyclic(const Type *src, Type *dst, ulong n, ulong s) 
// Copy array src[] to dst[] 

// starting from position s in src[] 

// wrap around end of src[] (src[n-1]) 


// src[] is assumed to be of length n 
// dst[] must be length n at least 


// 
// Equivalent to: { copy(src, dst, n); rotate_right(dst, n, s)} 
{ 
ulong k = 0; 
while ( s<n ) dst[kt++] = src[s++]; 
s = 0; 
while ( k<n ) dst[kt++] = src[s++]; 
} 


[fxtbook draft of 2008-January-19] 


18.2: Hadamard matrices via conference matrices 349 


If we define the matrix X to be the (N —1) x (N —1) block of H obtained by deleting the first row and 
column then 


Nt 1 1 a 
-1 N-1 -1 =a 

xx? = | 7) el Nel ee 1 (18.1-1) 
1 1 1 Nai 


Equivalently, for the (cyclic) auto correlation of S' (see section on page [839}: 


Ei 
+L if =0 

SY Sp SeemeaE = {7 ate 7 (18.1-2) 

k=0 


where L = N — 1 is the length of the sequence. 


A alternative way to obtain Hadamard matrices of dimension 2” is to use the signs in the multiplication 
table for hypercomplex numbers described in section |37.16]on page 


18.2 Hadamard matrices via conference matrices 


Quadratic characters modulo 13: Quadratic characters modulo 11: 
O+t-+t+----+4+-4+ O+r-+tt++—---4+- 
14x14 conference matrix C: 12x12 conference matrix C: 
Oo+t t++tetertetrteet O+tr+t+t+tt+¢+¢+ 4+ 4+ 4 
+O+-++----++-+4 -O+-+++---4- 
++0O0+-+4+----+t+4+- --O+-+++---+4 
+-+0+-++----+ +4 -+-O+-+4++4++4+--- 
t++—-+0+-++----+4+ --+-O+-+++4+-- 
t+t+-+0+-4+4+---- ---+-O+-+4++4+4+- 
t+-++-+0+-4++--- ----+-O0+-+++4 
t+--++4+-4+0+-4+4+-- -+---+-O+-44 
t+---++-+0+-4+4+- -++---+-0O0+-+4 
t----++-4+0+-4+ 4 -+++---+-0O0+- 
t++----++-+04+-+4 --+++---+-0H 
t+t—----+4+-+0+- -+-+++---+-0 
t+-++----++-4+ 04 
t+—-+4+----++-4+0 


Figure 18.2-A: Two Conference matrices, the entries not on the diagonal are +1 and only the sign is 
given. The left is a symmetric 14 x 14 matrix (13 = 1 mod 4), the right is a antisymmetric 12 x 12 matrix 
(11 = 3 mod 4). Replacing all diagonal elements of the right matrix with +1 gives a 12 x 12 Hadamard 
matrix. 


A conference matrit Cg is a Q x Q matrix with zero diagonal and all other entries +1 so that 
cc’ = (Q-i)id (18.2-1) 


An algorithm for the construction of C, for @ = q+ 1 where gq is an odd prime: 


1. Create a length-g array S with entries S;, € {—1, 0, +1} as follows: set So = 0 and, forl<k <q 
set S; = +1 if k is a square modulo q, S; = —1 else. 


2. Set y= 1 if g=1 mod 4, else y = —1 (then q = 3 mod 4). 


3. Create a Q x Q matrix C as follows: set Coo = 0 and Co, = +1 for 1 < k < Q (first row). Set 
Cio = y for 1 < k < Q (first column). Fill the remaining entries with cyclical copies of S: for 
l<r<qandl<c<qset Cre = Sce_r4i mod g: 


The quantity y tells us whether C is symmetric (y = +1) or antisymmetric (y = —1). 


[fxtbook draft of 2008-January-19] 


390 Chapter 18: Hadamard and conference matrices 


12x12 Hadamard matrix H: Quadratic characters modulo 5: 
t+etttte-+tteet +--+ 

tt toe bbe te + 6x6 conference matrix C: 
t+et++--++-4+-- O+t+t+++ 
t+-++4+-4+-4+ -4+- +O+--+ 
t+--+++4+--4+-+4 ++0+-- 

t+--+ +++ --4¢- +-+0++- 
-++++4++------ +--+0+ 
t+-+--+--- +4 - ++--+0 
t++-+------ + + 

t+-+-4+--+---+4 

t+--+-+-+4+--- 

t+--+--- ++ -- 


Figure 18.2-B: A 12 x 12 Hadamard matrix (left) created from the symmetric 6 x 6 conference matrix 
on the right. 


If Cg is antisymmetric then Hg = Cg + id is a Hadamard matrix. For example, replacing all zeros in 
the 12 x 12 matrix in figure by +1 gives a 12 x 12 Hadamard matrix.. 


If Cg is symmetric then a 2Q x 2@ Hadamard matrix is given by 


_ [+id+C -id+cC 
Hig f= Te ye (18.2-2) 


Figure |18.2-B}shows a 12 x 12 Hadamard matrix that was created using this formula. 
The program [FXT: comb/conference-quadres-demo.cc]| outputs for a given g the Q x Q conference matrix 


and the corresponding Hadamard matrix: 


#include "mod/numtheory.h" // kronecker() 


#include "matrix/matrix.h" // class matrix 
#include "auxi/copy.h" // copy_cyclic() 


[--snip--] 
int y = ( 1==q/4 7? +1: -1); 
ulong Q = qt1; 
[--snip--] 
// --- create table of quadratic characters modulo q: 
int vec[q]; fill<int>(vec, q, -1); vec[0] = 0; 
for (ulong k=1; k<(qt1)/2; ++k) vec[(k*k)%q] = +1; 


[--snip--] 
// --- create Q x Q conference matrix: 
Smat C(Q,Q); 
C.set(0,0, 0); 
for (ulong c=1; c<Q; ++c) C.set(O, c, +1); // first row = [1,1,1,...,1] 
for (ulong r=1; r<Q; ++r) 
C.set(r, 0, y); // first column = +-[1,1,1,...,1]°T 
copy_cyclic(vec, C.rowp_[r]+1, q, Q-r); 
[--snip--] 
// --- create a N x N Hadamard matrix: 
ulong N = ( y<O 7? Q: 2*Q ); 
Smat H(N,N); 
if ( N==Q ) 
copy(C, H); 
H.diag_add_val (1); 
} 
else 


Smat K2(2,2); K2.f£i111(+1); K2.set(1,1, -1); // K2 = [4+1,+1; +1,-1] 
H.kronecker(K2, C); // Kronecker product of matrices 
for (ulong k=0; k<Q; ++k) // adjust diagonal of submatrices 


ulong r, c; 

r=k; c=k; H.set(r,c, H.get(r,c)+1); 
r=k; c=k+Q; H.set(r,c, H.get(r,c)-1); 
r=k+Q; c=k; H.set(r,c, H.get(r,c)-1); 
r=k+Q; c=k+Q; H.set(r,c, H.get(r,c)-1); 


[fxtbook draft of 2008-January-19] 


18.3: Conference matrices via finite fields 351 


[--snip--] 


If both H, and Hy are Hadamard matrices (of dimensions a and b, respectively) then their Kronecker 
product H,, = H, ® Hy is again a Hadamard matrix: 


HwH?, = (H.a@H») (Ha®H»)’ =* (H.®Hs) (MH? @H7) = (18.2-3a) 
(the starred equality uses relation |22.3-1lajon page|434) 
= (H,H))®(H,@H;) = (aid) @(bid) = abid (18.2-3b) 


(the starred equality uses relation |22.3-10a}on page [434). 


18.3. Conference matrices via finite fields 


The algorithm for odd primes g can be modified to work also for powers of odd primes. Then one has to 
work with the finite fields GF(q”). The entries C,41,¢41 forr =0,1,...,q”-—landc=0,1,...,q"-1 
have to be the quadratic character of z, — z. where zo, 21, ..., Zgn—1 are the elements in GF(qg”) in some 
(fixed) order. 


We implement the algorithm in pari/gp. Firstly, we give two simple routines that map the elements 
z; € GF(q”) (represented as polynomials modulo gq) to the numbers 0, 1, ..., g’ — 1. The polynomial 
p(x) =cota xt... +en_12" | is mapped to N=cotciqt... +¢n_1q”!. 


pol2num(p,q)= 
\\ Return number for polynomial p. 
{ 

local(t, n); n=0; 

for (k=0, poldegree(p), 


t = polcoeff(p, k); 
t *= Mod(1,q); 

t = component(t, 2); 
t *= q°k; 

n += t; 


); 


return( n ); 


The inverse routine is 


num2pol(n,q)= 
\\ Return polynomial for number n. 


{ 
local(p, mq, k); 
p = Pol(0,’x); 


k = 0; 
while ( O!=n, 
mg =n % q; 
p += mg * (’x)*k; 
n -= mq; 
n \= q; 
k++; 
ye 


return ( Pp); 


} 


The quadratic character of an element z can be determined by computing z?"—))/? modulo the field 
polynomial. The result will be zero for z = 0, else +1. The following routine determines the character of 
the difference of two elements as required for the computation of conference matrices: 


getquadchar_n(nl, n2, q, fp, n)= 
\\ Return the quadratic character of (n2-n1) in GF(q*n) 
\\ Powering method 


local(p1, p2, d, nd, sc); 
if ( ni==n2, return(0) ); 


[fxtbook draft of 2008-January-19] 


352 Chapter 18: Hadamard and conference matrices 


pi = num2pol(n1, q); 

p2 = num2pol(n2, q); 

d = Mod(1,q)* (p2-p1); 

d = Mod(d,fp)*((q*n-1)/2) ; 
d = component(d, 2); 


if ( Mod(1,q)==d, sc=t1, sc=-1 ); 
return( sc ); 


} 


The input are two numbers that are mapped to the corresponding field elements. 
In order to reduce the computational work we create a table of the quadratic characters for later lookup: 


quadcharvec(fp, q)= 
\\ Return a table of quadratic characters in GF(q“n) 
\\ fp is the field polynomial. 
{ 
local(n, qn, sv, pl); 
n=poldegree (fp) ; 
qn=q"n-1; 
sv=vector(qnt1, j, -1); 
sv[1i] = 0; 
for (k=1, qn, 
num2pol(k,q) ; 
Mod(Mod(1,q)*pl, fp); 
pl * pl; 
component (sq, 2); 
i = pol2num( sq, q ); 
sv(iti] = +1; 


Roe} 
—_— 


nn 
rome] 


); 
return( sv ); 


} 


Using this table we can compute the quadratic characters of the difference of two elements in a more 
efficient manner: 


getquadchar_v(nl, n2, q, fp, sv)= 
\\ Return the quadratic character of (n2-n1) in GF(q*n) 
\\ Table lookup method 


{ 
local(p1, p2, d, nd, sc); 
if ( nl==n2, return(0) ); 
pi = num2pol(ni, q); 
p2 = num2pol(n2, q); 
d = (p2-p1) % fp; 
nd = pol2num(d, q); 
sc = sv[nd+1]; 
; return( sc ); 


Now we can compute conference matrices: 


matconference(q, fp, sv)= 

\\ Return a QxQ conference matrix. 

\\ q an odd prime. 

\\ fp an irreducible polynomial modulo q. 

\\ sv table of quadratic characters in GF(q*n) 
\\ where n is the degree of fp. 


{ 
local(y, Q, C, n); 
n = poldegree(fp) ; 
Q=q"n+1; 
C = matrix(Q,Q); 
for (k=2, Q, Cfli,k]=+1); \\ first row 
for (k=2, Q, C[k,1]=y); \\ first column 
for (r=2, Q, 
for (c=2, Q, 
sc = getquadchar_n(r-2, c-2, q, fp, n); 
\\ sc = getquadchar_v(r-2, c-2, q, fp, sv); \\ same result 
C[r,c] = sc; 
Oe 
; return( C ); 


[fxtbook draft of 2008-January-19] 


353 


GF (372) 


fp =x°2 +1 
Table of quadratic characters: 


3 
O+tr+t++t--+-- 
10x10 conference matrix C: 


Ot+t++tt+ttt+¢ 4+ 


18.3: Conference matrices via finite fields 
q 


= 

+ 

N 

8 

I| 

~ 

— 

e 

E 

° 

=| 

> 

= 

° 

es, 1 FPP iti ti treet eet i teeter rr r+o 

ro ee on] 

a 1 FPP PEPE i tite i teeter teetti bors 

o 

a ee or ce oes 

a + FFELP rete reer tr ttete rrr torts 

= 1 FLEE FPL Peete teeter titi br rorteet 

oO + FFP Ptr ree ter ti tei eer +oOttsqii is 

I| ee oe ire 

o Po FPF L PPE LEE PtP ttl FOr teeter 

w 

& bo oF tt P eet eet tee eb rtOortit1teit ti 

+ FFF Ltt ree ttt rr tortrrtiririrs 

s a I i age ee a 

fe Ros ae aS Ore eee Wael 

g ee aa Fete rtttt rrr rtortteer rr rststii 

& a Se ce i a oe go a eee 

B Peretti Hitt i +t 1 +O+tti cir errrti rt 

& o UD 

= AO) +Fittte i tei t+Ortete rir ittirtil 
Littl t+t++o 8 uo 

5 + Otdttti ti etl FOr etter tr rrtiritirs 
bth rtitot [oS aiou 

= HOFPEHEHE I LPP HtOrHt EP titi rite ir testis 
Frit 1ott wo 

x 1 OFBttet iP FOrtr rer rrr eee e eet tt 
PitttOrit i 

So MP tOHte+tI PIO rt i titi tr ttt testi 
1+1+O+F141 o « 8 O 

< MMi gti rr tOttti +r err rte reeer ei tt 
+1 10+44F11 3 Oo 

a Ol Gtr tr trt+Ort+eett Pitter ree i reeset 
+4O1l1+0104 < 3 oO 

, AMrHt + rOrttttt rer errr eer teeter tit 
FOF 1 +1141 4 4 q 

2 Hl OotltO+tti itr titi rei er titer tt 
Ott+et11tii ir) O20 

ot + FFO01Ftt1 bbe rtti reir rtttti +e 
prrrrrrrd mo © 

o PR SA i a a ae 

5 ®@ OOI1lLititittttrrrrtrtrrrrrrererrend 

o0 TH N 

om 

& 


A 28 x 28 conference matrix for qg = 3 and the field polynomial f = x3 — x +1. 
[fxtbook draft of 2008-January-19] 


Figure 18.3-B 


354 Chapter 18: Hadamard and conference matrices 


To compute a Q x Q conference matrix where Q = q” we need to find an polynomial of degree n that is 
irreducible modulo g. With q = 3 and the field polynomial f = x? + 1 we obtain the 10 x 10 conference 
matrix shown in figure[18.3-A] A conference matrix for g = 3 and f = 2? —a+1 is given in figure[18.3-B] 
Hadamard matrices can be created in the same manner as before, the symmetry criterion being whether 
q’ = +1 mod 4. 

The construction of Hadamard matrices via conference matrices is due to R. E. A. C. Paley. The 
conference matrices obtained are of size c= q"” +1 where q is an odd prime. The values c < 100 are: 


4, 6, 8, 10, 12, 14, 18, 20, 24, 26, 28, 30, 32, 38, 42, 44, 48, 
50, 54, 60, 62, 68, 72, 74, 80, 82, 84, 90, 98 


We do not obtain conference matrices for any odd c and these even values c < 100: 
2, 16, 22, 34, 36, 40, 46, 52, 56, 58, 64, 66, 70, 76, 78, 86, 88, 92, 94, 96, 100 


For example, c= 16=15+1=3-5+1 has not the required form. 


If a conference matrix of size c exists then we can create Hadamard matrices of sizes N = c whenever 
q”’ =3 mod 4, and N = 2c whenever g” = 1 mod 4. Further, if Hadamard matrices of sizes N and M 
exist then a (NM) x (NM) Hadamard matrix can be obtained via the Kronecker product. 


The values of N = 4k < 2000 such that this construction does not give a N x N Hadamard matrix are: 


92, 116, 156, 172, 184, 188, 232, 236, 260, 268, 292, 324, 356, 372, 
376, 404, 412, 428, 436, 452, 472, 476, 508, 520, 532, 536, 584, 
596, 604, 612, 652, 668, 712, 716, 732, 756, 764, 772, 808, 836, 
852, 856, 872, 876, 892, 904, 932, 940, 944, 952, 956, 964, 980, 
988, 996, 1004, 1012, 1016, 1028, 1036, 1068, 1072, 1076, 1100, 
1108, 1132, 1148, 1168, 1180, 1192, 1196, 1208, 1212, 1220, 1244, 
1268, 1276, 1300, 1316, 1336, 1340, 1364, 1372, 1380, 1388, 1396, 
1412, 1432, 1436, 1444, 1464, 1476, 1492, 1508, 1528, 1556, 1564, 
1588, 1604, 1612, 1616, 1636, 1652, 1672, 1676, 1692, 1704, 1712, 
1732, 1740, 1744, 1752, 1772, 1780, 1796, 1804, 1808, 1820, 1828, 
1836, 1844, 1852, 1864, 1888, 1892, 1900, 1912, 1916, 1928, 1940, 
1948, 1960, 1964, 1972, 1976, 1992 


This is sequence of [214]. It can be obtained by starting with a list of all numbers of the 
form 4k and deleting all values k = 2°(q+ 1) where q is a power of an odd prime. Constructions for 
Hadamard matrices for numbers of certain forms are known, see [170]. Whether Hadamard matrices exist 
for all values N = 4k is an open problem. A readable source about constructions for Hadamard matrices 


is [217]. 


[fxtbook draft of 2008-January-19] 


395 


Chapter 19 


Searching paths in directed graphs 


We describe how certain combinatorial structures can be represented as paths or cycles in a directed 
graph. As an example consider Gray codes of n-bit binary words: we are looking for sequences of all 2” 
binary words such that only one bit changes between two successive words. A convenient representation 
of the search space is that of a graph. The nodes are the binary words and an edge is drawn between 
two nodes if the node’s values differ by exactly one bit. Every path that visits all nodes of that graph 
corresponds to a Gray code. If the path is a cycle then a Gray cycle was found. 


In general we can, depending on the size of the problem, 

1. try to find at least one object 

2. generate all objects 

3. show that no such object exists 
The method used is usually called backtracking. We will see how to reduce the search space if additional 
constraints are imposed on the paths. Finally, we show how careful optimization can lead to surprising 


algorithms for objects of a size where one would hardly expect to obtain a result at all. In fact, Gray 
cycles through the n-bit binary Lyndon words for all odd n < 37 are determined. 


Terminology and conventions 


We will use the terms node (instead of verter) and edge (sometimes called arc). We restrict our attention 
to directed graphs (or digraphs) as undirected graphs are just the special case of these: an edge in an 
undirected graph corresponds to two antiparallel edges (think: ‘arrows’) in a directed graph. 


A length-k path is a sequence of nodes where an edge leads from each node to its successor. A path is 
called simple if the nodes are pairwise distinct. We restrict our attention to simple paths of length N 
where JN is the number of nodes of in the graph. We use the term full path for a simple path of length N. 


If in a simple path there is an edge from the last node of the path to the starting node the path is a cycle 
(or circuit). A full path that is a cycle is called a Hamiltonian cycle, a graph containing such a cycle is 
called Hamiltonian. 


We allow for loops (edges that start and point to the same node). Graphs that contain loops are called 
pseudo graphs. The algorithms used will effectively ignore loops. We disallow multigraphs (where multiple 
edges can start and end at the same two nodes), as these would lead to repeated output of identical objects. 


The neighbors of a node are those nodes where outgoing edges point to. Neighbors can be reached with 
one step. The neighbors of a node a called adjacent to the node. The adjacency matrix of a graph with 
N nodes is a N x N matrix A where A;,; = 1 if there is an edge from node 7 to node j, else Aj; = 0. 


[fxtbook draft of 2008-January-19] 


356 Chapter 19: Searching paths in directed graphs 


While trivial to implement (and later modify) we will not use this kind of representation as the memory 
requirement would be prohibitive for large graphs. 


19.1 Representation of digraphs 


For our purposes a static implementation of the graph as arrays of nodes and (outgoing) edges will suffice. 
The container class digraph merely allocates memory for the nodes and edges. The correct initialization 
is left to the user [FXT: class digraph in |graph/digraph.h': 


class digraph 


{ 
public: 
ulong ng_; // number of Nodes of Graph 
ulong *ep_; // elep[k]], ..., elep[k+1]-1]: outgoing connections of node k 
ulong *e_; // outgoing connections (Edges) 
ulong *vn_; // optional: sorted values for nodes 


// if vn is used, then node k must correspond to vn[k] 


public: 
digraph(ulong ng, ulong ne, ulong *kep, ulong *ke, bool vnq=false) 
: ng_(0), ep_(0), e_(0), vn_(0) 


ng_ = ng; 

ep_ = new ulong[ng_+1]; 
e_ = new ulong[ne] ; 

ep = ep_; 

e= e_3 


if ¢ vng ) vn_ = new ulong[ng_]; 


} 

~digraph() 
delete [] ep_; 
delete [] e_; 


: if ( vn_ ) delete [] vn_; 


[--snip--] 
void get_edge_idx(ulong p, ulong &fe, ulong &en) const 
// Setup fe and en so that the nodes reachable from p are 


// e[fe], e[feti], ..., ef[en-1i]. 
// Must have: 0<=p<ng 
{ 
fe = ep_[p]; // (index of) First Edge 


en = ep_[pt+i]; // (index of) first Edge of Next node 


} 
[--snip--] 

void print(const char *bla=0) const; 

The nodes reachable from node p could be listed using 
// ulong p; // == position 
cout << "The nodes reachable from node " << p << " are:" << endl; 
ulong fe, en; 
g_.get_edge_idx(p, fe, en); 
for (ulong ep=fe; ep<en; ++tep) cout << e_[ep] << endl; 


Using our representation there is no cheap method to find the incoming edges. We will not need this 
information for our purposes. If the graph is known to be undirected, the same routine obviously lists 
the incoming edges. 


Initialization routines for certain digraphs are declared in |FXT: graph/mk-special-digraphs.h 
example is [FXT: make_complete_digraph() in graph/mk-complete-digraph.cc : 


. A simple 


digraph 

make_complete_digraph(ulong n) 

// Initialization for the complete graph. 
{ 


ulong ng = n, ne = n*(n-1); 


[fxtbook draft of 2008-January-19] 


19.2: Searching full paths 357 


ulong *ep, *e; 

digraph dg(ng, ne, ep, e); 

ulong j = 0; 

for (ulong k=0; k<ng; ++k) // for all nodes 


ep[k] = j; 
for (ulong i=0; i<n; ++i) // connect to all nodes 


if ( k==i ) continue; // skip loops 
e[j+t] = i; 


ep[ng] = j; 
return dg; 


} 
We initialize the complete graph (the undirected graph that has edges between any two of its nodes) for 
n = 5 and print it [FXT: |\graph/graph-perm-demo.cc’: 


digraph dg = make_complete_digraph(5) ; 
dg.print ("Graph ="); 


The output is 


Graph = 

Node: EdgeO Edgel1 ... 
QO: 1 2 3 4 
1; 2 3 4 
2: Q 1. 3 4 
3: Q 1 2 4 
4: 1 2 3 
#nodes=5 #edges=20 


For many purposes it suffices to implicitly represent the nodes as values p with 0 < p < N where N is 
the number of nodes. If not, the values of the nodes have to be stored in the array vn_[]. One such 
example is a graph where the value of node p is the p-th (cyclically minimal) Lyndon word that we will 
meet at the end of this chapter. To make the search for a node by value reasonably fast the array vn_[] 
should be sorted so that binary search can be used. 


19.2 Searching full paths 


In order to search full paths starting from some position pg we need two additional arrays for the book- 
keeping: A record rv_[] of the path so far, its k-th entry shall be pz, the node visited at step k. Further 
a tag array qq_[] that shall contain a zero for nodes not visited so far, else one. The crucial parts of the 


implementation are [FXT: class digraph_paths in |graph/digraph-paths.h: 


class digraph_paths 
// Find all full paths in a directed graph. 


{ 
public: 
digraph &g_; // the graph 
ulong *rv_; // Record of Visits: rv[k] == node visited at step k 
ulong *qq_; // qq[k] == whether node k has been visited yet 
[--snip-- 


// function to call with each path found with all_paths(): 
ulong (*pfunc_)(digraph_paths &) ; 
[--snip--] 

// function to impose condition with all_cond_paths(): 
bool (*cfunc_)(digraph_paths &, ulong ns); 

public: 
// graph/digraph.cc: 
digraph_paths(digraph &g) ; 
~digraph_paths() ; 


[--snip--] 

bool path_is_cycle() const; 
[--snip--] 

void print_path() const; 
[--snip--] 


[fxtbook draft of 2008-January-19] 


358 Chapter 19: Searching paths in directed graphs 


// graph/digraphpaths-search.cc: 
ulong all_paths(ulong (*pfunc) (digraph_paths &), 
ulong ns=0, ulong p=0, ulong maxnp=0) ; 


private: 
void next_path(ulong ns, ulong p); // called by all_paths() 
[--snip--] 


2 


We could have used a bit-array for the tag values qq_[]. It turns out that some additional information 
can be saved there as we will see in a moment. 


To keep matters simple a recursive algorithm is used to search for (full) paths. The search is started via 
call to all_paths() [FXT: |graph/digraph-paths.cc): 


ulong 
digraph_paths::all_paths(ulong (*pfunc) (const digraph_paths &), 
ulong ns/*=0*/, ulong p/*=0*/, ulong maxnp/*=0*/) 
// pfunc: function to visit (process) paths 
// us: start at node index ns (for fixing start of path) 
// p: start at node value p (for fixing start of path) 
// maxnp: stop if maxnp paths were found 


{ 

pct_ = 0; 

cct_ = 0; 

pfct_ = 0; 

pfunc_ = pfunc; 

pfdone_ = 0; 

maxnp_ = maxnp; 

next_path(ns, p); 

return pfct_; // Number of paths where pfunc() returned true 
as 


The search is done by the function next_path(): 


void 

digraph_paths: :next_path(ulong ns, ulong p) 
// nus+1 == how many nodes seen 

// p == position (node we are on) 


if ( pfdone_ ) return; 


rv_[ns] = p; // record position 
++n5s; 


if ( ns==ng_ ) // all nodes seen ? 
pfunc_(*this) ; 
else 


qq_[p] = 1; // mark position as seen (else loops lead to errors) 
ulong fe, en; 
g_.get_edge_idx(p, fe, en); 
ulong fct = 0; // count free reachable nodes // FCT 
for (ulong ep=fe; ep<en; ++tep) 
{ 
ulong t = g_.e_[ep]; // next node 
if ( 0==qq_[t] ) // node free? 
{ 


++fict; 
qq_(p] = fct; // mark position as seen: record turns // FCT 
next_path(ns, t); 

} 


} 
// if ( O==fct ) { "dead end: this is a U-turn"; } // FCT 
qq_[p] = 0; // unmark position 


The lines that are commented with // FCT record which among the free nodes is visited. The algorithm 
still works if these lines are commented out. 


[fxtbook draft of 2008-January-19] 


19.2: Searching full paths 359 


19.2.1 Paths in the complete graph: permutations 
The program [FXT: graph/graph-perm-demo.cc) shows the paths in the complete graph from section]19.1| 


page The version here is slightly simplified: 


ulong pfunc_perm(digraph_paths &dp) 
// Function to be called with each path: 
// print all but the first node. 


{ 
const ulong *rv = dp.rv_; 
ulong ng = dp.ng_; 
cout << setw(4) << dp.pfct_ <<": "; 
for (ulong k=1; k<ng; ++k) cout <<" " << rv[k]; 
cout << endl; 
return 1; 

} 

int 

main(int argc, char **argv) 

{ 
ulong n = 5; 
digraph dg = make_complete_digraph(n) ; 
digraph_paths dp(dg); 
dg.print ("Graph ="); 
cout << endl; 
dp.all_paths(pfunc_perm, 0, 0, maxnp); 
return 0; 

} 

The output is [FXT: |graph/graph-perm-out.txt: 
Graph = 


Node: EdgeO Edgel .. 
1 


+O 


HSOON) 


lelelele) 


#nodes=5 


OU EISA + 


WNFOWONDUIBWNFHOWDNDAUIRWNFO 
ASS BS BWWWWWWNUNNNNNEEHEEEE 
WWNNEEEAPNNEEBARPWOWHEABWWNN 
NFPWRWNNEPSHEANWHPREPWWNIBN AW FRReENN 
PNPWNWENEABNPRHWRBWRBNWN BOS 


NNNNE EEE RRR 


These are the permutations of the numbers 1, 2,3,4 in lexicographic order (see section on page|219). 


19.2.2 Paths in the De Bruijn graph: De Bruijn sequences 


The graph with 2n nodes and two outgoing edges from node k to 2k mod 2n and 2k + 1 mod 27n is 
called a De Bruijn graph. For n = 8 the graph is (printed horizontally): 


Node: 8 1 23 4 8 8 7 8 Q a 1112 13 14 1 
Edge 0: 2 4 6 8101214 0 2 6 810121 
Edge 1: 1 3 5 7 9111315 1 3 5 7 9 11 13 15 


The graph has two loops at the first and the last node. All paths in the De Bruijn graph are cycles, the 
graph is Hamiltonian. 


[fxtbook draft of 2008-January-19] 


360 Chapter 19: Searching paths in directed graphs 


With n a power of two the paths correspond to the De Bruijn sequences (DBS) of length 2n. The graph 
has as many full paths as there are DBSs and the zeros/ones in the DBS correspond to even/odd values 


of the nodes, respectively. This is demonstrated in [FXT: |graph/graph-debruijn-demo.cc) (shortened): 
ulong pq = 1; // whether and what to print with each cycle 


ulong pfunc_db(digraph_paths &dp) 
// Function to be called with each cycle. 


{ 
switch ( pq ) 
{ 
case 0: break; // just count 
case 1: // print lowest bits (De Bruijn sequence) 
{ 
ulong *rv = dp.rv_, ng = dp.ng_; 
for (ulong k=0; k<ng; ++k) cout << (rv[k]&1UL ? 71’ : ’.’); 
cout << endl; 
break; 
} 
[--snip--] 
return 1; 
} 
int main(int argc, char **argv) 
{ 
ulong n = 8; 
NXARG(pq, "what to do in pfunc()"); 
ulong maxnp = 0; 
NXARG(maxnp, "stop after maxnp paths (0: never stop)"); 
ulong pO = 0; 
NXARG(pO, "start position <2*n") ; 
digraph dg = make_debruijn_digraph(n) ; 
digraph_paths dp(dg); 
dg.print_horiz("Graph ="); 
// call pfunc() with each cycle: 
dp.all_paths(pfunc_db, 0, pO, maxnp); 
cout << "n=" << n; 
cout << " (ng=" << dg.ng_ << ")"; 
cout << " #cycles = " << dp.cct_; 
cout << endl; 
return 0; 
} 


The macro NXARG() read one argument, it is defined in [FXT: nextarg.h}. The output is 


arg 1: 8 ==n [size of graph == 2*n] default=8 
arg 2: 1 == pq [what to do in pfunc()] default=1 
arg 3: 0 == maxnp [stop after maxnp paths (0: never stop)] default=0 
arg 4: 0 == pO [start position <2*n] default=0 
Graph = 
Node: QO 1 2 3 4,5 6 7 8 9 10 11 12 13 14 15 
Edge 0: O 2 4 6 8101214 0 2 4 6 8 10 12 14 
Edge 1: 1 3 5 7 9111315 1 3 5 7 9 11 13 15 
-1..11.1.1111.. 
Le, 1111.1.91.. 
e1.1..11,1111.. 
-1.1,.1111,11.. 
-1.11..,1111.1.. 
hed dads Tit t..: 
-1.1111.,11,1.. 
ehetd1i.1...411.. 
-11.,1.1111.1.. 
-11.1..,1,1111.. 
-11.1,1111,.1.. 
ss Ets Ue ss are 
-1111..1.11,1.. 
eAT11 40417 21... 
ett the 1t. ede as 
ss eB Es eee es ee 
n = 8 (ng=16) #cycles = 16 


The algorithm is a very effective way of generating all DBSs of a given length, the 67,108,864 DBSs of 
length 64 are generated in 140 seconds when printing is disabled (set argument pq to zero), corresponding 
to a rate of more than 450,000 DBSs per second. 


[fxtbook draft of 2008-January-19] 


19.2: Searching full paths 361 


Setting the argument pq to 4 prints the binary values of the successive nodes in the path horizontally: 


./bin 32 41 
-# # 


The graph is constructed in a way that each word is the predecessor shifted by one with either zero or 
one inserted at position zero (top row). 


The number of cycles in the De Bruijn graph equals the number of degree-n normal binary polynomials. 
An efficient procedure to compute it is given in section |40.6.3/on page A closed form for the special 
case n = 2" is given in section on page 


19.2.3. A modified De Bruijn graph: complement-shift sequences 


A modification of the De Bruijn graph forces the nodes to be the complement of its predecessor shifted 
by one (again with either zero or one inserted at position zero). The routine to set up the graph is [FXT: 


make_complement_shift_digraph() in graph/mk-debruijn-digraph.cc : 


digraph 
make_complement_shift_digraph(ulong n) 
{ 


ulong ng = 2*n, ne = 2*ng; 
ulong *ep, *e; 
digraph dg(ng, ne, ep, e); 
ulong j = 0; 
for (ulong k=0; k<ng; ++k) // for all nodes 
{ 
ep[k] = j; 
ulong r = (2*k) % ng; 
e[j+t+] = xr; // connect node k to node (2*k) mod ng 
= (2*k+1) % ng; 
e[jt+t+] =r; // connect node k to node (2*k+1) mod ng 


} 
ep[ng] = j; 
// Here we have a De Bruijn graph. 


for (ulong k=0,j=ng-1; k<j; ++k,--j) swap2(e[lep[k]], elep[j]]); // end with ones 
for (ulong k=0,j=ng-1; k<j; ++k,--j) swap2(e[ep[k]+1], elep[j]+1]); 
return dg; 


Th 


or) 


program [FXT: graph/graph-complementshift-demo.cc) gives: 


arg 1: 32 == n [size of graph == 2*n] default=32 
arg 2: 4 == pq [whether and what to print with each path] default=2 
1 


arg 3: 1 == maxnp [stop after maxnp paths (0: never stop)] default=1 
—--—--#---#-#-##4-———##--#-—#-H#H-——#HH-H-—#HH-HHHH-_HHHHHH-HE-H-# 
—HHHHHH-HHH-4-#-—HHHH-_—HH-HH-H-——HHH-——H#-HH--H#--——-##----—— #--#-# 
-#----—-#--—#-#-##-———##-—-#-—-#-##H-——HHH-#-_—HH-HHEH-_—HHHHHH HHH 
—#-#HEHHHH-HEH-H-H-_HHHH-—HH-HH-H-——#HH-——4-#H-—-#--——H#H----—-—- #--# 
-#-#----——-#---#-#-##-———##--4#-—#-##4#-——HH#H-#-_H#H-HHHH-_—HHHHHH HH 
—#-#-HHHHHH-HHH-H-H-—HHHH-—#H-HH-H-—_—HHH-——#-HH--H#---—-#H---—-—-— #- 


For n a power of two the sequence of binary words has the interesting property that the changes between 
successive words depend on their sequency: words with higher sequency change in less positions. Further, 
if two neighbor bits are set in some word then the next word never contains both bits again. Out of a 
run of k > 0 consecutive set bits in a word only one is contained in the next word. 


See section [8.3] on page for the connection with De Bruijn sequences. 


[fxtbook draft of 2008-January-19] 


362 Chapter 19: Searching paths in directed graphs 
19.3. Conditional search 


Sometimes one wants to find paths that are subject to certain restrictions. Testing for each path found 
whether it has the desired property and discarding it if not is the most simple way. However, this will 
in many cases be extremely ineffective. An upper bound for the number of recursive calls of the search 
function next_path() with an graph with N nodes and an maximal number of v outgoing edges at each 
node is u= N”. 


For example, the graph corresponding to Gray codes of n-bit binary words has N = 2” nodes and 
(exactly) c= n outgoing edges at each node. The graph is the n-dimensional hypercube. 


nm: N u= N&=N"=2"" 
1: 2 2 
2 4 16 
3: 8 512 
4: 16 65,536 
5: 32 33,554,432 
6: 64 68,719,476,736 
7: 128 562,949,953,421,312 
8: | 256 18,446,744,073,709,551,616 
9: | 512 2,417,851,639,229,258 349,412,352 
0: 


eR 


1024 | 1,267,650,600,228,229,401,496,703,205,376 


We are obviously interested in the reduction of the size of the search space. This can in many cases 
be achieved by a function that rejects branches that would lead to a path not satisfying the imposed 
restrictions. 

A conditional search can be started via all_cond_paths() that has an additional function pointer 
cfunc() as argument that shall implement the condition. It is declared as 


bool (*cfunc_)(digraph_paths &, ulong ns); 
Besides the data from the digraph-class it needs the number of nodes seen so far (ns) as an argument. A 
slight modification of the search routine next_path() does what we want: 


void 
digraph_paths: :next_cond_path(ulong ns, ulong p) 
{ 


[--snip--] // same as next_path() 
if ( ns==ng_ ) // all nodes seen ? 
[--snip--] // same as next_path() 
else 


qq_[p] = 1; // mark position as seen (else loops lead to errors) 
ulong fe, en; 

g_.get_edge_idx(p, fe, en); 

ulong fct = 0; // count free reachable nodes 

for (ulong ep=fe; ep<en; +t+tep) 


ulong t = g_.e_[ep]; // next node 
if ( 0==qq_[t] ) // node free? 
{ 


rv_Ins] = t; // for cfunc() 
if ( cfunc_(*this, ns) ) 


t++fct; 
qq_[p] = fct; // mark position as seen: record turns 
next_cond_path(ns, t); 
} 
} 
qq_[p] = 0; // unmark position 
} 


The free node under consideration is written to the end of the record of visited nodes so cfunc() does 


[fxtbook draft of 2008-January-19] 


19.3: Conditional search 363 


not need it as an explicit argument. 


19.3.1 Modular adjacent changes (MAC) Gray codes 


epee ew 8 

hs RBRRRRRBR. 

+ ARR ee RR 

RRs + PARR 

FPNWNENENWNWAWNRO 
PRR 


é pkiebe oes 
BRE 


BR 
COOFPONOAOWNRPUOINWEO 


ORWNFOWOONDORBWNRO 
7 


me 
WOROWNFOWOFOWNFRO 


—_ 
WDORUWNRBONAARUINWHO 
stb Se jehaal Wolo epee Yep sein Or see Vee se 
WORNRFPORPNWNFORNEO 


PNUWBWNWNENENWNREO 
a 


OPWNFOOONDORPWNFRO 
dd nd 


BRERBRBHE 
BPRRERERE 


BRR: - 


[tees [ee 3] 


Figure 19.3-A: Two four-bit modular adjacent changes (MAC) Gray codes. Both are cycles. 


We search for Gray codes that have the modular adjacent changes (MAC) property: the values of succes- 
sive elements of the delta sequence shall change by +1 modulo n. Two examples are show in figure[19.3-A] 
The sequence on the right side even has the stated property if the term ‘modular’ is omitted: It has the 
adjacent changes (AC) property. 


As bit-wise cyclic shifts and reflections of MAC Gray codes are again MAC Gray codes we consider paths 
starting 0 — 1 — 2 as canonical paths. 


In the demo [FXT: graph/graph-macgray-demo.cc] the search is done as follows (shortened): 


int main(int argc, char **argv) 
{ 
ulong n = 5; 
NXARG(n, "size in bits"); 
cf_nb = n; 
digraph dg = make_gray_digraph(n, 0); 
digraph_paths dp(dg) ; 
ulong ns = 0, p = 0; 
// MAC: canonical paths start as 0-->1-->3 
{ 
dp.mark(0, ns); 
dp.mark(1, ns); 
p= 3; 
a 
dp.all_cond_paths(pfunc, cfunc_mac, ns, p, maxnp); 
return 0; 


} 
The function used to impose the MAC condition is: 


ulong cf_nb; // number of bits, set in main() 
bool cfunc_mac(digraph_paths &dp, ulong ns) 
// Condition: difference of successive delta values (modulo n) == +-1 


// path initialized, we have ns>=2 

ulong p = dp.rv_[ns], pi = dp.rv_[ns-1], p2 = dp.rv_[ms-2]; 
ulong c =p” pi, ci = pi” p2; 

if ( c & bit_rotate_left(ci,i,cf_nb) ) return true; 

if ( cl & bit_rotate_left(c,1,cf_nb) ) return true; 

return false; 


} 


One finds paths for n < 7 (n =7 takes about 15 minutes). Whether MAC Gray codes exist for n > 8 is 
unknown (none is found with a 40 hour search). 


[fxtbook draft of 2008-January-19] 


364 Chapter 19: Searching paths in directed graphs 


19.3.2 Adjacent changes (AC) Gray codes 


For AC paths one can only discard track-reflected solutions, the canonical paths are those where the delta 
sequence starts with a values that is < [n/2]. A function to impose the AC condition is 


ulong cf_mt; // mid track < cf_mt, set in main() 
bool cfunc_ac(digraph_paths &dp, ulong ns) 
// Condition: difference of successive delta values == +-1 


if ( ns<2 ) return (dp.rv_[1] < cf_mt); // avoid track-reflected solutions 
ulong p = dp.rv_[ns], pi = dp.rv_[ms-1], p2 = dp.rv_[ns-2]; 

ulong c =p” pi, cl = pl ~*~ p2; 

if ( c & (cl<<1) ) return true; 

if ( cl & (c<<1) ) return true; 

return false; 


} 
OR kts 0 0 areckvach ad OSs Sees 0 0 ste vl. 0 
Is. cde DL 4 jhe 1S aera were eb 1 Sieedee ab 
22. Godt se 2 12 Locae 4 2: ...11 2 3 waa <2 
3: 111..3 28 oD «3 3: ..111 3 7 phew = 
4: 1.1.. 2 20 oe ar 4: .1111 4 15 Bn doaee * 2 
BF eae 16 sear. ab 5: .1.11 3 11 seieedie. ad 
62 Lad. 2 18 seduces, a. 6: .1..1 2 9 stlocdite vey 2 
7: 1.11. 3 22 weg oS 7: .11.1 3 13 shea, 33 
8: 1111. 4 30 eshees 8: ..1.1 2 5 Wseciens | 
9: 11.1.3 26 stots OL 9: 1.1.13 21 they 3 
10: 41... 2 24 seend 0 10: 411.14 29 Swcback: * 22) 
11: 41..13 25 cauede ob 11: 11..13 25 sco elig “ob 
12: T1.11 4 27 wicetlerer ad 12: 411.11 4 27 fate. “2 
13: 11111 5 31 these 3 13: 11111 5 31 beac. 3 
14: 41.111 4 23 seabses ~ , 14: 41.111 4 23 gaghie- 22. 
15: 1..11 3 19 seonbs aL 15: 1..11 3 19 ee eee 
16° 2....1°2 17 patie 16: 41...1 2 17 eavevad, 0) 
17: 1.1.13 21 wk oS Mis Teves: A 16 swede “OL 
18: 111.14 29 Tecan V4 18: T..1. 2 18 oe 
19; .d.1. 3 13 ches 3 19: 41.11. 3 22 wdieee 3 
20%. Gcd.d. 2 5 wigan 2 20: 1111.4 30 Pe ee 
al ee are hae 1 steede «al 21: 11.1.3 26 eel. 
223, , ~aieerd dl 2 3 Seki ae 222° Dew 2. 24 wehbe 2 
23). ..417 3 7 iliac -3 23: i111..3 28 obey 33: 
24: .1111 4 15 glee 24: 1.1..2 20 Lec. & 
25: .1.11 3 11 seve de, ob 252. cedex. 1 4 thei 3 
26%, stort 2 9 waved, . 0) 26: .11.. 2 12 Sculbace, ae 
2% wees tl 8 eae lies aL 2020 Arse A 8 scieedie “A 
20, sill. 2 10 soioet 20%. <tsd. 2 10 Suan 32) 
29: .111. 3 14 clea 29: .111. 3 14 phan 9S 
30: ..11. 2 6 athe <2) 30: ..11. 2 6 deol” “Gey 
Sie csahs. A 2 [...4. 1] 31: epee I 2 [ised.. tJ 


Figure 19.3-B: Two five-bit adjacent changes (AC) Gray codes that are cycles. 


graph/graph-acgray-demo.cc) allows searches for AC Gray codes. Two cycles for 
19.3-B| It turns out that such paths exist for n < 6 (the only path for n = 6 is 


n = 5 are shown in figure 
shown in figure |19.3-C) but there is no AC Gray code for n = 7: 


time ./bin 7 
arg 1: 7 ==n [size in bits] default=5 
arg 2: 0 == maxnp [ stop after maxnp paths (0: never stop)] default=0 
n= 7 £4#pfct = 0 
#paths = 0 #cycles = 0 
./pin 7 20.77s user 0.11s system 98% cpu 21.232 total 


The program [FXT: 


Nothing is known about the case n > 8. 


Inspection of the AC Gray codes for different values of n result in a hand-woven algorithm. The function 
[FXT: ac_gray_delta() in|comb/acgray.cc| computes the delta sequence for an AC Gray codes for n < 6: 


void 
ac_gray_delta(uchar *d, ulong ldn) 
// Generate a delta sequence for an adjacent-changes (AC) Gray code 
// of length n=2**ldn where ldn<=6. 
if ( ldn<=2 ) // standard Gray code 


d[0] = 0; 


[fxtbook draft of 2008-January-19] 


19.3: Conditional search 


365 


Oy aussecerses 0 0 esabistec. 2 
is vedios. a 4 edie, SM 
2: eddie 2 6 Sobieae ~2 
32: weed. Tl 2 edwee: 
Ay ged wd. 2 10 ener. 
Bi: ceed dL. 3S 14 wedi. 2 
6: eld. 2 a ree 1 0 
te evit.d 3 13 whoedabe <A 
S: .tidid-4 15 passe 2 
9: ..1.11 3 11 agi diane “3 
10: vace dy 2 3 ere eee 
11: .111 3 7 eseeedly. 1 
12: 1.1 2 5 ba by 2 
1Se? . ee ees 11 1 sebdee 3 
14%: cod. d 2 9 mibciguenn ~°E 
15: .11..1 3 25 ctl So 
16; wts..t 2 17 sede 2 
17: «.1.1.1 3 21 seplig. of 
18: .1.111 4 23 wseere. 2 
19: sds. 11 3 19 nate. OS 
20: .11.11 4 27 re 
21:  .11111 5 31 .-1. 1 
223 eA dt 4 29 acne 1 0 
23: .111.. 3 28 radi. 2 
24: .1111. 4 30 modalities - 
25: .11.1. 3 26 Stdies 3S 
26% adi..ds (2 18 ook 2 
2f: .1.11. 3 22 sequal: 1 
28: .1.1.. 2 20 sacual 2 
29% . ells tear 16 ese 3 
30: .11...2 24 1 4 
Slt sda. DL 8 Aare 5 


32: 1.1... 2 40 
33: 111... 3 56 
34: 11....2 48 
35: 11.1..3 52 
36: 11.11. 4 54 
37: 11..1. 3 50 
38: 111.1. 4 58 
39: 11111. 5 62 
40: 1111.. 4 60 
41: 1111.15 £61 
42: 111111 6 63 
43: 111.115 59 
44: 11..11 4 651 
45: 11.111 5 55 
46: 11.1.1 4 583 
Qi At.ect 3 ~49 
48: 111..14 57 
49: 1.1..13 41 
50: 1....1 2 33 
Ble Lede 3 37 
52: 1..111 4 39 
63: 1...11 3 365 
54: 1.1.11 4 48 
55: 1.1111 5 47 
56: 1.11.14 45 
57: 1.11..3 44 
58: 1.111. 4 46 
59: 1.1.1. 3 42 
60: 1...1. 2 34 
61: 1..11. 3 38 
62: 1..1..2 36 
635 Pease 1 32 


ON PNWNFORNWNENWABWNRNWNFORNWNENWEA 


pa) 


Figure 19.3-C: The (essentially unique) AC Gray code for n = 6. While the path is a cycle in the graph 
the AC condition does not hold for the transition from the last to the first word. No AC Gray code for 


n = 7 exists. 


if (1 
return; 


ac_gray_delta(d, ldn-1); 
ulong n = 1UL<<ldn; 
ulong nh = n/2; 

ra ( 0==(1dn&1) ) 


// recursion 


if ( ldn>=6 ) 
{ 


reverse(d, nh-1); 


for (ulong k=0; k<nh; ++k) 
} 
for (ulong k=0,j=n-2; k<j; ++k,--j) 
d[nh-1] = ldn - 1; 
} 
else 
{ 
for (ulong k=nh-2,j=nh-1; 0!=j; 
for (ulong k=2,j=n-2; k<j; ++k,--j) 
d[0] = 0; 
d[nh] = 0; 


} 
The Gray code is computed via 
void 


ac_gray(ulong *g, ulong ldn) 
// Create an AC Gray code. 


: ulong n = 1UL<<ldn; 
ALLOCA(uchar, d, n); 
ac_gray_delta(d, ldn); 
delta2gray(d, ldn, g); 

} 


==2 ) { d[1] = 1; d[2] = 0; } 


Sek ==9)) 


d{k] = (1dn-2) - d[k]; 


alj] = dak]; 
d(j] = dik] + 1; 
alj] = dak]; 


where the routine delta2gray() is given in [FXT: comb/delta2gray.cc : 


[fxtbook draft of 2008-January-19] 


366 Chapter 19: Searching paths in directed graphs 


void 

delta2gray(const unsigned char *d, ulong ldn, ulong *g, ulong g0/*=0*/) 
// Fill into g[0..N-1] (N=2**ldn) the Gray path 

// corresponding to the delta sequence d[0..N-2]. 


{ 

g[0] = go; 

ulong n = 1UL << ldn; 

for (ulong k=0; k<n-1; ++k) g[kt1] = g[k] ~ (UL << d[k]); 
} 


The program [F XT: |\comb/acgray-demo.cc) can be used to create AC Gray codes for n < 6. For n > 7 
the algorithm produces near-AC Gray codes, where the number of non-AC transitions equals 2”—° — 1 
for odd values of n and 2"~° — 2 for n even: 


# non-AC transitions: 
0... #non-ac 
non-ac 
#non-ac 
#non-ac 
#non-ac 
#non-ac 
#non-ac 


Hinnn tia 
FPOWHAWO 
NWwoul 


NEOWOOON 
o 
ro 


: BBBBSBB 
Ree 


It seems likely that near-AC Gray codes with fewer non-AC transitions exist. 


19.4 Edge sorting and lucky paths 


The order of the nodes in the representation of the graph does not matter with finding paths as the 
algorithm does at no point refer to it. The order of the outgoing edges, however, does matter. 


Edge sorting 


Consider a large graph that has only a few paths. The calling tree of the recursive function next_path() 
obviously depends on the edge order. Thereby the first path can appear earlier or later in the search. 
‘Later’ may well mean that the path is not found within any reasonable amount of time. 


With a bit of luck one might find an ordering of the edges of the graph that will shorten the time span until 


the first path is found. The program [FXT: graph/graph-monotonicgray-demo.cc| searches for monotonic 
Gray codes and optionally sorts the edges of the graph. The method [FXT: digraph: :sort_edges() in 


graph/digraph.cc) sorts the outgoing edges of each node according to a supplied comparison function. 
The comparison function actually used imposes the lexicographic order shown in section on page|64} 


int my_cmp(const ulong &a, const ulong &b) 


if ( a==b ) return 0; 
#define CODE(x) lexrev2negidx(x) ; 

ulong ca = CODE(a); 

ulong cb = CODE(b); 

return (ca<cb ? +1 : -1); 


The choice was inspired by the observation that the bit-wise difference of successive elements in bit-lex 
order is either one or three. We search until the first path for 8-bit words is found: for the unsorted graph 
this task takes 1.14 seconds, for the sorted it takes 0.03 seconds. 


Lucky paths 


The first Gray code found in the hypercube graph with randomized edge order is shown in figure 
(left). The corresponding path (as reported by [FXT: digraph_paths: :print_turns() in graph/digraph- 
paths.cc|) is described in the right column. Here nn is the number of neighbors of node, xe is the index 


[fxtbook draft of 2008-January-19] 


19.5: Gray codes for Lyndon words 367 


OX sien O 0 1 3 step: node -> next [xf xe / nn] 
dit gs 4 8 rt. 4 0: 0o-> 8 [0 O0/ 4] 
22.) Lede 2 10 lec 2 1: 8-> 10 [0 O0/ 4] 
3: 111. 3 14 ...1 0 2: 10 -> 14 [0 O/ 4] 
4: 1111 4 15 1... 83 3: 14-> 15 [0 O0/ 4] 
5: .111 3 7 haa” 2 4: 15-> 7 [0 0/ 4] 
6f «e.td: 2 3 emake: OQ 5: 7 -> 3 £0 1/ 4] 
Te asde.4 2 sles 2 6: 3 -> 2 C1 2/ 4] 
8: .11. 2 6 sod. 4 7: 2-> 6 [0 3/ 4] 
9: .1..1 4 feces oS 8: 6 -> 4 £0 O0/ 4] 
10: 11.. 2 12 ciel 0 9: 4-> 12 [—1 3/ 4] 
11: 11.1 3 13 Wee - 10: 12 -> 13 [0 O0/ 4] 
12: .1.1 2 5 .1.. 2 11: 13 -> 5 £0 1/ 4] 
138% ssi 1 1 1... 83 12: 5 -> 1 £0 3/ 4] 
14: 1..1 2 9 cede 2 13: 1 -> 9 [LO 2/ 4] 
153 2.113 it {1.11 -] 14: 9-> 11 [—0 O0/ 4] 
Path: #non-first-free turns = 2 


Figure 19.4-A: A Gray code in the hypercube graph with randomized edge order (left) and the path 
description (right, see text). 


of the neighbor (next) in the list of edges of node. Finally xf is the index among the free nodes in the 
list. The latter corresponds to the value fct-1 in the function next_path() given on page 


If xf equals zero at some step then the first free neighbor was visited next. If xf is nonzero then a dead 
end was reached in the course of the search and there was at least one U-turn. If the path is not the first 
found then the U-turn might well correspond to a previous path. 


If there was no U-turn then the number of non-first-free turns is zero (the number is given as the last 
line of the report). If it is zero we call the path found a lucky path. For each given ordering of the edges 
and each starting position of the search there is at most one lucky path and if there is, it is the first path 
found. 


When the first path is a lucky path then the search effectively ‘falls through’: the number of operations 
is a constant times the number of edges. That is, if a lucky path exists it is found almost immediately 
even for huge graphs. 


19.5 Gray codes for Lyndon words 


We search Gray codes for n-bit binary Lyndon words where n is a prime. Here is a Gray code for the 
5-bit Lyndon words that is a cycle: 


An important application of such Gray codes is the construction of so-called single track Gray codes 
which can be obtained by appending rotated versions of the block. The following is a single track Gray 
code based on the block given. At each stage, the block is rotated by two positions (horizontal format): 


HHEHHH --#H-- -#HHH- ------ —--### 
“Hite Sa —---### #HHHHH = --H#H-- 
---### #HHHHH --H#H-- -##HH-  ------ 
—-##-- -H#HHH- = ------ —--##H HEHEHE 
SSeS —---##H H#HHHHH --H#H-- —H#HHH- 


The transition count (the number of zero-one transitions) is by construction the same for each track. The 
all-zero and the all-one words are missing in the Gray code, its length equals 2” — 2. 


[fxtbook draft of 2008-January-19] 


368 Chapter 19: Searching paths in directed graphs 


ORs, “sad dies tsetse : cree 5 neeeen seer jer a ee .Geseeeseisns 1 
Tae. hes 11 aera Baa | ive dl tae dein, Saree eres | er aera 11 
Pe jv stiaree be Ld exo deed 11.1 geod died de da dd soveere bad 
3: wee AD 111.1 eslLl.1 sitacty seed weak 1.1.11 oy webs dL 
4: ..11111 ead ded 11411 aviv todl God 1.1111 ised seabed 
5: 11.11 Bra Fee Rl 111111 sgh deed 111111 ee ltd. 
6: ee vlces LA 11.111 ep es lea | 11111 11.111 eves Dike lk 
T: «wd ltd 111111 wpe dt sve bt dd 1.111 witcha 1 
8: 11.111 1.1111 wads siree bees dead whe died woe cede ed, 
9: .111111 obs bed dl eee em -.1.111 ig ddd woe bd 
10: 1.1111 wie cwdba ddl tap ll 11.111 svelte ..11111 
ii: .1.1.11 ...1111 ..1111 111111 -1.1 wedded 
12: wedi ded ded ..11111 1.1111 1.1111 -111 vad cd 
13: sia dete ae ht. dd og ee let ded duaueseed 11 evedis dd 
14: seve doce chs seared seeded, ol. 2dd ott. ddd 
15: se M ede ateuctes 11 salL.dd .1111 welt. dd 111111 
16: erie Meese .111 .1..11 ..111 ..411111 1.1111 
17: wisesle tidal os Eos (re es ree 11 1111 id ded 


Figure 19.5-A: Various Gray codes through the length-7 binary Lyndon words. The first four are cycles. 


19.5.1 Graph search with edge sorting 


Gray codes for the 7-bit binary Lyndon words like those shown in figure can easily be found by 
a graph search. In fact, all of them can be generated in short time: for n = 7 there are 395 Gray codes 
(starting with the word 0000. .001) of which 112 are cycles. 


k : [node] lyn_dec lyn_bin #rot rot(lyn) diff delta 
Oo: C 0] dt, sane teak 12-0) ~ saad Te as eee 1 0 
1: of 1] Be. kcarecans T1200 aneeass We | aceteae 1, A 
2: [ 3] 7 ....111 0 111 1 2 
3: [ 7] 15 ...1111 0 1111 1 3 
4: [ 13] 31 ..11111 0O 11111 1 4 
5: [ 17] 63 .111111 0O 111111 5 eee 5 
6: [ 15] 47 .1.1111 0 1.1111 1 4 
7: CT 10] 23 ..1.111 1 3 ei eer ee 1 0 
8: [ 16] 55 .11.111 1 11.111. disse adie 6 
9: [ 11] 27 11.11 2 oy Be eee al 1 
10: [ 5] 11 1.11 2 ol i oe serene 6 
11: [ 14] 43 121211. 2 WETLd. | sites Al: sQ 
12: [ 6] 13 11.1 0 pee: ile a De acasas 5 
13: [ 12] 29 111.1 0 111.1 w-d.... 4 
14: [ 8] 19 1..11 3 it ere soanced dl aner 
15: [ 4] 9 ...1..1 0 aw ieades ol s-1.... 4 
16: [ 9] 21. ..1.1.1 3 ded adie sangiew 5 
Toe. UE 2] 5 1.1 3 Oy Pe Bee ee ea 1 0 


Figure 19.5-B: A Gray code through the length-7 binary Lyndon words found by searching through all 
7-bit binary words. 


The search for such a path for the next prime, n = 11, does not seem to give a result in reasonable time. 
If we do not insist on a Gray code through the cyclic minima but arbitrary rotations of the Lyndon words 
then more Gray codes exist. For that purpose nodes are declared adjacent if there is any cyclic rotation 
of the second node’s value that differs in exactly one bit to the first node’s value. The cyclic rotations can 
be recovered easily after a path is found. This is done in [FXT: whose 
output is shown in figure Still, already for n = 11 we do not get a result. As the corresponding 
graph has 186 nodes and 1954 edges, this is not a surprise. 


Now we try edge sorting, we sort the edges according to the comparison function [FXT: graph/lyndon- 


int lyndon_cmpO(const ulong &a, const ulong &b) 
{ 
int be = bit_count_cmp(a, b); 
if ( be ) return -bc; // more bits first 
else 


if ( a==b ) return 0; 
return (a>b ? +1: -1); // bigger numbers last 


[fxtbook draft of 2008-January-19] 


19.5: Gray codes for Lyndon words 369 


} 
where bit_count_cmp() is defined in [F XT: |bits/bitcount.h : 


static inline int bit_count_cmp (const ulong &a, const ulong &b) 


{ 
ulong ca = bit_count(a) ; 
ulong cb = bit_count(b) ; 
return ( ca==cb ? 0: (ca>cb ? +1 : -1) ); 
} 

k : [node] lyn_dec lyn_bin #rot rot (lyn) diff delta 

Oe tL 0] 1 re are ee arene ars L O. seetendusuad i 

1: ([ 1] fo eee 11: 0 wea iveaw any ii 

2s [ 3] Co -Awea ga peas 14. 0 ewan e3 111 

Sea. ot 7] DY siued. g.aureents Vi Oe ee eas 1111 

4: [ 15] SL. eidieveecece 1149 OO  éaekeeewe 11141 

5: 31] G3" sssédé-desrs LUAU OO ks etwas A111 

62 [ 63] [yee eee BITLINE OO keene 1111111 

7: C 125] 255) aie DLAI: Oo ateek 11111111 

8: [ 239] 511 ....111111111 0 res oe ble he ell 

9: [ 417] 1023 ...1111111111 0 Pap oe iy Ui ss le 

10: [ 589] 2047 ..11111111111 0 oe A TUTATL1111 

11: [ 629] 4095 .111111111111 0 APTI ATI IIT 

12: [ 618] 3071 .1.1111111111 0 Py arts OF Ui ss le 

13: [ 514] 1535 ..1.111111111 1 Fae (ree: Se Fe (es a 

14: [ 624] 3583 .11.111111111 1 11.111111111. 

15: [ 550] 1791 ..11.11111111 2 5 le re ee ae ere de 2 

16: [ 626] 3839 .111.11111111 2 ge Ie he se ree ee 1 0 

17: [ 567] 1919 ..111.1111111 3 ie lea Do hss Ss Pee I ere li. 2 

18: [ 627] 3967 .1111.1111111 3 se Up ee Us Oe ere ee ee 1d. 2 

19: [ 576] 1983 ..1111.111111 4 Ts es Se (ee lease 3 

20 [ 628] 4031 .11111.111111 4 pe Pe eh ee bere ere Leu 2 

21 [ 581] 2015 ..11111.11111 5 ye (ye ey ae Os rere ree Lewes & 

22 [ 404] 991 ...1111.11111 5 1d eed: Sewed es wees 1... 2 

23 [ 614] 3039 .1.1111.11111 5 Ge be Oe 0 eee dese 

24: [ 508] 1519 ..1.1111.1111 6 11st edd | eeegds Ds es-ang 5 

25: [ 584] 2031 ..111111.1111 6 g BU Ue ere: i sere eee ds 2 

[--snip--] 
615: [ 4] IQ. ebdaerecscevege 1..,4 5 ee ee errr pers pare ae are ee 10 
616: [ 36] MB. cisetece cack Liecdasd. 2 sewed Deed  saniieceeureabe 1 2 
617: [ 32] OB! aes sass Tes fecha 1 2 Peres rere : rere rere Vgc de 5 
618: [ 33] (cy errata er Ligeti, “2 iG@iwdesoekhes: asetaaa ss i 3 
619 : [ 153] 323 Lilveeckd 2 o6 beds eee dss Leeekesles es 10 
620: [ 65] TSS). -Savsas 5 1 Jdel 8 tek viesaes Las eedude ds Lese 8 
621: [ 154] 325: csnerlsleacl.d- 2 (ghd iawekedanw -aveteaived 1.... 4 
622: [ 79] 161. sncis 1.2...4.4- 10 re i ee eer ore ee 8 
623: [ 16] +S fo eee Lich 10! re ee rare dey gb dae 1 4 
624: [ 126] 265 tobeeeadacd -2 £eleseadepiaw. ached | 5 
625: [ 145] 305 welsh... 10 i@lecavdvally  ~as<rnadseks 1 1 
626: [ 130] 273 wolicedencd 10 Sa buosa beeeliey Yaate ve mes 1... 2 
627 : [ 188] 401 eltsctecd 10 Sey eels qa ee vers dies 4 
628: [ 71) 145 ...... 1.12. 10 ee ee dacds: #345004 eer 5 
629: [ 8] 1 iy rr ee aera ae 1...1 10 ey ee dg ~ aie alae Las 4 


Figure 19.5-C: Begin and end of a Gray cycle through the 13-bit binary Lyndon words. 


We find a Gray code (which also is a cycle) for n = 11 immediately. Same for n = 13, again a cycle. The 
graph for n = 13 has 630 nodes and 8,056 edges, so finding a path is quite unexpected. The cycle found 
starts and ends as shown in figure }19.5-C 


For next candidate (n = 17) we do no find a Gray code within many hours of search. No surprise for a 
graph with 7,710 nodes and 130,828 edges. 


We try another edge sorting scheme, an ordering based on the binary Gray code [FXT: graph/lyndon- 
empce 


int lyndon_cmp2(const ulong &a, const ulong &b) 


if ( a==b ) return 0; 

#define CODE(x) gray_code(x) 
ulong ta = CODE(a), tb = CODE(b); 
return ( ta<tb ? +1: -1); 


[fxtbook draft of 2008-January-19] 


370 Chapter 19: Searching paths in directed graphs 


There we go, we find a cycle for n = 17 and all smaller primes. All are cycles and all paths are lucky 
paths. The following edge sorting scheme also leads to Gray codes for all prime n where 3 < n < 17: 


int lyndon_cmp3(const ulong &a, const ulong &b) 
it 


if ( a==b ) return 0; 

#define CODE(x) inverse_gray_code(x) 
ulong ta = CODE(a), tb = CODE(b); 
return ( ta<tb ? +1: -1); 


Same for n = 19, the graph has 27,594 nodes and 523,978 edges. Indeed the sorting scheme leads to 
cycles for all odd n < 27!. All these paths are lucky paths, a fact that we can exploit for an optimized 
search. 


19.5.2 An optimized algorithm 


nm | number of nodes | tag-size time m | number of nodes | tag-size time 
23 364,722 | 0.25 MB | 1 sec 35 981,706,830 1 GB lh 
25 1,342,182 1 MB | 3 sec 37 3,714,566,310 4 GB 7h 
27 4,971,066 4 MB | 12 sec 39 14,096,303,342 | 16 GB 2d 
29 18,512,790 16 MB 1 min 41 53,634,713,550 | 64 GB 10d 
31 69,273,666 64 MB | 4 min 43 | 204,560,302,842 | 256 GB | >40d 
33 260,301,174 | 256 MB | 16 min 45 | 781,874,934,568 1TB | >160d 


Figure 19.5-D: Memory and (approximate) time needed for computing Gray codes with n-bit Lyndon 
words. The number of nodes equals the number of length-n necklaces minus two. The size of the tag 
array equals 2”/4 bits or 2”/32 bytes. 


With edge sorting functions that lead to a lucky path we can discard most of the data used with graph 
searching. We only need to keep track of whether a node has been visited so far. A tag-array ([FXT: 


ds/bitarray.h), see section [4.6]on page [152) suffices. 
With n-bit Lyndon words the amount of tag-bits needed is 2”. Find an implementation of the algorithm 


as [FXT: class lyndon_gray in graph/lyndon-gray.h. 


If only the cyclical minima of the values are tagged then only 2"/2 bits are needed if the access to the 
single necklace consisting of all ones is treated separately. This variant of the algorithm is activated by 
uncommenting the line #define ALT_ALGORITM. Noting that the lowest bit in a necklace is always one 
we need only 2”/4 bits: simply shift the words right by one before testing or writing to the tag array. 
This can be achieved by additionally uncommenting the line #define ALTALT in the file. 


When a node is visited the algorithm creates a table of neighbors and selects the minimum among the 
free nodes with respect to the edge sorting function used. The table of neighbors is discarded then in 
order to minimize memory usage. 


When no neighbor is found the number of nodes visited so far is returned. If this number equals the 
number of n-bit Lyndon words a lucky path was found. With composite n a Gray code for n-bit necklaces 
with the exception of the all-ones and the all-zeros word will be searched. 


Four flavors of the algorithm have been found so far, corresponding to edge sorting with the 3rd, 5th, 
21th, and 29th power of the Gray code. We refer to these functions as comparison functions 0, 1, 2, and 
3, respectively. All of these lead to cycles for all primes n < 31. The resources needed with larger values 


of n are shown in figure |19.5-D 


Using a 64-bit machine equipped with more than 4 Gigabyte of RAM it can be verified that three of 
the edge sorting functions lead to a Gray cycles also for n = 37, the 3rd power version fails. One of the 


[fxtbook draft of 2008-January-19] 


19.5: Gray codes for Lyndon words 371 


sorting functions may lead to a Gray code for n = 41. 


% ./obin 720 # 7 bits, full output, comparison function 0 
n=7 #£4#1lyn = 18 


1 0 Guede 1 O° 4o6xe4 1° asegad 1 O 
2 omaha OO! aegsoih ig eed peelluae 73 
3: soe Ang SL 8. 4a diet pe ens 4 
4: ..1.411 3 2214..2 wilde eens 5 
5: 1.1411 2 .1111.1 ieeads 2 
6: 1.1.11 2 .1.11.1 sce Myeesete 3 
T: 11.411 5 11511.1 Dives Macs 6 
8: -111411 2 11111.1 vee. 
9: .. 11411 2 ATTdd. ss ascoees 1 O 
10: .. 1141.1 2 111.1.. ivedivasc 3 
11: wed had 2 Tost... ne eee ae 5 
12: Pee lee Di. aided dae We ee ed 6 
13: ..-1.11 To adele seein 1 1 
14: 11.411 1 .11.11. oe 5 
15: . 14.1 2 «ldodes oes 1 1 
16: sel Tt 2 .i1111.. peepee ee 3 
17: .. 411 2 «wetides sdo@tinetive 5 
i: ere 11 DB caved diets pee danowace, 24 
last = ..... 11 crc=0b14a5846c41d57f 
n=7 £x#1lyn = 18 = 1 


Figure 19.5-E: A Gray code for 7-bit Lyndon words. 


A program to compute the Gray codes is [FXT: |graph/lyndon-gray-demo.cc|, four arguments can be 


given: 


arg 1: 13 == n [a prime < BITS_PER_LONG ] default=17 

arg 2: 1 == wh [printing: 0==>none, 1==>delta seq., 2==>full output] default=1 
arg 3: 3 == ncmp [use comparison function (0,1,2,3)] default=2 

arg 4: 0 == testall [special: test all odd values <= value] default=0 


An example with full output is given in figure |19.5-E| A 64-bit CRC (see section on page |77) is 
computed from the delta sequence (rightmost column) and printed with the last word. 


% ./pin 1312 # 13 bits, delta seq. output, comparison function 2 

n=13 4%#lyn = 630 
06B57458354645962546436734A74684A106C0145120825747A745247AC8564567018A7654647484A756A546457CA1ACBC1C 
856BA9A64B97456548645659645219425215315BC82BC75BA02926256354267A462475A3ACB9761560C37412583758CA5624 
B8C6A6C6A87A9C20CBA4534042014540523129075697651563160204230A7BA31C1485C6105201510490BCA891BA9B1B9ACO 
A9A89B898A565B8785745865747845A9546702305A41275315458767465747A8457845470379A8586B0A7698578767976759 
A976567686A567656A576B86581305A20AB0ACB0AB53523438235465325247563A432532A37235465764357 2373624634642 
4532397423435235653236423263235234327532342325396926853234232582642436823632346362358423242383242327 
523242325323432642324235323423 

TASS Soa S eae ess 11 crc=568dab04b55aa2fb 

n= 13 #lyn = 630 #= 630 


% ./pin 1313 # 13 bits, delta seq. output, comparison function 3 

n=13 #lyn = 630 
06B5745835464596254643673537 1CA8B1587BA7610635285A0C2484B97 13476B689A897 AC98768968B9A106326016261050 
1424B8979A78987B97898C098921941315313698314281687BCB9469C489C6210205B050A1A7A4568A9BC5CB79AB647B74812 
OAB30BC1A131ACB120B0164CA1CABA121ABACA2BOBACAB1845786784989584867646A8456191654694745787545865490137 
40201031012104270171216507457B854606C16BC523801365164130164BC7987A0987 2CBA9A87A20B787AC9B7CBA834C0C1 
3C034101042010C14C001C0414587854645A854C95035A6A9570A9756586B9B5969580A0872C3123B0CB316BC6COB21B2C0C2CO 
5301C0530CB1C1530C01CBOBC20CBCOCB1C87565756865A75A65A40898A898B9 1 CA898A8B898A81BC8A9ACA989AB817A9BC1 
BAQABA9CA9AB918A1CACBAC9BCBOBC 
last = ......eeeee 11 crc=745def277bifbedo 
n = 13 #lyn = 630 #= 630 


Figure 19.5-F: Delta sequences for two different Gray codes for 13-bit Lyndon words. 


For larger n one might want to print only the delta sequence, this is shown in figure |19.5-F| The CRC 
allows us to conveniently determine whether two delta sequences are different. Different sequences some- 
times start identically. 


For still larger values of n even the delta sequence tends to get huge (for example, with n = 37 the 
sequence would be approximately 3.7 GB). One can suppress all output except for a progress indication, 
as shown in figure Here the CRC checksum is updated only with every (cyclically unadjusted) 
2'6_th Lyndon word. 


Sometimes a Gray code through the necklaces (except for the all-zeros and all-ones words) is also found 
for composite n. Comparison functions 0, 1, and 2 lead to Gray codes (which are cycles) for all odd 


[fxtbook draft of 2008-January-19] 


372 Chapter 19: Searching paths in directed graphs 


% ./oin 2900 # 29 bits, output=progress, comparison function 0 
n= 29 #lyn = 18512790 


Shvagaree ices age as arsed 1048576 ( 5.66406 % ) crc=ceabc5f2056be699 
Beebe Neysdhets Fat geet dean aida 2 2097152 ( 11.3281 % ) crc=76dd94f 1a554b50d 
Syisieyid rs, hoe asain toes Ce 3145728 ( 16.9922 ¥% ) crc=6b39957f1e141f4d 
bribe cit asec a-Sre amatarsdte 4194304 ( 22.6563 % ) crc=53419af1f£1185dc0 
i ecavaane-ne tay sree arceug 5242880 ( 28.3203 % ) crc=45d45b193f8ee566 
edbncd cea dere Maeakueaew des 6291456 ( 33.9844 % ) crc=95a24c824f56e196 
sidenids gavisetsehiemarie eye ene. ats 7340032 ( 39.6484 ¥% ) crc=003eeb5af5b248e34 
Sse caiecd. ddataear See kde Gee 8388608 ( 45.3125 % ) crc=23cb74d3ea0c4587 
Susp saicee ante May oven epee 9437184 ( 50.9766 % ) crc=896fd04c87dd0d43 
5 afaharaudiastuetee skeen att 10485760 ( 56.6406 % ) crc=b00d8c899f0fc791 
siigin deesasiculn Rogie ants = 11534336 ( 62.3047 % ) crc=d148f1b95b23eeab 
Brigid ec Mee cake, Sede 12582912 ( 67.9688 % ) crc=82971e2ed4863050 
Lids farts idea cas aim naioar ee 13631488 ( 73.6328 % ) crc=f249ad5b4fed252d 
ee re er ee 14680064 ( 79.2969 % ) crc=909821d0c7246a98 
narra en eere 15728640 ( 84.9609 % ) crc=1c5d68e38e55b3ca 
2 Jinigs SiaacistActtioartn weenie. ace 16777216 ( 90.625 % ) crc=0e64f82c67c79cf1 
ee ee eee 17825792 ( 96.2891 % ) crc=62c17b9f3c644396 


VAS Go cscs wrdeare- aed dapat eet gow Hoes k eed & it crc=5736fc9365da927e 
n = 29 #lyn = 18512790 #= 18512790 


Figure 19.5-G: Computation of a Gray code through the 29-bit Lyndon words. Most output is sup- 
pressed, only the CRC is printed at certain checkpoints. 


n < 33. Gray cycles are also found with comparison function 3, except for n = 21, 27, and 33. All 
functions give Gray cycles also for n = 4 and n = 6. The values of n for which no Gray code could be 
found are the even values > 8. 


19.5.3 No Gray codes for even n > 8 


As the parity of the words in a Gray code sequence alternates between one and zero the difference between 
the numbers words of odd and even weight must be zero or one. If it is ones, no Gray cycle can exist 
because the parity of the first and last word is identical. We use the relations from section on 


page [344] 
For Lyndon words of odd length there are the same number of words for odd and even weight by symmetry, 


see figure|17.3-B]on page So a Gray code (and also a Gray cycle) can exist. 
For even lengths the sequence of numbers of Lyndon words of odd and even weights start as: 


n: 2, 4, 6, 8, 10, 12, 14, 16, 18, 20, 22, 24, 26, 
odd: 1, 2, 5, 16, 51, 170, 585, 2048, 7280, 26214, 95325, 349520, 1290555, 
even: 0, 1, 4, 14, 48, 165, 576, 2032, 7252, 26163, 95232, 349350, 1290240, 
diff: 15.13.15, -25.° 33 5, 9, 16, 28, 51, 93, 170, 315, 


The last row gives the differences, entry |A000048 of [214]. All entries for n > 8 are greater than one, so 
no Gray code does exist. 
For the number of necklaces we obtain, for n = 2,4,6,... 
n: 2, 4, 6, 8, 10, 12, 14, 16, 18, 20, 22, 24, 26, 
16, 52, 172, 586, 2048, 7286, 26216, 95326, 349536, 1290556, 


1; 2) 6, 
even: 2, 4) 8, 20; 56, 180, 596, 2068, 7316, 26272, 95420, 349716, 1290872. 
1,2,2, 4, 4, 8, 10, 20, 30, 56, 94, 180, 316, 


The (absolute) difference of both sequences is entry A000013 of [214]. We see that for n > 4 the numbers 
are greater than one, so no Gray code exists. 


If we exclude the all-ones and all-zeros words, then the differences are 


n: 2, 4, 6, 8, 10, 12, 14, 16, 18, 20, 22, 24, 26, ... 
diff: 1, 0, 0, 2, 2, 6, 8, 18, 28, 54, 92, 178, 314, ... 


And again, no Gray code exists for n > 8. That is, we have found Gray codes, and even cycles, for all 
computational feasible sizes were they can exist. 


[fxtbook draft of 2008-January-19] 


Part III 


Fast orthogonal transforms 


[fxtbook draft of 2008-January-19] 


373 


375 


Chapter 20 


The Fourier transform 


We introduce the discrete Fourier transform and give algorithms for its fast computation. Implementa- 
tions and optimization considerations for complex and real valued transforms are given. The fast Fourier 
transforms (FFTs) are the basis of the algorithms for fast convolution (given in eae which are 
in turn the core of the fast high precision multiplication routines described in chapter The number 
theoretic Fourier transforms (NTTs) are treated in chapter [25] Algorithms for Fourier transforms based 
on fast convolution are given in chapter [21] the transform for arbitrary length (Bluestein’s algorithm) in 
section [21.5] and prime-length transforms (Rader’s algorithm) in section [21.6] 


20.1 The discrete Fourier transform 


The discrete Fourier transform (DFT or simply FT) of a complex sequence a = [a,4@1,.--,@n—1] of 
length n is the complex sequence c = [co, C1,---,Cn—1] defined by 
c = Fal (20.1-1a) 
1 n-1 
eK I= = ee gtk where z= e?7#/" (20.1-1b) 


z is a primitive n-th root of unity: 2” =1 and zI £41 for0<j<n. 


Back-transform (or inverse discrete Fourier transform, IDFT or simply IFT) is then 
i = Foe! (20.1-2a) 
n—-1 


1 
a, I= chet” (20.1-2b) 


F[F[e@]], = - Bea (a,2"*) 2 9 (20.1-3a) 


= ~ Srae So (et) (20.1-3b) 


Now >, (2?~¥)* =n for x = y and zero else. This is because z is an n-th primitive root of unity: with 
x = y the sum consists of n times 2° = 1, with x 4 y the summands lie on the unit circle (on the vertices 


[fxtbook draft of 2008-January-19] 


376 Chapter 20: The Fourier transform 


of an equilateral polygon with center zero) and add up to zero. Therefore the whole expression is equal 
to 


1 = —_ Ji (@=y) 
nT Lyte boy = dy where dz := { b ea) (20.1-4a) 


Here we will call the FT with the plus in the exponent the forward transform. The choice is actually 
arbitrary, engineers seem to prefer the minus for the forward transform, mathematicians the plus. The 
sign in the exponent is called the sign of the transform. 


The FT is a linear transform. That is, for a, 3 € C 
Flaa+fb] = aFflal+$F[b] (20.1-5) 


Further Parseval’s equation holds, the sum of squares of the absolute values is identical for a sequence 
and its Fourier transform: 


n-1 n—-1 
Se laz|? = So lex? (20.1-6) 
«=0 k=0 


A straightforward implementation of the discrete Fourier transform, that is, the computation of n sums 
each of length n, requires ~ n? operations. 


void slow_ft(Complex *f, long n, int is) 


{ 
Complex h[n] ; 
const double phO = is*2.0*M_PI/n; 
for (long w=0; w<n; ++w) 
{ 
Complex t = 0.0; 
for (long k=0; k<n; ++k) 
{ 
t += f[k] * SinCos(ph0*k*w) ; 
} 
h{w] = t; 
} 
copy(h, f, n); 
} 


This is [FXT: slow_ft© in fft/slowft.cc]. The variable is= +1 is the sign of the transform, the func- 


tion SinCos(x) returns a Complex(cos(x), sin(x)). 


Note that the normalization factor 7 in front of the FT sums has been left out. The inverse of the 
transform with one sign is the transform with the opposite sign followed by a multiplication of each 
element by 1. One has to keep in mind if that the sum of squares of the original sequence and its 
transform are equal up to a factor 1/./n. 


A fast Fourier transform (FFT) algorithm is an algorithm that improves the operation count to propor- 
tional n S77", (py — 1), where n = pip2---Pm is a factorization of n. In case of a power n = p™ the 
value computes to n(p—1) log,,(n). In the special case p = 2 even n/2 log.(n) (complex) multiplications 
suffice. There are several different FFT algorithms with many variants. 


20.2 Summary of definitions of Fourier transforms * 


We summarize the definitions of the continuous, semi-continuous and the discrete Fourier transform. 


[fxtbook draft of 2008-January-19] 


20.2: Summary of definitions of Fourier transforms * 377 


The continuous Fourier transform 


The (continuous) Fourier transform (FT) of a function f:C" —C", ZH f(Z) is defined by 


1 Pans 
PG)! = —— | flee? dre (20.2-1) 
(Vimy Sex 
where o = +1 is the sign of the transform. The FT is a unitary transform. Its inverse is the complex 
conjugate transform 
A(@) aa f Pieter (20.2.2) 
x = Sa w)e Ww «Zo 
(Vim)” Jes 


For the 1-dimensional case one has 


Roe) = a i flajet?*? "de (20.2-3) 

fle) = =f Bw) en dus (20.2-4) 
The ‘frequency-form’ is 

Foy & i flaet?™ 212% dy (20.2-5) 

f(z) = [ Feyettera (20.2-6) 


The semi-continuous Fourier transform 


For periodic functions defined on a interval L € R, f: LR, «+ f(z) one defines the semi-continuous 
Fourier transform as: 


1 | Sahel 
Ct SS Fae ode (20.2-7) 
VL Ji 
The inverse transform is an infinite sum with the property 
k=+00 % A 
1 pial f(x) if f continuous at x 
OLTUKRLX = F = 20.2-8 
VE 2 — pete”) °) else ( ) 


An equivalent form of the semi-continuous Fourier transform is given by 


sake 


ay c= = [ fe) f(a dx, k=0,1,2,... (20.2-9a) 
vE 
be = “d ; eh Ded 20.2-9b 
r= a] te 2 (20.2-9b) 
1 do 27k 2rkax 
Lo Ss St |e Gp COS + by sin 20.2-9c 
fa) = IS ; i x cos EF 4 by sin 2 ) (20.2-9¢) 
The connection between the two forms is given by: 
3 (k = 0) 
Ck = $ (ax — ib.) (k > 0) (20.2-10) 
5 (ak +ibp) (k <0) 


[fxtbook draft of 2008-January-19] 


378 Chapter 20: The Fourier transform 


The discrete Fourier transform 


The discrete Fourier transform (DFT) of a sequence f of length n with elements f, is defined by 


n-1 
1 to2nixnzk/n 
Ce I= — y fr € (20.2-11) 
Jn = 
The inverse transform is 


n—1 
fo = See (20.2-12) 
k=0 


1 
Jn 
Some sources define c, := >... and f; = + >>.... With this definition the transform does not preserve 
norms but there is a computational saving when the normalization does not matter. When a transform 
and its inverse are applied in succession (as with convolution algorithms) then only one normalization 
(factors +) is needed instead of two (factors Fa): In the implementations of the transform we will in 


general omit the normalization altogether and leave it to the user to apply it where needed. 


20.3. Radix-2 FFT algorithms 


A little bit of notation 


In what follows let a be a length-n sequence with n a power of two. 


e Let ae”) and a’? denote the length-n/2 subsequences of those elements of a that have even and 
odd indices, respectively. That is, a(’°”) = [ao, ag, a4, a6,...,@n—2] and a" = [ay,a3,...,4n—1]. 


e Let aff) and a9") denote the left and right subsequences, respectively. That is, a('f) = 
[a0, Q1,++-,5 An /2—1] and alright) = [@n/2s An /241s°°° ee 


e Let c= S*a denote the sequence with elements cy, = az e7?7***/" where ¢ = £1 is the sign of the 
transform. The symbol S shall suggest a shift operator. With radix-2 FFT algorithms only S!/? is 
needed. 


e In relations between sequences we sometimes emphasize the length of the sequences on both sides 


(even) nf? plodd) + elodd) 


as ina . In these relations the operators plus and minus are to be understood 


as element-wise. 


20.3.1 Decimation in time (DIT) FFT 


The following observation is the key to the (radix-2) decimation in time (DIT) FFT algorithm, also called 
Cooley-Tukey FFT algorithm: For even values of n the k-th element of the Fourier transform is 


n—-1 n/2-1 n/2-1 
Fla = So ae gk S- ee eae se 2x41 z@atik (20.3-1a) 
x=0 xr=0 x=0 
n/2-1 n/2-1 
= S- ase rs S- djacaee =” (20.3-1b) 
x=0 x=0 
where z = e7*27/", g = +1 is the sign of the transform, and k € {0,1,...,n— 1}. 


The identity tells us how to compute the k-th element of the length-n Fourier transform from the length- 
n/2 Fourier transforms of the even and odd indexed subsequences. 


[fxtbook draft of 2008-January-19] 


20.3: Radix-2 FFT algorithms 379 


To actually rewrite the length-n FT in terms of length-n/2 FTs one has to distinguish whether 
0<k<n/2 or n/2<k<n. In the expressions we rewrite k € {0,1,2,....n -l} ask = j+06% 
where j € {0,1,2,...,n/2—1} and 6 € {0,1}: 


1 n/2-1 n/2-1 
S- Ay 2 (G46 5) S- glove) 22 G+ ) ah jt 7 S- qo) 72 (J+ B) (20.3-2a) 
x=0 «2=0 x=0 
n/2-1 n/2-1 
S- gee g2ti4 z3 > ar? goes for 6=0 
= aia — (20.3-2b) 
n/2-1 n/2-1 


> gre) 2205 — 2 : (odd) 22s for 6=1 
x=0 x=0 


The minus sign in the relation for 6 = 1 is due to the fact that z/+h"/? = 23 27/? = —23, 


Observing that z? is just the root of unity that appears in a length-n/2 transform one can rewrite the 
last two equations to obtain the radiz-2 DIT FFT step: 


Fla] n/2 Fl aleven) | 4S PY glee) (20.3-3a) 
Fla] (right) n/2 Fl glover) | _ SU2 ZT glodd) | (20.3-3b) 


The length-n transform has been replaced by two transforms of length n/2. If n is a power of 2 this 
scheme can be applied recursively until length-one transforms are reached which are identity (‘do nothing’) 
operations. 


Thereby the operation count is improved to proportional n-log,(n): there are log,(n) splitting steps, the 
work in each step is proportional to n. 


Note that the operator S depends on the sign of the transform. 


20.3.1.1 Recursive implementation 


A recursive implementation of radix-2 DIT FFT given as pseudo code (C++ version in [FXT: 
fft /recfit2.cc}) is 


procedure rec_fft_dit2(a[], n, x[], is) 
// complex a[0..n-1] input 

// complex x[0..n-1] result 

{ 


complex b[0..n/2-1], c[0..n/2-1] // workspace 
complex s[0..n/2-1], t[0..n/2-1] // workspace 


if n == 1 then // end of recursion 
x[0] := a[0] 
return 

nh := n/2 


for k:=0 to nh-1 // copy to workspace 


s(k] : 
tik] : 


a[2*k] // even indexed elements 
a[2*k+1] // odd indexed elements 


// recursion: call two half-length FFTs: 
rec_fft_dit2(s{], nh, b[], is) 
rec_fft_dit2(t[], nh, c[], is) 


fourier_shift(c[], nh, is*1/2) 
for k:=0 to nh-1 // copy back from workspace 
a 


[fxtbook draft of 2008-January-19] 


380 Chapter 20: The Fourier transform 


x[k] = blk] + c[k] 
x{k+tnh] := bik] - c[k] 
} 
The parameter is= 0 = +1 is the sign of the transform. The data length n must be a power of 2. The 


result is returned in the array x[]. Note that normalization (multiplication of each element of x[] by 
1/,/n) is not included here. 


The procedure uses the subroutine fourier_shift which modifies the array c[] according to the op- 
eration S”’: each element c[k] is multiplied by e??7**/". It is called with v = +1/2 for the Fourier 


transform. The pseudo code (C++ equivalent in [FXT: fft /fouriershift.cc]) is 


procedure fourier_shift(c[], n, v) 


{ 


a k:=0 to n-1 
c[k] := c[k] * exp(v*2.0*PI+*I*k/n) 
} 


The recursive FF T-procedure involves n log,(n) function calls, which can be avoided by rewriting it in a 
non-recursive way. One can even do all operations in-place, no temporary workspace is needed at all. The 
price is the necessity of an additional data reordering: the procedure revbin_permute(a[] ,n) rearranges 
the array a[] in a way that each element a, is swapped with az, where x is obtained from x by reversing 
its binary digits. Methods to do this are discussed in section 


20.3.1.2 Iterative implementation 


Pseudo code for a non-recursive procedure of the radix-2 DIT algorithm (C++ implementation given in 
[FXT: ft /fitdit2.cc’ ): 


procedure fft_depth_first_dit2(a[], ldn, is) 
// complex a[0..2**ldn-1] input, result 


{ 
n := 2**ldn // length of a[] is a power of 2 
revbin_permute(a[], n) 
for ldm:=1 to ldn // log_2(n) iterations 
t 
m := 2**]1dm 
mh := m/2 
for r:=0 to n-m step m // n/m iterations 
{ 
for j:=0 to mh-1 // m/2 iterations 
e := exp(is*2*PI*I*j/m) // log_2(n)*n/m*m/2 = log_2(n)*n/2 computations 
u := a[rtj] 
v := alr+j+mh] * e 
alr+j] =utyv 
a[rt+jtmh] :=u-v 
} 
} 
} 
} 
This version of a non-recursive FFT procedure already avoids the calling overhead and it works in-place. 
But it is a bit wasteful. The (expensive) computation e := exp(is*2*PI+*I*j/m) is done n/2-log,(n) 
times. 


20.3.1.3 Saving trigonometric computations 


To reduce the number of sine and cosine computations, one can simply swap the two inner loops, leading 
to the first ‘real world’ FFT procedure presented here. Pseudo code for a non-recursive procedure of the 


radix-2 DIT algorithm (C++ version in [F XT: fft /fftdit2.cc}): 


[fxtbook draft of 2008-January-19] 


20.3: Radix-2 FFT algorithms 381 


procedure fft_dit2(a[], ldn, is) 
// complex a[0..2**ldn-1] input, result 


n := 2**ldn 
revbin_permute(a[], n) 
for ldm:=1 to ldn // log_2(n) iterations 


ai 
m = 2**1ldm 
mh := m/2 
for j:=0 to mh-1 // m/2 iterations 
{ 
e := exp(is*2*PI*I*j/m) // 1+ 2+... + n/8 + n/4 + n/2 == n-1 computations 
for r:=0 to n-m step m 
{ 
u := a[rtj] 
v := alr+jt+mh] * e 
alr+j] =utyv 
a[rt+jtmh] :=u-v 
} 
} 


} 


Swapping the two inner loops reduces the number of trigonometric computations to n but leads to a 
feature that many FFT implementations share: memory access is highly nonlocal. For each recursion 
stage (value of 1dm) the array is traversed mh times with n/m accesses in strideq!| of mh. As mh is a power 
of two this can (on computers that use memory cache) have a very negative performance impact for large 
values of n. On computers where the memory access is very slow compared to the CPU the naive version 
can actually be faster. 


It is a good idea to extract the ldm==1 stage of the outermost loop, this avoids complex multiplications 
with the trivial factors 1+ 0% (and the computations of these quantities as trigonometric functions). 
Replace 


a ldm:=1 to ldn 


by 
for r:=0 to n-1 step 2 


fa[r], alfr+i]} := falr]+talr+1], alr]-alr+1]} 


ldm:=2 to ldn 


20.3.2 Decimation in frequency (DIF) FFT 


Splitting of the Fourier sum into a left and right half leads to the decimation in frequency (DIF) FFT 
algorithm, also called Sande-Tukey FFT algorithm. For even values of n the k-th element of the Fourier 
transform is 


n-1 n/2-1 m1 
Fla, = yee = S- ee ae S- ane?” (20.3-4a) 
«z=0 «z=0 z=n/2 
n/2-1 n/2-1 
= i eae S- On4-n/2 glern/2ye (20.3-4b) 
«2=0 x2=0 
n/2-1 
= y (alle) ae xk n/2 alright) tk (20.3-4c) 
«x=0 


1Stride-n memory access: consecutive accesses to addresses that are n units apart. 


[fxtbook draft of 2008-January-19] 


382 Chapter 20: The Fourier transform 


where z = e7*27/", g = +1 is the sign of the transform, and k € {0,1,...,n— 1}. 


Here one has to distinguish whether k is even or odd. Therefore we rewrite k € {0,1,2,...,n —1} as 
k =23+6 where j € {0,1,2,...,n/2—1} and 6 € {0,1}: 


n—-1 n/2-1 
ST aag 22448) ST (alles) 4 (2548) 0/2 glriaht)y 20 (2548) (20.3-5a) 
x=0 a2=0 
n/2-1 
S- (allefe) ae alright)) 22t5 for 56=0 
= bri (20.3-5b) 


S- zt (allef) _ alright) y2@5 for 6=1 
x=0 


z(25+8) n/2 — e£779 is equal to plus or minus one for 6 = 0 or 6 = 1 corresponding to k even or odd. The 
last two equations are, more compactly written, the key to the radiz-2 DIF FFT step: 


(even) n/2 


Fla] Fl alle) 4 glright) | (20.3-6a) 
Fla] n/2 F[s¥? (ater = alristt)\ J (20.3-6b) 


A recursive implementation of radix-2 DIF FFT given as pseudo code (C++ version given in [FXT: 
fft /recfit2.cc}) is 


procedure rec_fft_dif2(a[], n, x[], is) 
// complex a[O..n-1] input 

// complex x[0..n-1] result 

{ 


complex b[0..n/2-1], c[0..n/2-1] // workspace 
complex s[0..n/2-1], t[0..n/2-1] // workspace 


- n == 1 then 
x[0] := a[0] 
turn 


re 
} 
nh := n/2 
al k:=0 to nh-1 
s[k] := alk] // ?left’ elements 
t[k] := alktnh] // ’right’ elements 
} 


ee k:=0 to nh-1 
{s({k], t[k]} := {(s[k]+t[k]), (s[k]-t[k])} 


fourier_shift(t[], nh, is*0.5) 


0 
for k:=0 to nh-1 
x(j] := bik] 
x[j+1] := c[k] 
j i= jr2 
} 
The parameter is =o = +1 is the sign of the transform. The data length n must be a power of 2. The 


result is returned in the array x[]. Again, the routine does no normalization. 


Pseudo code for a non-recursive procedure (a C++ implementation is given in [FXT: |fft /fftdif2.cc ): 


procedure fft_dif2(a[] ,ldn,is) 
// complex a[0..2**ldn-1] input, result 
{ 


[fxtbook draft of 2008-January-19] 


20.4: Saving trigonometric computations 383 


n := 2**1ldn 
for ldm:=ldn to 1 step -1 
{ 


m := 2**]ldm 

mh := m/2 

for j:=0 to mh-1 
{ 


e := exp(is*2+*PI*I*j/m) 
for r:=0 to n-m step m 


u := a[rtj] 

v := alr+jt+mh] 

a[rt+j] = (u + v) 
a[rt+jtmh] := (u- v) *e 


} 
} 


revbin_permute(a[], n) 


In DIF FFTs the revbin_permute()-procedure is called after the main loop, in the DIT code it was 
called before the main loop. As in the procedure for the DIT FFT (section |20.3.1.3]on page the 
inner loops where swapped to save trigonometric computations. 


Extracting the 1dm==1 stage of the outermost loop is again a good idea. Replace the line 
for ldm:=ldn to 1 step -1 

by 
for ldm:=ldn to 2 step -1 

and insert 
for r:=0 to n-1 step 2 


fa[r], alrt+i1]} := falr]+alr+1], alr]-alr+1]} 


before the call of revbin_permute(a[], n). 


20.4 Saving trigonometric computations 


The sine and cosine computations are an expensive part of any FFT. There are two apparent ways for 
saving the involved CPU cycles, the use of lookup-tables and recursive methods. The CORDIC algorithms 
for sine and cosine given in section|33.2.l/on page can be useful when implementing FFTs in hardware. 


20.4.1 Using lookup tables 


The idea is to precompute all necessary values, store them in an array, and later looking up the values 
needed. This is a good idea if one wants to compute many FFTs of the same (small) length. For FFTs 
of large sequences one gets large lookup tables that can introduce a high cache-miss rate. Thereby one 
is likely experiencing little or no speed gain, even a notable slowdown is possible. However, for a length- 
n FFT one does not need to store all the (n complex or 27 real) sine/cosine values exp(27ik/n) = 
cos(27k/n) + 4 sin(2a7k/n) where & = 0,1,2,3,...,n—1. For the lookups one can use the symmetry 
relations 


cos(7+2) = —cos(s) (20.4-1a) 
sin(t +2) = —sin(x) (20.4-1b) 


[fxtbook draft of 2008-January-19] 


384 Chapter 20: The Fourier transform 


To reduce the interval from 0...27 to 0...a. Exploiting the relations 


cos(7/2+a”) = —sin(z) (20.4-2a) 
sin(7/2+2) = +cos(x) (20.4-2b) 


further reduces the interval to 0...7/2. Finally, the relation 
sin(z) = cos(7/2— 2) (20.4-3) 


shows that only the table of cosines is needed. That is, already a table of the n/4 real values cos(2 7 i k/n) 
for k = 0,1,2,3,...,n/4—1 suffices for a length-n FFT computation. The size of the table is thereby cut 
by a factor of 8. Possible cache problems can sometimes be mitigated by simply storing the trigonometric 
values in reversed order which can avoid many equidistant memory accesses. 


20.4.2 Recursive generation 


In FFT computations one typically needs the values 


[exp(iy0)=1, exp(tyy), exp(ip27), exp(iy3y), ...] where yER 


in sequence. The naive idea for a recursive computation of these values is to precompute d = exp(i v7) 
and then compute the following value using the identity exp (i pk y) = d-exp (iy (k — 1) y). This method, 
however, is of no practical value because the numerical error grows exponentially in the process. 


A stable version of a trigonometric recursion for the computation of the sequence can be stated as follows. 
Precompute 


c = cosy, (20.4-4a) 

c= ge (20.4-4b) 

a = l-cosy [Cancellation!] (20.4-4c) 

2 
= 9 (sin 3) [OK] (20.4-4d) 
B = siny (20.4-4e) 
Then compute the next pair (c;,s,) from the previous one (c, s) via 

cy = c—(ac+ 8s); (20.4-5a) 

8, = s—(as— eo); (20.4-5b) 


The underlying idea is to use the relation E(y + y) = E(y) — E(w) - z where E(x) := exp(27i2). This 
leads to z = 1—cosy—isiny = 2 (sin a)" —isiny. 


Do not expect to get all the precision you would get with calls of the sine and cosine functions, but even 
for very long FFTs less than 3 bits of precision are lost. When working with (C-type) doubles it might 
be a good idea to use the type long double with the trigonometric recursion: the generated values will 
then always be accurate within the double-precision, provided long doubles are actually more precise 
than doubles. With high precision multiplication routines (that is, with exact integer convolution) this 
can be mandatory. 


A real-world example from [FXT: fht_dif_core() in fht/fhtdif.cc}: 


[--snip--] 
double tt = M_PI_4/kh; // the angle increment 
double si = 0.0, cl = 41.0; // start at angle zero 


double al = sin(0.5*tt); 
al *= (2.0*al); 
double be = sin(tt); 


[fxtbook draft of 2008-January-19] 


20.5: Higher radix FFT algorithms 385 


for (ulong i=1; i<kh; i++) 
{ 


double t1 = ci; 
ci -= (al*titbe*s1); 
si -= (al*si-be*t1); 


// here ci = cos(tt*i) and si = sin(tt*i) 
[--snip-- 


The variable tt equals ¥y in relations |20.4-4d] and |20.4-4e]on the facing page. 


20.5 Higher radix FFT algorithms 


Higher radix FFT algorithms save trigonometric computations. The radix-4 FFT algorithms presented 
in what follows replace all multiplications with complex factors (0, +2) by the obvious simpler operations. 
Radix-8 algorithms also simplify the special cases where the sines and cosines equal +,/1/2. 


Further the bookkeeping overhead is reduced due to the more unrolled structure. Moreover, the number 
of loads and stores is reduced. 


More notation 


Let a be a length-n sequence where n is a multiple of m. 


e Let a"”™ denote the subsequence of the elements with index x where « =r mod m. For example, 
q00%2) — gleren) and a8%4) = [a3, a7, 011, 415,-.-]. The length of a”™) is n/m. 


e Let a\"/™ denote the subsequence of elements with indices te —1. For example a‘!/?) = 


a‘rght) and al?/9) is the last third of a. The length of a\"/™ is also n/m. 


(r+1)n 


20.5.1 Decimation in time algorithms 

First rewrite the radix-2 DIT step (relations [20.3-3a] and on page [379) in the new notation: 
Fla] © 2 s%2F/ q0%)] + $12 F[ 0%) ] (20.5-1a) 
Fla]? "2 2F/ q%)] — §1/2F[ g%)] (20.5-1b) 


The operator S is defined on section on page note that S°/? = S° is the identity operator. 


The derivation of the radix-4 step is analogous to the radix-2 step, it just involves more writing and does 
not give additional insights. So we just state the radiz-4 DIT FFT step which can be applied when n is 
divisible by 4: 


Fla] (0/4) n/4 +SU4F[ g(0%4) | apy SUAF[ a%4) ] a S24 F[ 2%] a S/4Fla (3%4) ) (20. 5-2a) 

Fla] (1/4) n/4 +54 F[ gO) | 4 ioS/4F[ ah") ] — 52/4 F[ ag 2) ] — ios?/4F[ a@%) (20.5-2b) 

Fla] (2/4) n/4 45/4 Ff g(0%4) ] _ SUAZ] gt%4) ] + SAF] g2%4) ] _ SIF] 3%) (20.5-2c) 

Fla] (3/4) n/4 45/4 Ff g0%4)] _ io SV/4F[ at) | - S24 ZF] g2%4) ] i ioS?/4F[ a (3%4) ) {20. 5-2d) 

In contrast to the radix-2 step that happens to be identical for forward and backward transform the sign 
of the transform 0 = +1 appears explicitly. The relations, written more compactly: 

F[a]9 u/4 er 2in 05/4 , SUSE g (0%) ] 4 er 2inlg/A SUA q(t%4) ] (20.5-3) 


et 2im2g/4, SPE g (2%) ] 4 et 2im3g/4 SAF g (3%) ] 


[fxtbook draft of 2008-January-19] 


386 Chapter 20: The Fourier transform 


where j € {0,1,2,3} and n is a multiple of 4. Still more compactly: 


: 3 
Fal" uri Dae ma Foie ab aed ie {0,1,2,3} (20.5-4) 
k=0 


where the summation symbol denotes element-wise summation of the sequences. The dot indicates 
multiplication of all elements of the sequence by the exponential. 


The general radiz-r DIT FFT step, applicable when n is a multiple of r, is: 


: r-1 
Fla]O "LS er2ixkilr. shin z[ah%)] 5 =0,1,2,...,7-1 (20.5-5) 
k=0 


Our notation turned out to be useful indeed. 


20.5.2 Decimation in frequency algorithms 


The radix-2 DIF step (relations |20.3-6a] and |20.3-6b| on page |382), in the new notation: 
Fla]O™ 2 xis (ao/2) 4 al) (20.5-6a) 
Aa nf2 F[S'?(a (0/2) _ ait/?)) (20.5-6b) 


The radiz-4 DIF FFT step, applicable for n divisible by 4, is 


Fla] (0%4 n/A F[ 8/4 (a 0/4) a /4) ihe 2/4) As a oA) (20.5-7a) 
Flay — FLsV4(a 4) tae 9) — @/9 — ig al) (20.5-7b) 
Fla] (2%4)  n/4 F[S2/4 (a 0/4) g(t/4) 4 g(2/4)_ ig ue) (20.5-7¢) 
Flay ae FL S*(a We) re  — a2/9 + igab/) (20.5-7d) 
Again, ¢ = +1 is the sign of the transform. More compactly: 
i%4 4 ae a 
Flal "L Fl si/* Seri k/4. gk/)] 5 € {0,1,2,3} (20.5-8) 
k=0 
The general radiz-r DIF FFT step is 
i% / _~ imk j 
F(a] or) mfr FSI er Pir kale, gl/7)] Ge 10190. ¢ =} (20.5-9) 
k=0 


20.5.3 Implementation of radix-r FFTs 


For the implementation of a radix-r FFT with r # 2 the revbin_permute routine has to be replaced by its 
radix-r version radix_permute. The reordering now swaps elements a, with az where & is obtained from 
x by reversing its radix-r expansion (see section on page |89). In most practical cases one considers 
r =p” where p is prime. Pseudo code for a radix T r =p” DIT FFT: 


procedure fftdit_r(a[], n, is) 

// complex a[0..n-1] input, result 
// p (hardcoded) 

// v == power of p (hardcoded) 


[fxtbook draft of 2008-January-19] 


20.5: Higher radix FFT algorithms 387 


// nu == power of p (not necessarily a power of r) 


radix_permute(al[], n, p) 


1x log(r) / log(p) // r == p ** 1x 
in log(n) / log(p) 
ldm := (log(m)/log(p)) % 1x 


if ( ldm !=0) //n is not a power of p 


{ 
XX := p**1lx 
for z:=0 to n-xx step xx 
{ 
fft_dit_xx(a[z..ztxx-1], is) // inlined length-xx dit fft 
} 
} 
for ldm:=ldm+lx to 1n step 1x 
{ 
m := p**ldm 
mr := m/r 
for j := 0 to mr-1 
{ 
e := exp(is*2+*PI*I*j/m) 
for k:=0 to n-m step m 
{ 
// all code in this block should be 
// inlined, unrolled and combined: 
// temporary ul0..r-1] 
for z:=0 to r-1 
ulz] := alk+j+mr*z] 
} 
radix_permute(u[], r, p) 
oe z:=1 to r-1 // e**0 == 
ulz] := ulz] * e**z 
r_point_fft(ul[], is) 
for z:=0 to r-1 
a[k+jtmr*z] := ul[z] 
} 
} 
} 


} 


Of course the loops that use the variable z have to be unrolled, the (length-p”) scratch space u[] has to 
be replaced by explicit variables (for example, u0, ul, ...  ), and the r_point_fft(u[],is) shall be 
an inlined p*-point FFT. 


There is one pitfall: if one uses the radix-p permutation instead of a radix-p* permutation (for example, 
the radix-2 revbin_permute() for a radix-4 FFT), then some additional reordering is necessary in the 
innermost loop. In the given pseudo code this is indicated by the radix_permute(ul[] ,p) just before the 
p_point_fft(u[] ,is) line. 


20.5.4 Radix-4 DIT FFT 
C++ code for a radix-4 DIT FFT is given in [FXT: fft/fftdit4l.cc): 


4; // = 


static const ulong RX r 
2; // == log(r)/log(p) == log_2(r) 


static const ulong LX 


void 
fft_dit41(Complex *f, ulong ldn, int is) 
// Decimation in time radix-4 FFT. 


double s2pi = ( is>O ? 2.0*M_PI : -2.0*M_PI ); 


[fxtbook draft of 2008-January-19] 


388 


const ulong n = (1UL<<ldn) ; 


revbin_permute(f, n); 
ulong 1ldm = (ldn&1); 


if ( ldm!=0 ) // nis not a power of 4, need a radix-2 step 


for (ulong r=0; r<n; r+=2) 


Complex aO = flr]; 
Complex al = f[r+1]; 
f[r] = a0 + al; 
f[rt+i] = a0 - al; 
} 
} 
ldm += LX; 
for ( ; ldm<=ldn ; 1ldm+=LX) 
{ 
ulong m = (1UL<<1ldm) ; 
ulong m4 = (m>>LX); 
double phO = s2pi/m; 
for (ulong j=0; j<m4; j++) 
{ 
double phi = j*ph0; 
Complex e = SinCos(phi) ; 
Complex e2 = SinCos(2.0*phi) ; 
Complex e3 = SinCos(3.0*phi) ; 
for (ulong r=0; r<n; rt+=m) 
ulong i0 =j tr; 
ulong ii = 10 + m4; 
ulong i2 = i1 + m4; 
ulong i3 = i2 + m4; 
Complex aO = £[1i0]; 
Complex ail = £[12]; // (!) 
Complex a2 = f[ii]; // (!) 
Complex a3 = £[i3]; 
al *= e; 
a2 *= e2; 
a3 *= e3; 
Complex tO = (a0+a2) + (al+a3); 
Complex t2 = (a0+a2) - (ai+a3); 
Complex t1 = (a0-a2) + Complex(0,is) * (a1-a3); 
Complex t3 = (a0-a2) - Complex(0,is) * (a1-a3); 
£[i0] = to; 
f[i1] = t1; 
£[i2] = t2; 
£[i3] = t3; 
Be 
} 
} 


} 


Chapter 20: The Fourier transform 


For reasonable performance the call to the procedure radix_permute(u[],p) of the pseudo code has 
been replaced by changing indices in the loops where the a[z] are read. The respective lines are marked 


with the comment ‘// (!)’. 


In order not to restrict the possible array sizes to powers of p” = 4 but only to powers of p = 2 an 
additional radix-2 step has been prepended that is used when n is an odd power of two. 


The routine [FXT: fft_dit4_core_p1() in is a reasonably optimized radix-4 DIT FFT 
implementation. It starts with an radix-2 or radix-8 step for the initial pass with trivial exp()-values. 
The core routine is hardcoded for 0 = +1 and called with swapped real and imaginary part for the inverse 
transform as explained in section [20.8] on page [397] 


The routine, however, uses separate arrays for real and imaginary parts which is very problematic with 
large transforms: the memory access pattern in skips that are a power of two will lead to cache problems. 


[fxtbook draft of 2008-January-19] 


20.5: Higher radix FFT algorithms 389 


A routine that uses the C++ type complex is given in [FXT: fft/cfftdit4.cc|. The core routine is hardcoded 
for o = —1 (therefore the name suffix _m1): 


void 

fft_dit4_core_m1(Complex *f, ulong ldn) 

// Auxiliary routine for fft_dit4() 

// Radix-4 decimation in frequency FFT 

// 1dn := base-2 logarithm of the array length 
// Fixed isign = -1 

// Input data must be in revbin_permuted order 


{ 
const ulong n = (1UL<<1ldn) ; 
if ( n<=2 ) 
{ 
if ( n==2 ) sumdiff(f[0], f[1]); 
return; 
ulong ldm = ldn & 1; 
if ( ldm!=0 ) //n is not a power of 4, need a radix-8 step 
for (ulong i0=0; i0<n; i0+=8) fft8_dit_core_m1(f+i0); // isign 
} 
else 
for (ulong i0=0; i0<n; i0+=4) 
{ 
ulong i1 = i0 + 1; 
ulong i2 = i1 + 1; 
ulong i3 = i2 + 1; 
Complex x, y, u, V; 
sumdiff(f[i0], flii], x, u); 
sumdiff(f[i2], f[i3], y, v); 
v *= Complex(0, -1); // isign 
sumdiff(u, v, f[ii], £[13]); 
sumdiff(x, y, f[i0], £[i2]); 
} 
} 
ldm += 2 * LX; 
for ( ; ldm<=ldn; 1dm+=LX) 
ulong m = (1UL<<1dm) ; 
ulong m4 = (m>>LX); 
const double phO = -2.0*M_PI/m; // isign 
for (ulong j=0; j<m4; j++) 
{ 
double phi = j * pho; 
Complex e = SinCos(phi) ; 
Complex e2 = e * e; 
Complex e3 = e2 * e; 
for (ulong r=0; r<n; rt+=m) 
ulong i0 =j tr; 
ulong ii = i0 + m4; 
ulong i2 = ii + m4; 
ulong i3 = i2 + m4; 
Complex x = f[il] * e2; 
Complex u; 
sumdiff3_r(x, f[i0], u); 
Complex v = f£[i3] * e3; 
Complex y = f[i2] * e; 
sumdiff(y, v); 
v *= Complex(0, -1); // isign 
sumdiff(u, v, f[ii], £[43]); 
sumdiff(x, y, f£[i0], £[i2]); 
} 
} 
} 
} 


The sumdiff() function is defined in [FXT: |jaux0/sumdiff.h]: 


[fxtbook draft of 2008-January-19] 


390 Chapter 20: The Fourier transform 


template <typename Type> 

static inline void sumdiff(Type &a, Type &b) 
// {a, b} <--| fatb, a-b} 

{ Type t=a-b; at=b; b=t; } 


The routine ff£t8_dit_core_m1() is an unrolled size-8 DIT FFT (hardcoded for o = —1) given in [FXT: 
fft /fft8ditcore.cc|. We further need a version of the routine for the positive sign. It uses a routine 


ff£t8_dit_core_p1() for the computation of length-8 DIT FFTs (with o = —1). The following changes 
need to be made in the core routine [F XT: |fft/cfftdit4.cc : 
void 


fft_dit4_core_p1(Complex *f, ulong ldn) 
// Fixed isign = +1 


{ 
[--snip--] 
for (ulong i0=0; i0<n; i0+=8) fft8_dit_core_p1(f+i0); // isign 
[--snip--] 
v *= Complex(0, +1); // isign 
[--snip--] 
const double phO = +2.0*M_PI/m; // isign 
[--snip--] 
v *= Complex(0, +1); // isign 
[--snip--] 
} 


The routine to be called by the user is 


void 

fft_dit4(Complex *f, ulong ldn, int is) 

// Fast Fourier Transform 

// 1dn := base-2 logarithm of the array length 


// is := sign of the transform (+1 or -1) 
// Radix-4 decimation in time algorithm 
t 


revbin_permute(f, 1UL<<1ld); 
if ( is>O0 ) fft_dit4_core_pi(f, 1ldn); 
else fft_dit4_core_mi(f, ldn); 


A version that uses the separate arrays for real and imaginary part is given in [FXT: |fft/fftdit4.cc|. The 
type complex version, should be preferred for large transforms. 


20.5.5 Radix-4 DIF FFT 


Pseudo code for a radix-4 DIF FFT: 


procedure fftdif4(a[], ldn, is) 
// complex a[0..2**ldn-1] input, result 
{ 


n := 2**ldn 
for ldm := ldn to 2 step -2 
{ 
m = 2**1dm 
mr := m/4 
for j := 0 to mr-1 
{ 
e = exp(is*2*PI+*I*j/m) 
e2 :=e *e 
e3 := e2*e 
for r := 0 to n-m step m 
a 
ud := a[r+j] 
ul := a[r+j+mr] 
u2 := alr+j+mr*2] 
u3 := a[r+j+mr*3] 
x := ud + u2 
y := ul + u3 
tO x+y // == (a0tu2) + (ut+u3) 


x - y // == (u0+u2) - (uitu3) 


x := ud - u2 


[fxtbook draft of 2008-January-19] 


20.5: Higher radix FFT algorithms 391 


y := (ul - u3)*I*is 


ti :=x+y // == (u0-u2) + (u1-u3)*I*is 
t3 :=x-y // == (u0-u2) - (u1-u3)*I*is 
ti := ti * e 

t2 := t2 * e2 

t3 := t3 * e3 

alr+j] = t0 

a(r+jtmr] =t2 // (!) 

alr+jtmr*2] := t1 // (!) 

al[rt+jtmr*3] := t3 


} 
} 


if is_odd(ldn) then // n not a power of 4 
for r:=0 to n-2 step 2 


falr], alr+1]} := falr]+talrt+i], alr]-alr+1]} 


} 
revbin_permute(al[] ,n) 
} 
The C++ equivalent is [|FXT: fft_dif41() in fft/fftdif4l.cc|. A reasonably optimized implementation is 
given in [FXT: fft/cfitdif4.cc,, it is hardcoded for og = +1 (therefore the name suffix _p1): 
static const ulong RX = 4; 
static const ulong LX = 2; 


void 

fft_dif4_core_p1(Complex *f, ulong ldn) 

// Auxiliary routine for fft_dif4(). 

// Radix-4 decimation in frequency FFT. 

// Output data is in revbin_permuted order. 

// 1dn := base-2 logarithm of the array length. 
// Fixed isign = +1 


t 
const ulong n = (1UL<<ldn) ; 
c ( n<=2 ) 
if ( n==2 ) sumdiff(f[0], f[1]); 
return; 


for (ulong ldm=ldn; ldm>=(LX<<1); 1dm-=LX) 
{ 
ulong m = (1UL<<1ldm) ; 
ulong m4 = (m>>LX); 
const double phO = 2.0*M_PI/m; // isign 
for (ulong j=0; j<m4; j++) 
{ 


double phi = j * pho; 

Complex e = SinCos(phi) ; 

Complex e2 = e * e; 

Complex e3 = e2 * e; 

for (ulong r=0; r<n; rt+=m) 
ulong i0 =j tr; 
ulong ii = 10 + m4; 
ulong i2 = ii + m4; 
ulong i3 = 12 + m4; 


Complex x, y, u, V; 
sumdiff(f[i0], f[i2], x, w); 
sumdiff(f[i1], £[13], y, v); 

v *= Complex(0, +1); // isign 


diffsum3(x, y, £[i0]); 
f[ii] = y * e2; 
sumdiff(u, v, x, y); 
£[i3] = y * e3; 

£[i2] =x * e; 


[fxtbook draft of 2008-January-19] 


392 Chapter 20: The Fourier transform 


if (ldn&1) //n is not a power of 4, need a radix-8 step 


for (ulong i0=0; i0<n; i0+=8) fft8_dif_core_p1(f+i0); // isign 


} 
else 
for (ulong i0=0; i0<n; i0+=4) 
{ 
ulong i1 = 10 + 1; 
ulong i2 = i1 + 1; 
ulong i3 = i2 + 1; 
Complex x, y, u, V; 
sumdiff(f[i0], #[i2], x, u); 
sumdiff(f[ii], f[i3], y, v); 
v *= Complex(0, +1); // isign 
sumdiff(x, y, f[i0], f[i1]); 
sumdiff(u, v, £[i2], £[13]); 
} 
} 
} 
The routine for 0 = —1 needs changes where the comment isign appears [FXT: |fft/cfftdif4.cc’:: 
void 


fft_dif4_core_m1(Complex *f, ulong ldn) 
// Fixed isign = -1 


{ 
[--snip--] 
const double phO = -2.0*M_PI/m; // isign 
[--snip--] 
v *= Complex(0, -1); // isign 
[--snip--] 
for (ulong i0=0; i0<n; i0+=8) fft8_dif_core_m1(f+i0); // isign 
[--snip--] 
v *= Complex(0, -1); // isign 
[--snip--] 
} 


The routine to be called by the user is 


void 

fft_dif4(Complex *f, ulong ldn, int is) 

// Fast Fourier Transform 

// 1dn := base-2 logarithm of the array length 
// is := sign of the transform (+1 or -1) 

// vadix-4 decimation in frequency algorithm 


if ( is>O ) fft_dif4_core_pi(f, 1ldn); 
else fft_dif4_core_mi(f, ldn); 
revbin_permute(f, 1UL<<ldn) ; 

} 


A version that uses the separate arrays for real and imaginary part is given in [FXT: fft/fftdif4.cc). Again, 
the type complex version, should be preferred for large transforms. 


20.6 Split-radix Fourier transforms 


The idea underlying the split-radiz FFT algorithm is to use both radix-2 and radix-4 decompositions at 
the same time. We use one relation from the radix-2 (DIF) decomposition (relation [20.3-6a] on page |382\ 
the one for the even indices), and for the odd indices we use the radix-4 splitting (relations 
and on page in a slightly reordered form. The radix-4 decimation in frequency (DIF) step 


[fxtbook draft of 2008-January-19] 


20.6: Split-radix Fourier transforms 393 


for the split-radix FFT is 


Fla a ey (a) + at/)) | (20.6-1a) 
F[a)o™ "2 F[SY4((a/ —a?/) 440 (a/9 — a2!) (20.6-1b) 
Fla] (3%4)  n/4 F[s94( (a = aris) oe (atv) = a(s/4))) (20.6-1c) 


Now we have expressed the length-N = 2" FFT as one length-N/2 and two length-N/4 FFTs. A nice 
feature is that the operation count of the split-radix FFT is actually lower than that of the radix-4 FFT. 
Using the introduced notation it is almost trivial to write down the DIT version of the algorithm: The 
radix-4 decimation in time (DIT) step for the split-radix FFT is 


Flal (0/2) nf? (F [a] zi S¥2F[ a(t%)]) (20.6-2a) 
Flare nA (F[ao™ | = S?/4F[ a(2%4) |) + ig Sil/4 (Flat) ] _ S24 Z| g(2%) l) (20.6-2b) 
Fal nA (F[ao™ ] = S?/4F[ al) ) ~iggl4 (F [at] _ S24 F[ 8%) }) (20.6-2c) 


Pseudo code for the split-radix DIF algorithm: 
procedure fft_splitradix_dif(x[], y[], ldn, is) 
{ 


n := 2**1ldn 

if n<=1 return 
n2 := 2+*n 

for k:=1 to ldn 


a:=jr*e 

cc1 := cos(a) 

ssi := sin(a) 

cc3 := cos(3*a) // == 4*cc1*(cc1*cc1-0.75) 

ss3 := sin(3*a) // == 4*ssi*(0.75-ss1i*ss1) 

ix := 

id := 2*n2 

while ix<n-1i 

{ = 

while i0 <n 

ii :=i0+ n4 
12 := iil + n4 
13 := 12+ n4 
{x[i0], ri} := {x[i0] + x[i2], x[i0] - x[i2]} 
{x[i1], r2} := {x[il] + x[i3], x[i1] - x[i3]} 
{y[i0], si} := {yf[io] + yli2], ylio] - yli2]} 
{y[i1], s2} := {ylit] + yli3], ylit] - yli3]} 


fri, s3} := {rit+s2, ri-s2} 
{r2, s2} := {r2+s1, r2-si} 


// complex mult: (x[i2],y[i2]) := -(s2,r1) * (ssi,ccl) 


x[i2] := ricci - s2*ssi 
yli2] := -s2*cc1 - ri*sst 
// complex mult: (y[i3],x[i3]) := (r2,s3) * (cc3,ss3) 
x[i3] := s3*cc3 + r2*ss3 
yli3] := r2*cc3 - s3*ss3 


i0 := 10+ id 


[fxtbook draft of 2008-January-19] 


394 


} 


The C++ implementation given in [FXT: 


in [100] 


ix := 2* id-n2+ j 
id := 4% id 
} 
} 
ix :=1 
id :=4 


while ix<n 
for i0:=ix-1 to n-id step id 

if :=i0+1 
{x[i0], x[it]} : 
f{y[iol]l, ylit]} : 


ax 
id: 


2* id-1 
4* id 
} 


revbin_permute(x[] ,n) 
revbin_permute(y[] ,n) 


if is>0 
for j:=1 to n/2-1 


swap(x[j], x{[n-j]) 


for j:=1 to n/2-1 


swap(y[j], y[n-j]) 


{x[i0]+x[ii], x[i0]-x[ii]} 
f{y[i0]+y(i1], ylio]-y[i1]} 


Chapter 20: The Fourier transform 


fftsplitradix.cc) uses a DIF core as above which was given 


. The C++ type complex version of the split-radix FFT given in [FXT: |fft/cfftsplitradix.cc) uses 


a DIF or DIT core, depending on the sign of the transform. Here we just give the DIF’ version: 


void 

split_radix_dif_fft_core(Complex *f, ulong 1dn) 
// Split-radix decimation in frequency (DIF) FFT. 
// 1dn := base-2 logarithm of the array length. 
// Fixed isign = +1 

// Output data is in revbin_permuted order. 


{ 


if ( ldn==0 ) return; 
const ulong n = (1UL<<1dn) ; 


double s2pi = 2.0*M_PI; // pi*2*isign 
ulong n2 = 2*n; 
for (ulong k=1; k<ldn; k++) 
{ 
n2 >>= 1; // == n>>(k-1) == n, n/2, n/4, 
const ulong n4 = n2 >> 2; // == n/4, n/8, 
const double e = s2pi / n2; 
{ // j==0: 
const ulong j = 0; 
ulong ix = j; 
ulong id = (n2<<1); 
while ( ix<n ) 


for (ulong i0=ix; iO<n; i0+=id) 


ulong ii = i0 + n4; 
ulong i2 = ii + n4; 
ulong i3 = i2 + n4; 


Complex tO, t1; 
sumdiff3(f£[i0], £[i2], t0); 
sumdiff3(f[ii], £[13], t1); 


// t1 *= Complex(0O, 1); // +isign 
ti = Complex(-tl.imag(), ti.real()); 


sumdiff(t0, t1); 


[fxtbook draft of 2008-January-19] 


20.7: Symmetries of the Fourier transform 395 


£[i2] = tO; // * Complex(cci1, ss1); 
£[i3] = t1; // * Complex(cc3, ss3); 
} 
ix = (id<<1) - n2 + j; 
id <<= 2; 


} 
} 


for (ulong j=1; j<n4; j++) 
{ 


double a = j * e; 

double cci,ssi, cc3,ss3; 
SinCos(a, &ssi, &cc1); 
SinCos(3.0*a, &ss3, &cc3); 
ulong ix = j; 
ulong id = (n2<<1); 
while ( ix<n ) 


for (ulong i0=ix; i0<n; i0+=id) 


ulong i1 = i0 + n4; 
ulong i2 = ii + n4; 
ulong i3 = i2 + n4; 


Complex tO, t1; 
sumdiff3(f£[i0], £[i2], t0); 
sumdiff3(f[ii], £[13], t1); 


t1 = Complex(-t1l.imag(), ti.real(Q)); 


sumdiff(t0, t1); 
£[i2] = tO * Complex(cci, ss1); 
£[i3] = t1 * Complex(cc3, ss3); 


} 
ix = (id<<1) - n2 + j; 
id <<= 2; 


} 
} 
} 


for (ulong ix=0, id=4; ix<n; id*=4) 


for (ulong i0=ix; iO<n; i0+=id) sumdiff(f[i0], f[i0+1]); 
ix = 2*(id-1); 


} 


The function sumdiff3() is defined in [FXT: |aux0/sumdiff.h|: 


template <typename Type> 

static inline void sumdiff3(Type &a, Type b, Type &d) 

// fa, b, d} <--| fatb, b, a-b} (used in split-radix fft) 
{ d=a-b; at=b; } 


20.7 Symmetries of the Fourier transform 


A bit of notation again. Let @ be the length-n sequence a reversed around the element with index 0: 


ao ‘= ao (20.7-1a) 
Gnja = Ono if n even (20.7-1b) 
Qk i= GAn—-k = G_k (20.7-1c) 


That is, we consider the indices modulo n and @ is the sequence a with negated indices. Element zero 
stays in its place and for even n there is also an element with index n/2 that stays in place. 

Example one, length-4: a := [0,1,2,3] then @= [0,3,2,1] (zero and two stay). 

Example two, length-5: a := [0,1,2,3,4] then @ = [0,4,3, 2,1] (only zero stays). 


[fxtbook draft of 2008-January-19] 


396 Chapter 20: The Fourier transform 


Let ag and a, denote the symmetric and antisymmetric part of the sequence a, respectively: 


1 
ag = 5 (a+@) (20.7-2a) 
1 
aA = 5 (a —@) (20.7-2b) 
The elements with index 0 (and n/2 for even n) a4 are zero. One has 
a= agta@a, (20.7-3a) 
@ = ag—aa (20.7-3b) 


Let c+id be the FT of the sequence a+ib. Then 


F\ (as +aa)+i(bst+ba)] = (es tea) +i(ds+da) where (20.7-4a) 
Flas| = eg € R (20.7-4b) 

Flaa] = id, e€iR (20.7-4c) 

Flibs] = ids €iR (20.7-4d) 

Fliba] = ca € R (20.7-4e) 


Where we write a € R as a short form for a purely real sequence a. Equivalently, write a € 7R for purely 
imaginary sequences. Thereby the FT of a complex symmetric or antisymmetric sequence is symmetric 
or antisymmetric, respectively: 


Flas +4 bs | => i695 sr ids (20.7-5a) 
Flaatiba] = catida (20.7-5b) 


The real and imaginary part of the transform of a symmetric sequence correspond to the real and 
imaginary part of the original sequence. With an antisymmetric sequence the transform of the real 
and imaginary part correspond to the imaginary and real part of the original sequence. 


Fl(astaa)] = eg t+ida (20.7-6a) 
Fli(bs+ba)] = catids (20.7-6b) 
Now let the sequence a be purely real. Then 
Flas] = +Flas|] e R (20.7-7a) 
Flaa] = —Flaa] eiR (20.7-7b) 


That is, the FT of a real symmetric sequence is real and symmetric and the FT of a real antisymmetric 
sequence is purely imaginary and antisymmetric. Thereby the FT of a general real sequence is the 
complex conjugate of its reversed: 


Fla) = Fa for aéR (20.7-8) 


Similarly, for a purely imaginary sequence b € iR: 


Flos] = +F[bs| eiR (20.7-9a) 
Flba] = —-Flba] e R (20.7-9b) 


We compare the results of the Fourier transform and its inverse (the transform with negated sign 7) by 
symbolically writing the transforms as a complex multiplication with the trigonometric term (using C 
for cosine, S' for sine): 


Flatib] : (at+ib)(C+iS) = (aC—bS)+i(bC+aS) (20.7-10a) 
F'lat+ib] : (at+ib)(C-iS) = (aC +bS)+i(bC —aS) (20.7-10b) 


I 


[fxtbook draft of 2008-January-19] 


20.8: Inverse FFT for free 397 


The terms on the right side can be identified with those in relation |20.7-4a} We see that changing the 
sign of the transform leads to a result where the components due to the antisymmetric components of 
the input are negated. 


Now write F for the Fourier operator, and R for the reversal. We have F+ = id, F? = F—!, and F? = R. 
Thereby the inverse transform can be computed as either 


PO = RF SFR (20.7-11) 


20.8 Inverse FFT for free 


Some FFT implementations are hardcoded for a fixed sign of the transform. If one cannot easily modify 
the implementation into the transform with the other sign (the inverse transform), then how can one 
compute the inverse FFT? 


If the implementation uses separate arrays for real and imaginary part of the complex sequences to be 
transformed, as in 


procedure my_fft(ar[], ail], ldn) // only for is==+1 ! 
// real ar[O..2**ldn-1] input, result, real part 
// real ai[0..2**ldn-1] input, result, imaginary part 
{ 
// incredibly complicated code 
// that you cannot see how to modify 
// for is==-1 
then do a follows: with the forward transform being 
my_fft(ar[], ail], ldn) // forward FFT 
compute the inverse transform as 


my_fft(ail], arf], ldn) // backward FFT 
Note the swapped real and imaginary parts! The same trick works for a procedure coded for fixed is= —1. 
To see why this works, we first note that 


Flat+ibd] Flas|+ioFlaa4]+iF [bs] +oF[ba] (20.8-1a) 


= Flag] +iF[bs]+io (Flaa] -—iF[b4]) (20.8-1b) 


and the computation with swapped real- and imaginary parts gives 
Flbtia] = Flbs]+iFlas]+io (F[ba] —iF[a,]) (20.8-2a) 
. but the real and imaginary parts are implicitly swapped at the end of the computation, giving 


Flag|+iF [bs] —io (Flaa]—-iF[ba]) = Fo*[a+id] (20.8-2b) 


When a complex type is used then the best way to achieve the inverse transform may be to reverse the 
sequence according to the symmetry of the FT according to relation|20.7-11} the transform with negated 


sign can be computed by reversing the order of the result (use [FXT: reverse_0() in . 


The reversal can also happen with the input data before the transform, which is advantageous if the 


data has to be copied anyway (use [FXT: copy_reverse_0() injauxl/copy.h ). While not really ‘free’ the 
additional work will usually not matter. 


A mechanical way to obtain a routine for the inverse FFT from a given FFT routine for length n is to 
replace all reads and writes at nonzero array indices 7 by the operations at indices n — 7. 


[fxtbook draft of 2008-January-19] 


398 Chapter 20: The Fourier transform 


20.9 Real valued Fourier transforms 


The Fourier transform of a purely real sequence c = F[a] where a € R has a symmetric real part 
(Rec = Rec, relation and an antisymmetric imaginary part (Jm¢ = —Jmc). The symmetric 
and antisymmetric part of the original sequence correspond to the symmetric (and purely real) and 
antisymmetric (and purely imaginary) part of the transform, respectively: 


Fla] = Flas] +ioFla,] (20.9-1) 


Simply using a complex FFT for real input is basically a waste by a factor 2 of memory and CPU cycles. 
There are several ways out: 


e wrapper routines for complex FFTs (section |20.9.3]on the facing page) 

e usage of the fast Hartley transform (section on page 

e special versions of the split-radix algorithm (section |20.9.4]on page [401) 
All techniques have in common that they store only half of the complex result to avoid the redundancy 
due to the symmetries of a complex FT of purely real input. The result of a real to (half-) complex FT 
(abbreviated R2CFT) contains the purely real components co (the ‘DC-part’ of the input signal) and, 


in case n is even, C,/2 (the Nyquist frequency part). The inverse procedure, the (half-) complex to real 
transform (abbreviated C2RFT) must be compatible to the ordering of the R2CFT. 


20.9.1 Sign of the transforms 


The sign of the transform can be chosen arbitrarily to be either +1 or —1. Note that transform with the 
‘other sign’ is not the inverse transform. The R2CFT and its inverse C2RFT must use the same sign. 

Some R2CFT and C2RFT implementations are hardcoded for a fixed sign. In order to obtain the 
R2CFT with the other sign the trick (in the spirit of section [20.8} is to negate the imaginary part after 


the transform. This of course is not much of a trick at all. In case one has to copy the data anyway 
before the transform one can exploit the relation 


Fla] = Flas] —ioFla,] (20.9-2) 


That is, copy the real data in reversed order to get the transform with the other sign. This technique 
does not involve an extra pass and should be virtually for free. 


For the complex-to-real FT's (C2RFT) one has to negate the imaginary part before the transform in order 
to obtain the inverse transform for the other sign. 


20.9.2 Data ordering 


Let c be the Fourier transform of the purely real sequence, it is stored in the array a[]. The procedures 
presented in what follows use one of the following schemes for storing the transformed sequence. 


[fxtbook draft of 2008-January-19] 


20.9: Real valued Fourier transforms 399 


A scheme that interleaves real and imaginary parts (‘complex ordering’) is 


al(O] = Reco (20.9-3) 
a = Re Cn /2 
al2} = Rec, 
al3]} = Bmc, 
al4) = Reco 
alf5] = 3Jmco 
aln— 2] = Recnso-1 
afn—1] = Jmeqso-1 


Note the absence of the elements Jmco and Jmc,,/2 which are always zero. 


Some routines store the real parts in the lower half, and imaginary parts in upper half. The data in the 
lower half will always be ordered as follows: 


a[0] = Reco (20.9-4) 
a(i = Re Ci 
a2 = Re C2 

a[n/2]} = Recyje 


For the imaginary part of the result there are two schemes: 
Scheme 1 (‘parallel ordering’) is 


a[n/2+1) = JImcy (20.9-5) 
a[n/2+2] = Jmco 
a[n/2+3) = Jmcs 
a(n — al = IM Cy /2-1 
Scheme 2 (‘antiparallel ordering’) is 
a[n/2+1]) = Jmen/o-1 (20.9-6) 
a[n/2+2] = Jme,/2~-2 
a(n/2 +3 = IM Cy /2~3 
ajn— 1] = Jmcy 


20.9.3 Real valued FT via wrapper routines 


A simple way to use a complex length-n/2 FFT for a real length-n FFT (n even) is to use some post- 
and preprocessing routines. For a real sequence a one feeds the (half length) complex sequence f = 
aleve) 4 4 q(44) into a complex FFT. Some post-processing is necessary. This is not the most elegant 
real FFT available, but it is directly usable to turn complex FFTs of any (even) length into a real-valued 
FFT. 


[fxtbook draft of 2008-January-19] 


400 Chapter 20: The Fourier transform 


A C++ implementation of the real to complex FFT (R2CFT) is given in [FXT: lrealfft/realfftwrap.cc], 


the sign of the transform is hardcoded to o = +1: 


void 
wrap_real_complex_fft(double *f, ulong 1dn) 
// Real to complex FFT (R2CFT) 


if ( ldn==0 ) return; 

fht_fft((Complex *)f, ldn-1, +1); // cast 
const ulong n = 1UL<<ldn; 

const ulong nh = n/2, n4 = n/4; 

const double phiO = M_PI / nh; 

for(ulong i=1; i<n4; i++) 


ulong it = 2 * i; // re low [2, 4, ..., n/2-2] 
ulong i2 = i1 + 1; // im low [3, 5, ..., n/2-1] 
ulong i383 =n- il; // re hi [n-2, n-4, ..., n/2+2] 
ulong i4 = i3 +1; // imhi [m-1, n-3, ..., n/2+3] 


double fir, f2i; 

sumdiff05(f£[i3], f[ii], fir, £2i); 
double f2r, fii; 

sumdiff05(f£[i2], £[14], f2r, f1i); 
double c, s; 

double phi = i*phi0; 

SinCos(phi, &s, &c); 

double tr, ti; 

cmult(c, s, f2r, £2i, tr, ti); 


// £[i1] = fir + tr; // re low 
iy f [13] = fir- tr; // re hi 


sumdiff(fir, tr, f[ii], £[13]); 


// [14] = is * (ti + f1i); // im hi 
Hy f[i2] = is * (ti - £11); // im low 


sumdiff( ti, f1i, f[i4], £#[i2]); 


} 
sumdiff(f[0], £[1]); 


The output is ordered according to relations |20.9-3] on the previous page. The same ordering must be 
used for the input for the inverse routine, the complex to real FFT (C2RFT). Again the sign of the 
transform is hardcoded to o = +1: 

void 

wrap_complex_real_fft(double *f, ulong ldn) 

// Complex to real FFT (C2RFT). 


if ( ldn==0 ) return; 

const ulong n = 1UL<<ldn; 

const ulong nh = n/2, n4 = n/4; 
const double phiO = -M_PI / nh; 
for(ulong i=1; i<n4; i++) 


ulong i1 = 2 * i; // re low [2, 4, ..., n/2-2] 
ulong i2 = iif + 1; // im low [3, 5, ..., n/2-1] 
ulong i3 =n- il; // re hi [n-2, n-4, ., n/2+2] 
ulong i4 = i3 +1; // imhi [m-1, n-3, ..., n/2+3] 


double fir, f2i; 
// double fir 
// double f£2i 


f£[ii] + £[13]; // re symm 
f£[ii] - £113]; // re asymm 


// == 
sumdiff(f[i1], £[i3], fir, £2i); 


double f2r, fii; 
// double f2r 
// double fli 


-#[i2] - [44]; // im symm 
£[i2] - £[i4]; // im asymm 


// == 
sumdiff(-f[i4], £[i12], f1i, f2r); 


[fxtbook draft of 2008-January-19] 


20.9: Real valued Fourier transforms 401 


double c, s; 

double phi = i*phi0; 
SinCos(phi, &s, &c); 

double tr, ti; 

cmult(c, s, f2r, £2i, tr, ti); 


// £[i1] = fir + tr; // re low 
yi f [13] fir - tr; // re hi 
sundiee (fir, tx, £f4i); £1431); 


// £[i2] = ti - f1i; // im low 
i ti+ f1i; // im hi 


// == 

sumdiff(ti, fii, f[i4], £#[i2]); 
} 
sumdiff(f[0], £[1]); 
if ( nh>=2 ) { f[nh] *= 2.0; f[nht+i] *= 2.0; } 


fht_fft((Complex *)f, ldn-1, -1); // cast 


20.9.4 Real valued split-radix Fourier transforms 


We give pseudo code for the split-radix real to complex FFT and its inverse. The C++ implementations 


are given in [FXT: |realfft /realfftsplitradix.cc|. The code given here follows [IOI], see also [219] (erratum 


for page 859 of [219]: at the start of the DO 32 loop replace assignments by CC1=COS(A), SS1=SIN(A), 
CC3=COS(A3), SS3=SIN(A3)). 


Recall that the following pseudo code 
{a,b} :={c, da} 

is a parallel assignment. For example, 
{x0O, x1} := {xO+x1, x0-xi } 


would translate to the C code 


double s = x0 + xi, d= x0 - x1; 
xO = s; xl =d; 


Use the function [FXT: sumdiff() in|aux0/sumdiff.h] for the translation of the parallel assignments. 


20.9.5 Real to complex split-radix FFT 


Pseudo code for the split-radix R2CFT algorithm, the sign of the transform is hardcoded to ¢o = —1. 


procedure r2cft_splitradix_dit(x[], 1dn) 
{ 
n := 2**ldn 
revbin_permute(x[], n); 
1x 
id : 
do 
{ 


ii :=i0+1 
{x[io0], xfit 
i 


J} 6:= {x[i0]+x[ii], x[i0]-x[i1]} 
0 := 10 + id 


2*id-1 
4* id 


while ix<n 


n2 :=2 
nn := n/4 
while nn!=0 


ix :=0 


[fxtbook draft of 2008-January-19] 


402 


“Niowua 


2*n2 
2*n2 
n2/4 
n2/8 
/ ix loop 


i0 := ix 
while i0<n 


Chapter 20: The Fourier transform 


il: 
12°: 
13: 
14: 
{ti, x[i4]} := {x[i4]+x[i3], x[i4]-x[i3]} 
{x{i1], x[i3]} := {x[ii]+ti, x[ii]-ti} 
if n4!=1 
{ 
ii := ii + ng 
12 := 12 + ng 
13 := 13 + ng 
14 := 14 + ng 
t1 := (x[i3]+x[i4]) * sqrt(1/2) 
t2 := (x[i3]-x[i4]) * sqrt(1/2) 
{x[i4], xf{i3]} := {x[i2]-t1, -x[i2]-t1i} 
{x[i1], xf{i2]} := {x[ii]+t2, x[i1]-t2} 
} 
i0 := i0+ id 
ix := 2*id - n2 
id := 2*id 
while ix<n 
e := 2.0*PI/n2 
a:=e 
for j:=2 to ns 
{ 
cc1 := cos(a) 
ssi := sin(a) 
cc3 := cos(3*a) // == 4*cc1*(ccl*cc1-0.75) 
ss3 := sin(3*a) // == 4*ssi*(0.75-ss1i*ss1) 
a i= j*e 
ix :=Q 
id := 2*n2 
do // ix-loop 
m 2 
i0 := ix 
while i0<n 
i1 :=i0+ 5-1 
12 := i1+n4 
13 := 12 + n4 
14 :=i3 + n4 
15 :=10+n4-j+1 
i6 :=i5 + n4 
17 := 16 + n4 
18 := i7 + n4 
// complex mult: (t2,t1) := (x[i7],x[i3]) * (ccl,ss1) 
ti := x[i3]*cci + x[i7]*ss1 
t2 := x[i7]*cci - x[i3]*ss1 
// complex mult: (t4,t3) := (x[i8],x[i4]) * (cc3,ss3) 
t3 := x[i4]*cc3 + x[i8]*ss3 
t4 := x[i8]*cc3 - x[i4]*ss3 
tS i= tl +t 
t6 :=t2+t 
t3 := ti - t3 
t4 :=t2 - t4 
{t2, x[i3]} := {t6+x[ié6], t6-x[i6]} 
x[i8] := t2 
{t2, x[i7]} := {x[i2]-t3, -x[i2]-t3} 
x[i4] := t2 
{t1, x[i6]} := {x[i1]+t5, x[ii]-t5} 
x[ii] := t1 
{t1, x[i5]} := {x[i5]+t4, x[i5]-t4} 
x[i2] := t1 
i0 := i0+ id 


[fxtbook draft of 2008-January-19] 


20.9: Real valued Fourier transforms 403 


ix: 
id: 


2*id - n2 
2*id 


while ix<n 
mn := nn/2 
} 


The ordering of the output is given as relations |20.9-4] on page [399] for the real part, and relation |20.9-6 
for the imaginary part. 


20.9.6 Complex to real split-radix FFT 


The following routine is the inverse of r2cft_splitradix_dit(). The imaginary part of the input data 
must be ordered according to relation|20.9-6]on page We give pseudo code for the split-radix C2RFT 
algorithm, the sign of the transform is hardcoded to o = —1: 


procedure c2rft_splitradix_dif(x[], ldn) 


{ 
n := 2**ldn 
n2 := n/2 
nn := n/4 
while nn!=0 
ix :=0 
id := n2 
n2 := n2/2 
n4 := n2/4 
n8 := n2/8 
do // ix loop 
: i0 := ix 
while i0<n 
it := i0 
i2 := ii + n4 
i =i12 + n4 
i = 13 + n4 
{x[il], t1} := {x[i1t]+x[i3], x[i1]-x[i3]} 
x(i2] := 2*x[i2] 
x[i4] := 2*x[i4] 
{x[i3], x[i4]} := {ti+x[i4], ti-x[i4]} 
if n4!=1 
{ 
it := il + n8 
i2 := 12 + n8 
13 := 13 + n8 
14 := 14 + ng 
{x[il], t1} := {x[i2]+x[i1], x[i2]-x[i1]} 
{t2, x[i2]} := {x[i4]+x[i3], x[i4]-x[i3]} 
x[i3] := -sqrt(2)*(t2+t1) 
x[i4] := sqrt(2)*(t1-t2) 
} 


i0 := 10 + id 


ix := 2*id - n2 
id := 2*id 
while ix<n 
e := 2.0*PI/n2 
a:=e 
for j:=2 to ngs 
{ 
cc1 := cos(a) 
ssi := sin(a) 
cc3 := cos(3*a) // == 4*cc1i*(cc1*cc1-0.75) 
ss3 := sin(3*a) // == 4*ssi*(0.75-ssi*ss1) 
a i= j*e 
ix :=Q 
id := 2*n2 


do // ix-loop 


[fxtbook draft of 2008-January-19] 


404 Chapter 20: The Fourier transform 


£ 3 

i0 := 

while i0<n 
it :=i0+j-1 
i2 :=i1 + n4 
13 := 12+ n4 
14 := 13 + n4 : 
15 :=10+n4-j+1 
i6 :=i5 + n4 
17 := 16 + n4 
18 := i7 + n4 
{x[i1], ti} := {x[ii]+x[i6], x[i1]-x[i6]} 
{x[i5], t2} := {x[i5]+x[i2], x[i5]-x[i2]} 
{t3, x[i6]} := {x[i8]+x[i3], x[i8]-x[i3]} 
{t4, x[i2]} := {x[i4]+x[i7], x[i4]-x[i7]} 
{ti1, t5} {t1+t4, t1-t4} 


{t2, t4} := {t2+t3, t2-t3} 


// complex mult: (x[i7],x[i3]) := (t5,t4) * (ssi,ccl) 
x[i3] := t5*cci + t4*ssi 
x[i7] := -t4*cci + t5*ssi 


// complex mult: (x[i4],x[i8]) := (t1,t2) ¥* (cc3,ss3) 
x[i4] := ti*cc3 - t2*ss3 
x[i8] := t2*cc3 + ti*ss3 


i0 := 10+ id 


ix := 2*id - n2 
id := 2*id 
} 
while ix<n 
} 
mn := nn/2 
} 
ix := 1; 
id := 4; 
do 
{ 


i0 := ix-1 

a i0<n 
il :=i0+1 
{x[i0], xf{i1J]} := {x[i0]+x[i1i], x[i0]-x[i1]} 
i0 := i0+ id 


ix 
id 


2*id-1 
4* id 


while ix<n 


revbin_permute(x[], n); 


20.10 Multidimensional Fourier transforms 


20.10.11 Definition 


Let aay (v = 0,1,2,...,C —1 and y = 0,1,2,...,R—1) be a 2-dimensional array. That is, a Rx C 
‘matrix’ of R rows (of length C) and C' columns (of length R). Its 2-dimensional Fourier transform is 
defined by: 


(20.10-1a) 


1 . 
Chh (= —= Gey gt@k/Ctyh/R) where z= e727! (20.10-1b) 


[fxtbook draft of 2008-January-19] 


20.10: Multidimensional Fourier transforms 405 


where k € {0,1,2,...,C —1}, h € {0,1,2,...,R—1}, andn=R-C. The inverse transform is 


e = #-1/¢) (20.10-2a) 
, Coke 
Ory = aes (20.10-2b) 
vn k=0 h=0 
For a m-dimensional array ag (where % = (21, %2,%3,...,U%m) and x; € 0,1,2,...,5;) the m-dimensional 


Fourier transform cz (where k= (k1, ka, kg,...,km) and kj € 0,1,2,...,.5;) is defined as 
S,-1S2-1 


1 
cg = Ti S- baer ss As (21 ki /S1 + Lo ke/So+.. -+ Lm km /Sm ) (20.10-3a) 


Oe =0 r2= 0 Lm=O0 


The inverse transform is, like in the 1-dimensional case, the complex conjugate transform. 


20.10.2 The row-column algorithm 


The equation of the definition of the two dimensional FT (relation }20.10-la|on the facing page) can be 
recast as 


R-1 C-1 
Ck exp (yh/R) > tee exp («k/C) (20.10-4) 
Vite, x=0 


which shows that the 2-dimensional FT can be obtained by first applying 1-dimensional transforms on 
the rows and then applying 1-dimensional transforms on the columns. The same result is obtained when 
the columns are transformed first and then the rows. 


This leads us directly to the row-column algorithm for 2-dimensional FFTs. Pseudo code to compute the 
two dimensional FT of al] [] using the row-column method: 


procedure rowcol_ft(al][], R, C, is) 
{ 
complex a[R][C] // R (length-C) rows, C (length-R) columns 
for r:=0 to R-1 // FFT rows 
fft(altr][], C, is) 


complex t[R] // scratch array for columns 
a c:=0 to C-1 // FFT columns 


copy a[0,1,...,R-1][c] to t[] // get column 
fft(t{], R, is) 
copy t[] to a[0,1,...,R-1][c] // write back column 


} 


Here it is assumed that the rows lie in contiguous memory (as in the C language). The equivalent C++ 


code is given in [FXT: |fft/twodimfft.cc). 


Transposing the array before the column pass avoids the notorious problem with memory-cache and will 
do good for the performance in most cases. That is: 


procedure rowcol_fft2d(a[][], R, C, is) 


{ 
complex a[R][C] // R (length-C) rows, C (length-R) columns 


for r:=0 to R-1 // FFT rows 
fft(afr]0], C, is) 


transpose( a[R][C] ) // in-place 


for c:=0 to C-1 // FFT columns (which are rows now) 


[fxtbook draft of 2008-January-19] 


406 Chapter 20: The Fourier transform 


fft(al(c][], R, is) 


transpose( a[C][R] ) // transpose back (note swapped R,C) 


The transposing back at the end of the routine can be avoided if a back-transform will follow immediately 
as typical for convolution. The back-transform must then be called with R and C swapped. 


The generalization to higher dimensions is straightforward, C++ code is given in [FXT: fft/ndimfft.cc). 


20.11 The matrix Fourier algorithm (MFA) 


The matrix Fourier algorithm (MFA) is an algorithm for 1-dimensional FFTs that works for data lengths 
n = RC. It is quite similar to the row-column algorithm (relation [20.10-4] on the previous page) for 
2-dimensional FFTs. The only differences are n multiplications with trigonometric factors and a final 
matrix transposition. 


Consider the input array as a R x C-matrix (R rows, C' columns), the rows shall be contiguous in memory. 
Then the matrix Fourier algorithm (MFA) can be stated as follows: 


1. Apply a (length R) FFT on each column. 
2. Multiply each matrix element (index r,c) by exp(a2mirc/n) 
3. Apply a (length C) FFT on each row. 


4. Transpose the matrix. 


Note the elegance! A variant of the MFA is called four step FFT in [23]. A trivial modification is obtained 
if the steps are executed in reversed order. The transposed matrix Fourier algorithm (TMFA) for the 
FFT: 


1. Transpose the matrix. 

2. Apply a (length C) FFT on each row of the matrix. 

3. Multiply each matrix element (index r,c) by exp(a2m7irc/n). 
4. Apply a (length R) FFT on each column of the matrix. 


A variant of the MFA that, apart from the transpositions, accesses the memory only in consecutive 
address ranges can be stated as 


1. Transpose the matrix. 

. Apply a (length C) FFT on each row of the transposed matrix. 
. Multiply each matrix element (index r,c) by exp(o27irc/n). 

. Transpose the matrix back. 


. Apply a (length R) FFT on each row of the matrix. 


an oO F Ww Wd 


. Transpose the matrix (if the order of the transformed data matters). 


The ‘transposed’ version of this algorithm is identical. The performance will depend critically on the 
performance of the transposition routine. 


It is usually a good idea to use factors of the data length n that are close to \/n. Of course one can 
apply the same algorithm for the row (or column) FFTs again: it can be an improvement to split n into 
3 factors (as close to n‘/° as possible) if a length-n'/3 FFT fits completely into the cache. Especially for 
systems where CPU clock speed is much higher than memory clock speed the performance may increase 


[fxtbook draft of 2008-January-19] 


20.11: The matrix Fourier algorithm (MFA) 407 


drastically, a speedup by a factor of three (even when compared to otherwise very well optimized FFTs) 
can sometimes be observed. Another algorithm that is efficient with large arrays is the localized transform 
as described in section on page [497| for the Hartley transform. 


[fxtbook draft of 2008-January-19] 


408 Chapter 20: The Fourier transform 


[fxtbook draft of 2008-January-19] 


409 


Chapter 21 


Algorithms for fast convolution 


This chapter gives several FFT based algorithms for fast convolution. These are in practice the most 
important applications of the FFT. An efficient algorithm for the convolution of arrays that do not fit 
into the main memory (mass storage convolution) is given for both complex and real data. Further, 
weighted convolutions and their algorithms are introduced. 


We describe how fast convolution can be used for computing the z-transform of sequences of arbitrary 
length. Another convolution based algorithm for the Fourier transform of arrays of prime length, Rader’s 
algorithm, is described at the end of the chapter. 


Convolution algorithms based on the fast Hartley transform are described in section [24.7] The dyadic 
convolution, which is computed via the Walsh transform is treated in section 


21.1 Convolution 


The cyclic convolution (or circular convolution) of two length-n sequences a = [a0,4@1,.--,@n—1] and 
b = [bo, b1,...,bn—1] is defined as the length-n sequence h with elements h, as: 

h = a@b (21.1-1a) 

he = yy Gy by (21.1-1b) 


The last equation may be rewritten as 


n—1 


hp = S- ar Dig —ap) mod n (21.1-2) 
x=0 


That is, indices 7 — x wrap around, it is a cyclic convolution. A convenient way to illustrate the cyclic 
convolution of two sequences is shown in figure |21.1-A 


21.1.1 Direct computation 


A C++ implementation of the computation by definition is [FXT: slow_convolution() in 


tion/slowenvl.h|: 


template <typename Type> 
void slow_convolution(const Type *f, const Type *g, Type *h, ulong n) 
// (cyclic) convolution: hf] := ff) (*) gf 


[fxtbook draft of 2008-January-19] 


410 Chapter 21: Algorithms for fast convolution 


1 0 1 2 8 4 5 6 7 8 91011 12 13 14 15 
Q: Oo 1 2 8 4 5 6 7 8 91011 12 13 14 15 
132 12 3 4 5 6 7 8 9101112 131415 0O 
2: 2 3 4 5 6 7 8 9 10111213 1415 0 1 
3: 3 4 5 6 7 8 910 11121314 15 0 1 2 
4: 4 5 6 7 8 91011 12 13 14 15 0 1 2 8 
5: 5 6 7 8 9101112 131415 O 12 3 4 
6: 6 7 8 9 10111213 1415 0 1 2 3 4 5 
7: 7 8 910 11121314 15 0 1 2 3 4 5 6 
8: 8 91011 12 13 14 15 0 1 2 83 4 5 6 7 
9: 9101112 131415 0 12 3 4 5 6 7 8 
10: 10111213 1415 0 1 2 3 4 5 6 7 8 9 
141: 11121314 15 0 1 2 3 4 5 6 7 8 9 10 
12: 12 13 14 15 0 1 2 8 4 5 6 7 8 9 10 11 
13: 131415 0 123 4 5 6 7 8 9 10 i1 12 
14: 1415 0 1 2 3 4 5 6 7 8 9 10 11 12 13 
15: 15 0 1 2 3 4 5 6 7 8 910 11 12 13 14 

a 0 1 2 83 ~— (a) 

QO: 0) 1 2. 4 as 

1 1 3 5 <--= h[5] contains a[2]*b[1] 

2 4 8 9 <--= h[9] contains a[2]*b[2] 

(b): _< 


Figure 21.1-A: Semi-symbolic table of the cyclic convolution of two sequences (top). The entries denote 
where in the convolution the products of the input elements can be found (bottom). 


// n := array length 


{ 
for (ulong tau=0; tau<n; ++tau) 
{ 
Type s = 0.0; 
for (ulong k=0; k<n; ++k) 
ulong k2 = tau - k; 
if ( (long)k2<O ) k2 += n; // modulo n 
s += (£[k] *g[k2]); 
} 
h[tau] = s; 
} 
} 


The following version avoids the if statement in the inner loop: 


for (ulong tau=0; tau<n; +t+ttau) 


Type s = 0.0; 

ulong k = 0; 

for (ulong k2=tau; k<=tau; ++k, --k2) s += (f[k]*g[k2]); 

for (ulong k2=n-1; k<n; ++k, --k2) s += (f[k]*g[k2]); // wrapped around 
h[tau] = s; 


} 


For length-n sequences this procedure involves proportional n? operations, therefore it is slow for large 
values of n. For short lengths the algorithm is just fine. Unrolled routines will offer good performance, 
especially for convolutions of fixed length. For medium length convolutions the splitting schemes given 


in section on page and section on page are applicable. 


21.1.2 Computation via FFT 


The Fourier transform provides us with an efficient way to compute convolutions that only uses propor- 
tional n log(n) operations. The convolution property of the Fourier transform is 


Fla@t| = F/a|F[e| (21.1-3) 


[fxtbook draft of 2008-January-19] 


21.1: Convolution 411 


That is, convolution in original space is element-wise multiplication in Fourier space. The statement can 
be motivated as follows: 


Fler | bly = > ae ye (21.1-4a) 
« y 

— ‘> a,2°* > bp—2 z*(7-*) where y=T-2 (21.1-4b) 

= SON ae hee ee (= Ay br) er (21.1-4c) 


= (F13 o-t-]} = (F[a@b}), (21.1-4d) 


k 


Rewriting relation [21.1-3]on the preceding page as 
a®b = F [Fla] F[e]] (21.1-5) 


tells us how to proceed. We give pseudo code for the cyclic convolution of two complex valued sequences 
x[] and y[], result is returned in y[]: 


procedure fft_cyclic_convolution(x[], y[], n) 


complex x[0..n-1], y[0..n-1] 


// transform data: 

fft(xf], n, +1) 

fit(yf], n, +1) 

// convolution in transformed domain: 
for i:=0 to n-1 

yli] := yli] * x{i] 

} 
// transform back: 
fft(y0, n, -1) 


// normalize: 
ni := n 
for i:=0 to n-1 


yli] := yfi] * ni 
} 


It is assumed that the procedure fft () does no normalization. For the normalization loop we precompute 
1/n and multiply as divisions are usually much slower than multiplications. 


Relation |21.1-3] also holds for the more general z-transform (see section on page [422}. However, 
there is no (efficient) algorithm for the back-transform, so we cannot turn the relation 


Z[a@b] = Z[a] Z[b] (21.1-6) 


into a practical algorithm for convolution. 


21.1.3 Avoiding the revbin permutations 


One can save the revbin permutations by observing that any DIF FFT is of the form 


DIF_FFT_CORE(f, n); 
revbin_permute(f, n); 


and any DIT FFT is of the form 


revbin_permute(f, n); 
DIT_FFT_CORE(f, n); 


[fxtbook draft of 2008-January-19] 


412 Chapter 21: Algorithms for fast convolution 


Thereby a convolution routine that uses DIF FFTs for the forward transform and DIT FFTs as backward 
transform can omit the revbin permutations as demonstrated in the C++ implementation for the cyclic 
convolution of complex sequences [FXT: f£t_complex_convolution() in |convolution/fftcocnvl.cc): 

=1 

+1 


#define DIT_FFT_CORE fft_dit4_core_m1 // isign 

#define DIF_FFT_CORE fft_dif4_core_p1 // isign 

void 

fft_complex_convolution(Complex * restrict f, Complex * restrict g, 
ulong ldn, double v/*=0.0*/) 

// (complex, cyclic) convolution: gf] := ff) (*) gf 

// (use zero padded data for usual convolution) 

// 1dn := base-2 logarithm of the array length 

// Supply a value for v for a normalization factor != 1/n 


const ulong n = (1UL<<ldn) ; 


DIF_FFT_CORE(f, 1ldn); 

DIF_FFT_CORE(g, 1dn); 

if ( v==0.0 ) v = 1.0/n; 

for (ulong i=0; i<n; ++i) 

{ 
Complex t = gli] * f[il; 
gli] =t * v; 

} 

DIT_FFT_CORE(g, 1dn); 

} 


The signs of the two FFTs must be different but are else immaterial. 


The so-called auto convolution (or self convolution) of a sequence is defined as the convolution of a 
sequence with itself: h = a@a. The corresponding procedure needs only two instead of three FFTs. 


21.1.4 Linear (acyclic) convolution 
In the definition of the cyclic convolution (relations |21.1-la| and |21.1-1b) one can distinguish between 


those summands where the x + y ‘wrapped around’ (i.e. x+y =n+T) and those where simply «+ y = Tr 
holds. These are (following the notation in [90]) denoted by h( and h respectively. We have 


h = hO+n — where (21.1-7a) 

AO = ae (21.1-7b) 
B<T 

POPs Ste brine (21.1-7c) 
L>T 


There is a simple way to separate h© and h) as the left and right half of a length-2n sequence. This 
is just what the linear convolution (or acyclic convolution) does: Acyclic convolution of two (length-n) 
sequences a and 6 can be defined as that length-2 n sequence h which is the cyclic convolution of the zero 
padded sequences A and B: 


A :=  [d0,@1,4@2,...,@n—1,0,0,...,0] (21.1-8) 


Same for B. Then the linear convolution is defined as 


h = a@tinb (21.1-9a) 
2n-1 

ie = Apia FSO 2. cen (21.1-9b) 
x=0 


As an illustration consider the convolution of the sequence [1,1,1,1] with itself: its linear self convolution 
is the length-8 sequence [ho][hi] = [1, 2,3, 4][3, 2, 1,0], its cyclic self convolution is [ho + hi] = [4,4, 4, 4]. 


[fxtbook draft of 2008-January-19] 


21.1: Convolution 413 


1 012 3 4 5 6 7 8 910 11 12 13 14 15 
0: 012 3 4 5 6 7 8 910 11 12 13 14 15 
13 123 4 5 6 7 8 9101112 13 14 15 16 
2: 23 45 6 7 8 9 1011 12 13 14 15 16 17 
3: 3 4 5 6 7 8 910 111213 14 15 16 17 18 
4: 4 5 6 7 8 91011 12131415 16 17 18 19 
5: 5 6 7 8 9101112 13 1415 16 17 18 19 20 
6: 6 7 8 9 10 111213 14 151617 18 19 20 21 
ie 7 8 910 111213 14 #15 16 17 18 19 20 21 22 
8: 8 9101411 12131415 16171819 20 22 

9: 9101112 13 1415 16 17 18 19 20 21 22 23 24 
10: 10111213 #14 151617 1819 20 21 22 23 24 25 
11: 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 
12: 12131415 1617 18 19 20 21 22 23 24 25 26 27 
13: 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 
14: 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 
15: 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 


Figure 21.1-B: Semi-symbolic table for the (length-31) linear convolution of two length-16 sequences. 


The semi-symbolic table for the acyclic convolution is given in figure |21.1-B} The elements in the lower 
right triangle do not ‘wrap around’ anymore, they go to extra buckets. Note there are 31 buckets labeled 
0...30. 


Linear convolution is polynomial multiplication: let A = ag +a, 2+agQ27+...,B=botbjatboa?+... 
and C=AB=cotqxr+onx?+... then 


ct = > aid; (21.1-10) 
itj=k 


Chapter 27] on page explains how fast convolution algorithms can be used for fast multiplication of 
multiprecision numbers. 


The direct (slow) algorithm can be modified to compute just h© or A [FXT: 


tion/slowenvlhalf.h): 


template <typename Type> 

void slow_half_convolution(const Type *f, const Type *g, Type *h, ulong n, int h01) 
// Half cyclic convolution. 

// Part determined by h01 which must be 0 or 1. 

// n := array length 


if ( O==h0O1 ) // compute h0: 


for (ulong tau=0; tau<n; ++tau) 


{ 
Type sO = 0.0; 
for (ulong k=0, k2=tau; k<=tau; ++k, --k2) sO += (f[k]*g[k2]); 
h[tau] = sO; 

} 


} 
else // compute hi (wrapped part): 
for (ulong tau=0; tau<n; ++tau) 
Type si = 0.0; 
for (ulong k2=n-1, k=taut1; k<n; ++k, --k2) si += (f[k]*g[k2]); 
h[tau] = si; 
} 


The cost is half of what it is for the linear convolution. With the FFT-based computation of the con- 
volution the parts h(® and h“ can be isolated using weighted convolution algorithms that are given in 
eoenon etalon page The cost is that of a linear convolution. No algorithm to compute just one of 
h© or h® that is significantly cheaper is known. 


[fxtbook draft of 2008-January-19] 


414 Chapter 21: Algorithms for fast convolution 


21.2 Correlation 


a 
oO 
= 
= 
NO 
oa 
Ww 
R 
ws 
= 
o1 


BB 
RR 
BRR 
BRR 
RPReRR 
Ee 


Be 
BRE PRE 


OOND ORWNY RPOUOR WNFO OO 
BREE BRE 


CONDOM PWHF OCOBRW NROO N 
BREE BRE 


NOOR WNFO O1BRWNY FOOD © 
RRR 


be 
OnRW NFOO BPWNHF OOON © 


BB 
BRE BREE 
ORBWN FPOOR WNFO OOND 
BRE BRE 
PWNF OOPW NFOWO ONO F&F 
BREE BR 
RRR 


WNHFO OBPWNHY FOOD Noo 
= = 
NDORPOW BWNRF COON OPW 


WHF OCOWOON OOBW NHFOW F 
BRE BREE 
FOUR WNFO OOND oPWdY 


BREE PRE 
OORW NRFOWO ONO PWNHR 


OBWN ROOD Nook WNRrO—+ 

ORWNY FOOD Nook WNFO O 
BRE 

WNFO OOND ORWNHY FPOTP ND 

NORPOWO ONOMN BPWNMF OCOOPW W 

FOOD Noo WHO OBWNH B 

COON OOBW NOM BWNHMF OF 


RPRER PR 
RPRERP BR 
BB 

us 

PRR 
Ree 

BRE 

i 


Figure 21.2-A: Semi-symbolic table for the (cyclic) correlation of two length-16 sequences. 


Ww 
us 
o 
(o>) 
~“ 
(ee) 
oO 
— 
Oo 
BR 
BR 
= 
NO 
Be 
Ww 
BR 
us 
= 
o1 


BWNMF OCOOON OoBW NMFOrF F 
Www 


WNFO OOND OFWNH FORO ND 
WWh 


NDORPOW ONDOO BWHF OCOFOWO W 


31 30 29 28 27 26 25 24 23 22 
31 30 29 28 27 26 25 24 


ORBWNY FPOWOOD Noo WNrO—+ 
be 


oRWN ROOD Noor WNRFO O 
w 
— 
WwW 
o 
N 
oO 
NO 
ioe) 
N 
~“N 
i) 
o>) 
N 
o 
WWN NNMNN NNNN NFREFE 
SOFPOW ONOO BPWHF DOON 


FOOD Nooe WNHRO 
ra 

COON OOABW NFO 
OOND ORWN FOF 
ONO PWN O 


BEER PR 
RPREER PR 
BREE 
PRR 

Bee 

Be 

Noo WNrO 


Figure 21.2-B: Semi-symbolic table for the linear (acyclic) correlation of two length-16 sequences. 


The cyclic correlation (or circular correlation) of two real length-n sequences a = [ao, @1,..-,@n—1] and 
b = [bo, b1,..-, 0n—1] is defined as the length-n sequence h with elements h, as: 
hp c= So ae by (21.2-1) 


x—y=T mod n 


The relation can be recast as 
n-1 
hp = S- Ar bir+-x) mod n (21.2-2) 
«z=0 


The semi-symbolic table for the (cyclic) correlation is shown in figure|21.2-A] For the computation of the 
linear (or acyclic) correlation the sequences have to be zero-padded as in the algorithm for the linear 
convolution. The semi-symbolic table is shown in figure |21.2-B 


The auto correlation (or self-correlation) is the correlation of a sequence with itself, the correlation of 
two distinct sequences is also called cross correlation. The term auto correlation function (ACF) is often 
used for the auto correlation sequence. 


[fxtbook draft of 2008-January-19] 


21.2: Correlation 


21.2.1 Direct computation 
A C++ implementation of the computation by the definition is [FXT: \correlation/slowcorr.h': 


template <typename Type> 

void slow_correlation(const Type *f, const Type *g, Type * restrict h, ulong n) 
// Cyclic correlation of f[], gl], both real-valued sequences. 

// n := array length 


{ 
for (ulong tau=0; tau<n; ++tau) 
Type s = 0.0; 
for (ulong k=0; k<n; ++k) 
ulong k2 = k + tau; 
if ( k2>=n ) k2 -=n; 
s t= (g[k] *f [k2]); 
} 
h[tau] = s; 
} 
} 


The if statement in the inner loop is avoided by the following version: 


for (ulong tau=0; tau<n; ++tau) 


Type s = 0.0; 

ulong k = 0; 

for (ulong k2=tau; k2<n; ++k, ++k2) s += (g[k]*f[k2]); 
for (ulong k2=0; k<n; ++k, ++k2) s t= (g[k]*f[k2]); 
h[tau] = s; 


} 
For the linear correlation one can avoid zero products: 


template <typename Type> 

void slow_correlationO(const Type *f, const Type *g, Type * restrict h, ulong n) 
// Linear correlation of f[], gl], both real-valued sequences. 

// n := array length 

// Version for zero padded data: 

//_ £(kl,g[k] == 0 for k=n/2 ... n-1 

// n must be >=2 


const ulong nh = n/2; 
for (ulong tau=0; tau<nh; t++tau) // k2 == tau + k 


Type s = 0; 
for (ulong k=0, k2=tau; k2<nh; ++k, ++k2) s += (f£[k]*g[k2]); 
h[tau] = s; 

for (ulong tau=nh; tau<n; t++tau) // k2 == tau+k-n 
Type s = 0; 
for (ulong k=n-tau, k2=0; k<nh; ++k, ++k2) s += (f[k]*g[k2]); 
h[tau] = s; 


} 


The algorithm involves proportional n? operations and is therefore slow with very long arrays. 


21.2.2 Computation via FFT 


A simple algorithm for fast correlation follows from the relation 


he = F [Fla] F[8)] 


415 


(21.2-3) 


That is, use a convolution algorithm with one of the input sequences reversed (indices negated modulo n). 
For purely real sequences the relation is equivalent to complex conjugation of one of the inner transforms: 


* 


be = F*[F La)" FLO] 


[fxtbook draft of 2008-January-19] 


(21.2-4) 


416 Chapter 21: Algorithms for fast convolution 


For the computation of self-correlation the latter relation is the only reasonable way to go: first transform 


the input sequence, then multiply each element by its complex conjugate and finally transform back. A 
C++ implementation is [FXT: correlation/fftcorr.cc): 

void 

fft_correlation(double *f, double *g, ulong 1dn) 

// Cyclic correlation of f[], gl], both real-valued sequences. 


// Result is written to g[]. 
// 1dn := base-2 logarithm of the array length 


{ 
const ulong n=(1UL<<ldn) ; 
const ulong nh=(n>>1) ; 
fht_real_complex_fft(f, ldn); // real, imag part in lower, upper half 
fht_real_complex_fft(g, ldn); 
const double v = 1.0/n; 
glO] *= f[0] * v; 
g(nh] *= f[nh] * v; 
for (ulong i=1,j=n-1; i<nh; ++i,--j) // real at index i, imag at index j 
cmult_n(f[i], -f[j], glil, glj], vw); 
} 
fht_complex_real_fft(g, ldn); 
} 


The function cmult_n() is defined in [FXT: |jaux0/cmult.h': 


static inline void 
cmult_n(double c, double s, double &u, double &v, double dn) 


// fu,v} <--| {dn*(u*c-v¥s), dn*(u*stv*c) } 
{ double t = u*stv*c; u *= c; wu -= v*¥s; u *= dn; v = t*dn; } 


We note that relation |21.2-4|also holds for complex sequences. 


21.2.3. Correlation and difference sets * 


The linear auto-correlation of a sequence that contains zeros and ones only (a delta sequence) is the set 
of mutual differences of the positions of the ones, including multiplicity. An example: 


[1, 1, 0, 1, 1, 0, 0, 0, 0, 0, 0] <--= delta array R 
(4, 2, 1, 2, 1, 0, 0, 1, 2, 1, 2] <--= linear auto correlation ACF 
0, 1, 2, 3, 4, 5,-5,-4,-3,-2,-1 <--= index 


Element zero of the ACF tells us that there are four elements in R (each element has difference zero to 
just itself). Element one tells us that there are two pairs of consecutive elements, it is identical to the 
last element (element minus one). There is just one pair of elements in R. whose indices differ by two 
(elements two and minus two of the ACF), and so on. Note that the ACF does not tell us where the 
elements with a certain difference are. 


The delta array with ones at the 7 positions 0, 3, 4, 12, 18, 23, and 25 has the ACF 


1, 1, 1, 1, 1, 0, 0, 1, 1, 1, 1, 1, 1, 0, 1, 0, (+symm.)] 


[7, 1 1 ; 
0, re 26, <--= index 


> 1 > 1 > > 1 > 1 > al > 1 > 1 > 0 
0, 1, 2;.3, 4; 5; 6; 7, 8,9; 1 
That is, a ruler of length 26 with marks only at the 7 given positions can be used to measure most of the 
distances up to 26 (the smallest missing distance is 10). Further, no distance appears more than once. 
Sequences with this property are called Golomb rulers and they are very hard to find. 


If we allow for two rulers then the set of mutual differences in positions is the cross correlation. For this 
setting analogues of Golomb rulers (that do not have any missing differences) can be found. We use dots 
for zeros: 


I gts lst eae ae Ws SU bei fei ace ak 0d. eh aaah anaes e A ase ele ed doeha mca oash. <-- 
oss correlation 


The rulers are binary representations of the evaluations F'(1/2) and F(1/4) of a curious function given 


in section [36.10.1}on page 


[fxtbook draft of 2008-January-19] 


21.3: Weighted Fourier transforms and convolutions 417 


21.3. Weighted Fourier transforms and convolutions 


21.3.1 The weighted Fourier transform 


We define a new kind of transform by slightly modifying the definition of the FT (formula |20.1-laj on 


page |375): 
c = W,[al (21.3-1a) 
n—1 
Ck I= Ls tip Oy 2?” Ug FO Va (21.3-1b) 
«2=0 
where z := e%27*/", The sequence c shall be called (discrete) weighted transform of the sequence a with 


the weight (sequence) v. Note the v, that entered: the weighted transform with v, = Sa Va is just the 
usual Fourier transform. The inverse transform is 


a = Wr'[e (21.3-2a) 
1 n—-1 
a, = che ?* (21.3-2b) 
NUx o—4 
This can be easily seen: 
1 n—-1In-1 
Wy! [We [a], = — > S- Ug Ay 2°* g—¥* (21.3-3a) 
i ere 
1 n—-1In-1 1 
= = S- S- je gee tg we (21.3-3b) 
ee, 
n—-1 
1 1 
= = SS Uz — Az Oxy = Ay (21.3-3c) 
ie xz=0 y 


Obviously all vz have to be invertible. That W, [W,' [a]] is also identity is apparent from the definitions. 


Given an FFT routine it is trivial to set up a weighted Fourier transform. Pseudo code for the discrete 
weighted Fourier transform: 


procedure weighted_ft(al[], v[], n, is) 
for x:=0 to n-1 


alx] := alx] * vix] 


fft(a[], n, is) 


The inverse is essentially identical. Pseudo code for the inverse discrete weighted Fourier transform: 
procedure inverse_weighted_ft(a[], v[], n, is) 


fft(al], n, -is) 
for x:=0 to n-1 


alx] := alx] / vI[x] 
} 


The C++ implementations are given in [FXT: fft/weightedfft.cc}. 


[fxtbook draft of 2008-January-19] 


418 Chapter 21: Algorithms for fast convolution 


21.3.2 Weighted convolution 


Define the weighted (cyclic) convolution hy by 
hy = G@y}b (21.3-4a) 
= W,'[W. [a] W™ [oJ] (21.3-4b) 
Then, for the special case vz = V”, one has 
hy = hO+V™AY (21.3-5) 


Here h) and h“) are defined as in relation |21.1-7a|on page It is not hard to see why this is: up to 
the final division by the weight sequence, the weighted convolution is just the cyclic convolution of the 
two weighted sequences, which is for the element with index 7 equal to 


Ss. GG”) = Set. 4+> ete (21.3-6) 


w+y=T modn be L>T 


Final division of this element (by V7) gives h() +V"h™ as stated. 


The cases when V” is some root of unity are particularly interesting: For V” = +i = +/—1 one obtains 
the so-called right-angle convolution: 


hy = 10) Ti nee) (21.3-7) 


This gives a nice possibility to directly use complex FFTs for the computation of a linear (acyclic) 
convolution of two real sequences: For length-n sequences the elements of the linear convolution with 


indices 0,1,...,2— 1 are the real part of the result, the elements n,n+1,...,2n—1 are the imaginary 
part. Choosing V" = —1 leads to the negacyclic convolution (or skew circular convolution): 
hy = AO —pO (21.3-8) 


Cyclic, negacyclic and right-angle convolution can be understood as polynomial products modulo the 
polynomials z” — 1, 2" +1 and z” +i, respectively (see [186]). 


C++ implementations of the weighted-, negacyclic- and right-angle (self) convolution are given in [FXT: 


convolution /weightedconv.cc]}. 


| 0 1 2 38 4 5 6 7 8 9 10 11 12 13 14 15 
0: 0 1 2 3 4 5 6 7 8 9 10 i141 12 13 14 15 
des 1 2 3 4 5 6 7 8 9 10 11 12 13 1 15 O- 
2: 2 3 4 #65 6 7 8 9 10 11 12 13 14 15 oO- i1- 
3: 3 4 5 6 7 8 9 10 11 12 13 14 1S (0= 1= 2- 
4: 4 5 6 7 8 9 10 11 12 13 14 15 = I= 2= 3- 
5: 5 6 7 8 9 10 11 12 13 14 15 O- t= 2- 3= 4- 
6: 6 7 8 9 10 41 #12 13 144 15 oO- 1- 2- 3- 4 5- 
ie 7 8 9 10 11 #12 13 14 15 O= d= 2- 8= 4= 5= 6- 
8: 8 9 10 i1 12 13 14 15 O= T= 2- B= 4 b= 6= f= 
9: 9 10 i1 12 13° 14 #15 O- t= 2= °8= 4= $= 6= 7%= 8= 
10: 10 11 12 13 14.415 jO- I= 2- 3- 4- 6 6- 7 8 9- 
Tt; 11 12 13 14 18 O- t= 2= g= 4.5 6 © 8= Y= 10- 
12 12 13 14 15 = d= 2- 8= 4— &= 6G= 7= 8= .9= 10= i= 
13: 13 14 15 O- T= 2= 3=- 4= 5 6= YY 8= 99> 10> 11= 12- 
14: 14°45. O= f= o2- B= 4— 5= 6= F= B= 9= 10- 11=— 12- 13- 
15: 15 O- i- 2- 3- 4- 5- 6- 7- 8- 9- 10- 11- 12- 13- 14- 


Figure 21.3-A: Semi-symbolic table for the negacyclic convolution. The products that enter with 
negative sign are indicated with a postfix minus at the corresponding entry. 


The semi-symbolic table for the negacyclic convolution is shown in figure With right-angle con- 
volution the minuses have to be replaced by i = /—1 which means the wrap-around (i.e. h“) elements 


[fxtbook draft of 2008-January-19] 


21.4: Convolution using the MFA 419 


go to the imaginary part. With real input one thereby effectively separates h©) and h@. Thereby the 
linear convolution of real sequences can be computed using the complex right-angle convolution. 


With routines for both cyclic and negacyclic convolution the parts h©) and h“ can be computed as sum 
and difference, respectively. Thereby all expressions of the form ah + 6h) where a, € C can be 
computed. 


The direct (slow, proportional n?) computation can be obtained by a minimal modification of the non- 
weighted convolution algorithm [FXT: convolution/slowweightedcnvl.h': 

template <typename Type> 

void slow_weighted_convolution(const Type *f, const Type *g, Type *h, ulong n, Type w) 


// weighted (cyclic) convolution: h[] := ff] (*)_w gf] 
// n := array length 
{ 
for (ulong tau=0; tau<n; ++tau) 
ulong k = 0; 
Type sO = 0.0; 


for (ulong k2=tau; k<=tau; ++k, --k2) sO += (f[k]*g[k2]); 

Type si = 0.0; 

for (ulong k2=n-1; k<n; ++k, --k2) si += (f£[k]*g[k2]); // wrapped around 
h[tau] = sO + si*w; 


21.4 Convolution using the MFA 


We give an algorithm for convolution that use the matrix Fourier algorithm (MFA, see section [20.11] on 
page [406}. The MFA is used for the forward transform and the transposed algorithm (TMFA) for the 
backward transform. The elements of each row are assumed to lie contiguous in memory. For the sake of 
simplicity auto convolution is considered. The matrix FFT convolution algorithm: 


1. Apply a (length R) FFT on each column. 
(memory access with C'-skips) 


2. Multiply each matrix element (index r,c) by exp(+o27irc/n). 


3. Apply a (length C) FFT on each row. 
(memory access without skips) 


4. Complex square row (element-wise). 


5. Apply a (length C) FFT on each row (of the transposed matrix). 
(memory access is without skips) 


6. Multiply each matrix element (index r,c) by exp(—o 2 7irc/n). 


7. Apply a (length R) FFT on each column (of the transposed matrix). 
(memory access with C'-skips) 


Note that steps 3, 4, and 5 constitute a length-C’ convolution on each row. 


C++ implementations of the cyclic and linear convolution using the described algorithm are given in 


[FXT: \convolution/matrixfftcnvl.cc|). The code for self-convolution can be found in [FXT: 
tion/matrixfftcnvla.cc’. 


With the weighted convolutions in mind we reformulate the matrix (self-) convolution algorithm given 


on page [419] 


1. Apply a FFT on each column. 


[fxtbook draft of 2008-January-19] 


420 Chapter 21: Algorithms for fast convolution 


2. On each row apply the weighted convolution with VO = e?7'’/® = 1"/R where R is the total 
number of rows, r = 0..R—1 the index of the row, C the length of each row (equivalently, the total 
number columns) 


3. Apply a FFT on each column (of the transposed matrix). 


We first consider the special cases of two and three rows and then formulate an MFA-based algorithm 
for the convolution of real sequences. 


The case R= 2 


Define s and d as the sums and differences of the lower and higher halves of a given sequence 2: 
s c= (0/2) 4 (1/2) (21.4-1a) 
(0/2) — 7 (A/2) (21.4-1b) 


Then the cyclic auto convolution of the sequence x can be obtained by two half-length convolutions of s 
and d as 


1 
L@r = 5 Is @s+de@_d, s®s—d@_d| (21.4-2) 


where the symbols ® and ®_ stand for cyclic and negacyclic convolution, respectively (see section [21.3] 
on page[417). The equivalent formula for the cyclic convolution of two sequences x and y is 


1 
rey => 2 [Sz ® Sy + dy ®_ dy, Sz ® Sy — dy @®- dy] (21.4-3) 
where 
& t= gt/ego (21.4-4a) 
dy = (0/2) — p(t/2) (21.4-4b) 
-— (0/2) 4 41/2) - 
a oy , (21.4-4c) 
dy := y (0/2) = yo?) (21.4-4d) 


Now use the fact that an linear convolution is computed by a cyclic convolution of zero-padded sequences 
whose upper halves are simply zero, so s; = dy; = x and s, = dy = y. Then relation |21.4-3] reads: 


1 
LOiny = 5g Ie Oyt rey, xr@y-—xr@_y| (21.4-5) 
And for the acyclic auto convolution: 


1 
L@Olin«t = 5g wOrte@_z, r@xL—-x£@_ 2| (21.4-6) 


The lower and upper halves of the linear convolution can be obtained from the sum and difference of the 
cyclic and the negacyclic convolution. 


The case R= 3 


Let w = $(1+%¥V3) and define 


A v= pO 4 g(t/3) 4 (2/8) (21.4-7a) 
B = gOP) 445 208) 2505) (21.4-7b) 
Ge. HO ng tO) iy GO) (21.4-7c) 


[fxtbook draft of 2008-January-19] 


21.4: Convolution using the MFA 421 


Then, if h := « ® a, one has 


AO) = A@®A+ BOy B+ C@y21C (21.4-8a) 
A/3) -—- A @® At Ww B Oflu} BtwCZ ®f{w2} C (21.4-8b) 
A?/3) — A@®A+w B ®w} Btw" C @y,,23 C (21.4-8c) 


For real valued data C is the complex conjugate (cc.) of B and (with w? = cc.w) B @®,.,; B is the ce. of 
C @® .,2} C and therefore every B ®,.} B-term is the cc. of the C @,} C-term in the same line. Is there a 
nice and general scheme for real valued convolutions based on the MFA? Read on for the positive answer. 


21.4.1 Convolution of real valued data using the MFA 


Consider the MFA-algorithm for the cyclic convolution as given on page [419] but with real input data: 
for row 0 which is real after the column FFTs one needs to compute the usual cyclic convolution; for row 
R/2 which is also purely real after the column FFTs a negacyclic convolution is needed} the code for 
negacyclic convolution is given on page [496] 


All other weighted convolutions involve complex computations, but it is easy to see how to reduce the 
work by 50 percent: as the result must be real the data in row number R —r must, because of the 
symmetries of the real and imaginary part of the (inverse) Fourier transform of real data, be the complex 
conjugate of the data in row r. Therefore one can use real FFTs (R2CFTs) for all column-transforms for 
step 1 and half-complex to real FFTs (C2RFTs) for step 3. 


Let the computational cost of a cyclic (real) convolution be q, then 


e For even values of R one must perform one cyclic (row 0), one negacyclic (row R/2) and R/2— 2 
complex weighted convolutions (rows 1,2,...,R/2— 1) 


e For R odd one must perform 1 cyclic (row 0) and (R — 1)/2 complex weighted convolutions (rows 
Ly QyncagtR—1)/2) 


Now assume, slightly simplifying, that the cyclic and the negacyclic real convolution involve the same 
number of computations and that the cost of a weighted complex convolution is twice that. Then in both 
cases above the total work is exactly half of that for the complex case, which is what one expects from a 
real world real valued convolution algorithm. 


For the computation of the linear convolution one can use the right angle convolution (and complex FFTs 
in the column passes), see section on page [417] 


21.4.2 Mass storage convolution using the MFA 


Algorithms on data sets that do not fit into physical RAM are sometimes called external or out of 
core algorithms. Simply using the virtual memory mechanism of the operating system is not an option, 
eternal hard disk activity would be the consequence in most cases. We give a method for the mass storage 
convolution. It is based on the matrix FFT convolution algorithm given on page|419] The number of disk 
seeks has to be kept minimal because these are slow operations which degrade performance unacceptably 
if they occur too often, 


The crucial modification of the use of the MFA is to not choose R and C as close as possible to /n 
as is usually done. Instead one chooses R to be minimal so that the row length C' corresponds to the 
biggest data set that fits into the available RAM. We now analyze how the number of seeks depends on 
the choice of R and C: In what follows it is assumed that the data lies in memory as rowg, row}, ..., 
rowRr-1- In other words, the elements of each rows lie contiguous in memory. Further let a > 2 be the 
number of times the data set exceeds the available RAM size. 


1For odd values of R there is no such row and no negacyclic convolution is needed. 


[fxtbook draft of 2008-January-19] 


422 Chapter 21: Algorithms for fast convolution 


In step 1 and 3 of the convolution algorithm given on page [419]one reads from disk (row by row, involving 
R seeks) the number of columns that just fit into RAM, does the (many, short) column-FFTs, writes 
back (again R seeks), and proceeds to the next block; this happens for a of these blocks, giving a total 
of 4a R seeks for steps 1 and 3. 


In step 2 one reads (a times) blocks of one or more rows, which lie in contiguous portions of the disk, 
perform the FFT on the rows, and write back to disk. This gives a total of 2.@ seeks for step 2. 


Thereby there are 2a+4aR seeks during the whole computation, which is minimized by the choice of 
maximal C’. This means that one chooses a shape of the matrix so that the rows are as big as possible 
subject to the constraint that they have to fit into main memory, which in turn means there are R = a 
rows, leading to an optimal seek count of K = 2a+ 4a’. 


Let Sp be the seek time of the hard disk in seconds, Wp be the disk transfer rate in megabyte per 
second. Further let A be the amount of available RAM in megabytes. Then the total time spent for disk 
operations is the sums of the time spent in seeks and the time for reading and writing: 


a 
T=K — 21.4- 
opt Oe ( 9a) 
A 
= (2a+40?) Sp+6— (21.4-9b) 
Rp 


We give two examples for an FFT whose size that exceeds the available RAM by a factor of a = 16 (so 
the number of seeks is k = 1056). 


With a machine where the disk seek takes 10 milliseconds (5p = 0.010) about 10 seconds are needed for 
the seeks. Further assume we have A = 64 Megabytes of RAM available so the transform size is 1 GB 
corresponding to 128 million (double precision) floats. The disk transfer rate shall be Wp = 10 MB/sec. 
Then the overhead for the read and write would amount to 6-1024MB/(10MB/sec) ~ 615sec or 
approximately 10 minutes. So the total disk activity takes approximately 10.5 minutes. 


With a workstation machine with Sp = 0.005 sec (5 milliseconds), Wag = 50 MB/sec, and 512 MB of 
RAM: the transform size is 8 GB (1 G doubles) and we obtain T = 5.28+983.04 = 988.32 or approximately 
16.5 minutes. 


In both cases the CPU will be busy for several minutes which is in the same order as the time for the 
disk activity. Therefore, when multi-threading is available, one may want to use a double buffer variant: 
Choose the row length so that it fits twice into the RAM workspace; then let always one (CPU-intensive) 
thread do the FFTs in one of the scratch spaces and the other (hard disk intensive) thread write back 
the data from the other scratch space and read the next data to be processed. With not too small main 
memory (and not too slow hard disk) and some fine tuning double buffering can to keep the CPU busy 
during much of the hard disk operations. Thereby most of the disk time can be ‘hidden’ as the CPU 
activity does not stall waiting for data. 


The mass storage convolution as described was used for the calculation of the number 
9°” = 0.4281247 - 10369.693,100 (21.4-10) 


on a 32-bit machine in 1999. The computation used two files of size 2 Gigabytes each and took less than 
eight hours on a system with a AMD K6/2 CPU at 366 MHz with 66 MHz memory. The log-file of 
the computation is [hfloat: |jexamples/runl-pow999.txt|. The computation did not use the double-buffer 
technique. 


21.5 The z-transform (ZT) 


In this section we will learn a technique to compute the Fourier transform by a cyclic convolution. In fact, 
the transform computed is the z-transform, a more general transform that in a special case is identical 


[fxtbook draft of 2008-January-19] 


21.5: The z-transform (ZT) 423 


to the Fourier transform. 


The discrete z-transform (ZT) of a length-n sequence a is a length-n sequence c defined by 


c = Zfa] (21.5-1a) 
n-1 

Ch t= pee a (21.5-1b) 
x2=0 


The z-transform is a linear transformation. It is not an orthogonal transformation unless z is a root 
of unity. For z = e+?7*/" the z-transform specializes to the discrete Fourier transform. An important 
property is the convolution property: 


Z{a@b|] = Z{a] Z[b] (21.5-2) 
Convolution in original space corresponds to ordinary (element-wise) multiplication in z-space. This can 


be turned into an efficient convolution algorithm for the special case of the Fourier transform but not in 
general because no efficient algorithm for the inverse transform is known. 


21.5.1 Computation via convolution (Bluestein’s algorithm) 


Noting that 


tk = 5 (a? +? (k x)?) (215-3) 


we find, for element c, of the Fourier transform of the sequence a, 


n—-1 n—-1 
Ck = > On z2*® = zk/? » (a. oP) eat (21.5-4) 
x=0 


«z=0 


The expression in brackets is a cyclic convolution of the sequence ay, z®’/2 with the sequence gow)? 
This leads to the algorithm for the chirp z-transform: 


1. Multiply the sequence a element-wise with z® /?. 


2. Convolve the resulting sequence with the sequence zoe /2, 


3. Multiply element-wise with the sequence z*’/?. 

The above algorithm constitutes a fast algorithm for the ZT because fast convolution is possible via FFT. 
The idea is due to Bluestein [44], a detailed description of the algorithm for computing the Bluestein 
FFT is given in [224]. 


21.5.2 Arbitrary length FFT by ZT 


The length n of the input sequence a for the fast z-transform is not limited to highly composite values: 
For values of n where a FFT is not feasible pad the sequence with zeros up to a length D with L >= 2n 
such that a length-L FFT can be computed (highly composite L, for example a power of two). 


As the Fourier transform is the special case z = e*?7*/” of the ZT the chirp-ZT algorithm constitutes 
an FFT algorithm for sequences of arbitrary length. 


The transform takes a few times more than an direct FFT. The worst case (if only FFTs for n a power of 
2 are available) is n = 2? +1: one must perform three FFTs of length L = 2?*? = 4n for the computation 
of the convolution. So the total work amounts to about 12 times the work a FFT of length n = 2? would 


[fxtbook draft of 2008-January-19] 


424 Chapter 21: Algorithms for fast convolution 


cost. It is possible to lower this ‘worst case factor’ to 6 by using highly composite L slightly greater than 


2n. 


For multiple computations of z-transforms of the same length one may want to store the Fourier transform 
as it does not change. Thereby the worst case is reduced to a factor 4 with highly 


of the sequence z**/2 


composite FFTs and 8 if FFTs are available for powers of two only. 


A C++ implementation of the Fourier transform for sequences of arbitrary length is given in [FXT: 


chirpzt/fftarblen.cc|. For even length, the routine is 


static void 
fft_arblen_even(Complex *x, ulong n, int is) 


// Arbitrary length FFT for even lengths n. 


{ 
ulong ldnn = 1ld(n); 
if ( n==(1UL<<ldnn) ) Ildnn += 1; 
else ldnn += 2; 
ulong nn = (1UL<<ldnn) ; 
Complex *f = new Complex[nn]; 
::copyO(x, n, f, nn); 
Complex *w = new Complex[nn]; 
make_fft_chirp(w, n, nn, is); 
multiply(f, n, w); 
double *dw = (double *)w; 
for (ulong k=1; k<2*n; kt+=2) dwlk] = -dw[k]; // ="= make_fft_chirp(w, n, nn, 
fft_complex_convolution(w, f, ldnn); 
add(f, n, f+n); // need cyclic convolution 
make_fft_chirp(w, n, nn, is); 
multiply(w, n, £); 
::copy(w, x, n); 
delete [] w; 
delete [] f; 
} 
The auxiliary routine make_fft_chirp() is defined in [FXT: \chirpzt/makechirp.cc): 


void 

make_fft_chirp(Complex *w, ulong n, ulong nn, int is) 

// For k=0..n-1: wk] := exp( is * k*k * (i*2*PI/n)/2 ) 
// where i = sqrt(-1) 

v For k=n..nn-1: wlk] = 0 


double phi = 1.0*is*M_PI/n; // == (i*2*Pi/n)/2 
ulong k2 = 0, n2 = 2+*n; 
for (ulong k=0; k<n; ++k) 
{ 
wlk] = SinCos(phi*k2) ; 
k2 += (2*k+1); 
if ( k2>n2 ) k2 -= n2; 
// here: k2 == (k*k) mod 2*n; 


null(wtn, nn-n); 


} 
For transform of odd length, use 


static void 
fft_arblen_odd(Complex *x, ulong n, int is) 


// Arbitrary length FFT for odd lengths n. 


{ 
ulong ldnn = ld(n); // == floor(log2(n)) 
ldnn += 3; 
ulong nn = (1UL<<ldnn); // == 4 * next_2_pow(n) 


Complex *f = new Complex[nn]; 
::copyO(x, n, f, nn); 


Complex *w = new Complex[nn]; 
make_fft_chirp_n2(w, n, nn, is); 
multiply(f, n, w); 


double *dw = (double *)w; // cast 


[fxtbook draft of 2008-January-19] 


-is); 


21.5: The z-transform (ZT) 


for (ulong k=1; k<nn; k+=2) 


425 


dw[{k] = -dw[k]; // == make_fft_chirp_n2(w, n, nn, -is); 


fft_complex_convolution(w, f, ldnn); 

ulong n2 = n*2; 

ulong dn = nn-n2; 

if ( dn>n ) dn =n; 

add(f, dn, f+n2); // need cyclic convolution 


make_fft_chirp(w, n, nn, is); 
multiply(w, n, f); 
::copy(w, x, n); 
delete [] w; 
delete [] f; 
} 


The auxiliary routine make_fft_chirp_n2() is 


void 
make_fft_chirp_n2(Complex *w, ulong n, ulong nn, int is) 


// For k=0..2*n-1: wk] = exp( is * k*k * (i*2*PI/n)/2 ) 


// where i = sqrt(-1) 
c For k=2*n..nn-1: wl[k] = 0 


double phi = 1.0*is*M_PI/n; // == (i*2*Pi/n)/2 
ulong n2 = n*2; 
ulong k2 = 0; 
for (ulong k=0; k<n2; ++k) 
{ 
wk] = SinCos(phi*k2) ; 
k2 += (2*k+1); 
if ( k2>n2 ) k2 -= n2; 
// here: k2 == (k*k) mod 2*n; 


null (w+n2, nn-n2) ; 


} 

The routine to be called by the user is 
void 

fft_arblen(Complex *x, ulong n, int is) 
// Arbitrary length FFT. 


if ( nk&l ) fft_arblen_odd(x, n, is); 
else fft_arblen_even(x, n, is); 


21.5.3. Fractional Fourier transform by ZT 


The z-transform with z = e%2™#/” 


is called the fractional Fourier transform. For a = 


tl one again 


obtains the usual Fourier transform. The fractional Fourier transform can be used for the computation 
of the Fourier transform of sequences with only few nonzero elements and for the exact detection of 
frequencies that are not integer multiples of the lowest frequency of the DFT. A discussion of the fractional 


Fourier transform can be found in [24]. 


A C++ implementation of the fractional Fourier transform for sequences of arbitrary length is given in 
[FXT: \chirpzt/fftfract.cc}: 


void 
fft_fract (Complex *x, ulong n, double v) 
// Fractional (fast) Fourier transform. 


ulong ldnn = ld(n); 
if ( n==(1UL<<ldnn) ) Ildnn += 1; 
else ldnn += 2; 


ulong nn = (1UL<<ldnn); // smallest power of 2 >= 2*n 


Complex *f = new Complex[nn]; 

copy(x, f, n); 

null(f+n, nn-n); 

Complex *w = new Complex[nn]; 
make_fft_fract_chirp(w, v, n, nn); 

for (ulong j=0; j<n; ++j) f[j] *= wij]; 

for (ulong j=0; j<nn; ++j) wlj] = conj(w[j]); 


[fxtbook draft of 2008-January-19] 


426 Chapter 21: Algorithms for fast convolution 


fft_complex_convolution(w, f, ldnn); 
make_fft_fract_chirp(w, v, n, nn); 
for (ulong j=0; j<n; ++j) wlj] *= f£[j]; 
copy(wtn, x, n); 
delete [] w; 

: delete [] f; 


The auxiliary routine make_fft_fract_chirp() is defined in [FXT: \chirpzt/makechirp.cc': 


void 
make_fft_fract_chirp (Complex *w, double v, ulong n, ulong nn) 
// For k=0..nn-1: wk] == exp(v*sqrt (-1)*k*k*2*pi*/n/2) 


{ 
const double phi = v*2.0*M_PI/n/2; 
ulong n2 = 2*n; 
ulong np=0; 
for (ulong k=0; k<nn; ++k) 
{ 
w[k] = SinCos(phi*np) ; 
np t= ((k<<1)+1);  // np == (k*k)%n2 
if ( np>=n2 ) np -= n2; 
} 
} 


21.6 Prime length FFTs 


For the computation of FFTs for sequences whose length is prime we can exploit the existence of primitive 

roots. We will be able to express the transform of all but the first element as a cyclic convolution of two 

sequences whose length is reduced by one. 

Let p be prime, then an element g exists so that the least positive exponent e so that g*° = 1 mod p 

is e = p—1. The element g is called a generator (or primitive root) modulo p (see section on 
fra) 


page ). Every nonzero element modulo p can uniquely be expressed as a power g® where 0 < e < p—1. 
For example, a generator modulo p = 11 is g = 2, its powers are: 


gal gS? a4 Fae oe Hs PHS -1 Ho Vat gas go Ht Hi 


Likewise, we can express any nonzero element as a negative power of g. Let h = g~', then with our 
example, h = 6 and 


nw =1 hb=6 W=3 2 =T7 hW*=9 AP =10 1 A =5 bh =8 We =4 WP =2Q WP t=1 


This is just the reversed sequence of values. Let the c be the Fourier transform of length-p sequence a: 


p-1 
Ch = So ae ara (21.6-1) 
«x=0 
where z = exp (2iz/p) and o = +1 is the sign of the transform. We split the computation of the Fourier 
transform in two parts, we compute the first element of the transform as 
p-l 
eg = Ge (21.6-2) 
x=0 
Now it remains to compute, for 1<k<p-—1, 
p—l1 
Ch = aot > az 277* (21.6-3) 
z=1 


Note the lower index of the sum. We write k = g° and x = g~/ (modulo p), so 
p—2 ; p—2 P 
e(g°) = 20 = Dagny 27) = Yayg-n 27) (21.6-4) 
f=0 f=0 


[fxtbook draft of 2008-January-19] 


21.6: Prime length FFTs 427 


The sum is a cyclic convolution of the sequences 29") and a(g-w) Where 0 < w < p—2. That is, if we 
permute the sequences a, a2, ..., @p—1 and z', 2”, ..., 2?~! and compute their cyclic convolution then 
we obtain a permutation of the sequence cj, C2, ..., Cp—1.- 


The method was given in [196], it is called Rader’s algorithm. We implement it in pari/gp: 


ft_rader(a, is=+1)= 
\\ Fourier transform for prime lengths (Rader’s algorithm) 


{ 

local(m, a0, f0, g, w); 

local(f, ixp, ixm, pa, pw, t); 

n = length(a) ; 

aO = afi]; f0 = sum(j=1, n, alj]); 

g = znprimroot(n); ixp = vector(n, j, component( g~(j-1), 2) ); 

w = is*2*I*Pi/n; pw = vector(n-1, j, exp(w*ixp[j]) ); 

pa = vector(n-1); for (j=1, n-1, pa[jl=a[i+ixp[1+n-j]] ); 

t = cconv(pa, pw); \\ cyclic convolution 

f = vector(n); £[1] = £0; for (k=1, n-1, f£[1+k]=t[k]+a0); 

t = vector(n); tli] = f[1]; for (k=2, n, t[{1t+ixp[k-1]]=f[k]); 
' return( t ); 


With a (slow) implementation of the cyclic convolution and DFT we can check whether the method works 
by comparing the results: 

cconv(a, b, w=t1)= 

\\ weighted cyclic convolution (by definition, n*2 operations) 

\\ w==+1 ==> usual cyclic convolution 


{ 
local(n, f, s, k, k2); 
n = length(a) ; 
f = vector(n); 
for (tau=0, n-1, \\ tau = k + k2 
sO =0; k=0; k2 = tau; 
while (k<=tau, sO += (a[k+1]*b[k2+1]); k++; k2--); 
si =0; k2 =n-1; \\ k=tauti 
while (k<n, si += (a[k+1]*b[k2+1]); k++; k2--); 
f[tauti] = sO + w * si; 
); 
return( f ); 
} 


dft(a, is=+1)= 
\\ Fourier transform (by definition, n*2 operations) 


{ 
local(n, f, s, phO, ph); 
n = length(a) ; 
f = vector(n); 
phO = is*2*Pi*I/n; 
for (k=0, n-1, 
ph = pho * k; 
f[k+1] = sum (x=0, n-1, al[x+i] * exp(ph*x) ); 
3 
return( f ); 
} 


In order to turn the algorithm into a fast Fourier transform we need to compute the convolution via 
length-(p — 1) (fast) transforms. This is trivially possible when p— 1 = 2%, for example when p = 5 or 
p= 17. As p—1 is always divisible by two, we can split at least once. For p = 11 we have (p — 1)/2 =5 
so we can again use Rader’s algorithm and length-4 transforms. 


The method can be used to generate code for short (prime) length FFTs. It is advisable to create the 
permuted and transformed sequence of the powers of z. Thereby only two length-(p — 1) FFTs will be 
needed for a length-p transform. 


[fxtbook draft of 2008-January-19] 


428 Chapter 21: Algorithms for fast convolution 


[fxtbook draft of 2008-January-19] 


429 


Chapter 22 


The Walsh transform and its 
relatives 


We describe several variants of the Walsh transform, sometimes called Walsh-Hadamard transform or 
just Hadamard transform. The Walsh transform has the same complexity as the Fourier transform but 
does not involve any multiplications. In fact, one can obtain a Walsh transform routine by removing all 
multiplications (with sines and cosines) in a given FFT routine. 


We also give related transforms like the slant transform and the Reed-Muller transform. The dyadic 
convolution that can be computed efficiently by the Walsh transform is introduced. 


22.1 The Walsh transform: Walsh-Kronecker basis 


How to make a Walsh transform out of your FFT: 
‘Replace exp(something) by 1, done.’ 


Removing all exp(something) from the radix-2, decimation in time Fourier transform we obtain 


void slow_walsh_wak_dit2(double *f, ulong 1dn) 
// (this routine has a problem) 


{ 
ulong n = (1UL<<1dn) ; 
for (ulong ldm=1; ldm<=ldn; ++1ldm) 
{ 
const ulong m = (1<<ldm) ; 
const ulong mh = (m>>1); 
for (ulong j=0; j<mh; ++j) 
for (ulong r=0; r<n; rt+=m) 
const ulong ti = r+j; 
const ulong t2 = ti+mh; 
double u = f[ti]; 
double v = f[t2]; 
f[ti] = utv; 
f£[t2] = u-v; 
} 
} 
} 
} 


The transform involves proportional n log,(n) additions (and subtractions) and no multiplication at all. 
The transform, as given, is its own inverse up to a factor 1/n. The Walsh transform of integer input is 


integral. 


[fxtbook draft of 2008-January-19] 


430 Chapter 22: The Walsh transform and its relatives 


O: [K * * kK OK OK KK OK OK KOR KOK KOK KOK KK KOK OK ROK OK OK KK OK OK] 
1: [* * * * * * * * * * * * * * * *x | 
2: [* * * Ox * Ox * Ox * Ok * Ox * x * Ox J 
3: [* * x * x * Ox * Ox * Ok * Ok * Ox *] 
4: [k * * * x OK OK OK * OK OK OK * OK OK OK J 
5: [* * * * Ox * * * Ox * * OK * *] 
6: [* * * OK OK OK * OK O* * OK OK OK *] 
7: [x * * Ok * * * * * * Ox * * * J 
8: [* * * * KK KK * Ok * Ok OK OK OK J 
9: [* * * * * * * * Ox * * * * * *] 
10: [* * * Ox * x x OK OK OK * Ox * * *] 
11: [* * x * * Ok * Ox * * Ok * * xx | 
12: [* * * * * OR OK OK OK OK * * OK *K Ok] 
13: [* * * * * * Ox * * * * * * Ox *x ] 
14: [* * * Ox * OK OK OK * Ok * * Ok OK J 
15: [* * * * * * x * * * Ox * *] 
16: [* * * * * * Ok OK * OK OK OK * J 
17: [* * * * * * * * * * * * * * *] 
18: [* * * Ox * x * Ok * Ox * x * Ok * *] 
19: [* * Ox * Ox * Ox * * x * x * Ox xx | 
20: [x * * * * OK OK OK * OK OK O* xk * Ok] 
21: [x * * * Ox * * * * * Ok * * * Ox *x | 
22: [* * * OK OK OK * x OK OK x OK OK OK J 
23: [x * * * * * * * * * Ox * *] 
24: [x * * * x * Ox KOK OK OK OK OK *] 
25: [x * * * * * * * * * * * Ok * * J 
26: [* * * x * x * Ox * x OK KOK * x J 
27: [x * x * * Ox * Ox * * x * * Ox *] 
28: [x * * * x OK OK OK KOK OK OK OK OK * J 
29: [x * * * * * Ox * * * Ok * * * * *] 
30: [* * * Ox * OK OK OK x OK OK * x *] 
31: [x * * Ok * Ok * * * * * Ox * * J 


Figure 22.1-A: Basis functions for the Walsh transform (Walsh-Kronecker basis). Asterisks denote the 
value +1, blank entries denote —1. 


As the slow in the name shall suggest, the implementation has a problem as given. The memory access 
pattern is highly non-local. Let’s make a slight improvement: here we just took the radix-2 DIT FFT code 
from section |20.3.1.3/on page and threw away all trigonometric computations (and multiplications). 


But the swapping of the inner loops, that we did for the FFT in order to save trigonometric computations 
is now of no advantage anymore. So we try the following [FXT: walsh_wak_dit2( in walsh/walshwak2.h): 


template <typename Type> 

void walsh_wak_dit2(Type *f, ulong ldn) 

// Transform wrt. to Walsh-Kronecker basis (wak-functions). 
// Radix-2 decimation in frequency (DIF) algorithm. 


{ 
ulong n = (1UL<<1dn) ; 
for (ulong ldm=1; ldm<=ldn; ++1ldm) 
{ 
const ulong m = (1UL<<ldm); 
const ulong mh = (m>>1); 
for (ulong r=0; r<n; r+=m) 
: ulong ti = 1; 
ulong t2 = r+mh; 
for (ulong j=0; j<mh; ++j, ++t1, ++t2) 
Type u = f[t1]; 
Type v = f[t2]; 
f[ti] =u+y; 
f£[t2] =u -v; 
} 
} 
} 
} 


[fxtbook draft of 2008-January-19] 


22.1: The Walsh transform: Walsh-Kronecker basis 431 


ldm=4 


Idm=3 


ldm=2 


ldm=1 


5 6 7 8 9 10 11 12 13 14 15 


Figure 22.1-B: Data flow for the length-16, radix-2, decimation in time (DIT) transform. The stages 
are from bottom to top. Thin lines indicate a factor of minus one. 


The performance impact is quite drastic. For n = 2?! (and type double, 16 MByte of memory) it gives a 
speedup by a factor of about eight. For smaller lengths the ratio approaches one. 


The data flow diagram (butterfly diagram) for the radix-2 decimation in time (DIT) algorithm is shown in 


figure|22.1-B] The figure was created with the program [F XT: |fft / butterfly-texpic-demo.cc . The diagram 


for the decimation in frequency (DIF) algorithm is obtained by reversing the order of the steps. In the 
code, only the outermost loop has to be changed [FXT: walsh_wak_dif2() in |walsh/walshwak2.h): 


template <typename Type> 
void walsh_wak_dif2(Type *f, ulong ldn) 


const ulong n = (1UL<<1ldn) ; 
for (ulong ldm=ldn; ldm>=1; --1dm) 
{ 


const ulong m = (1UL<<ldm) ; 
const ulong mh = (m>>1); 
for (ulong r=0; r<n; r+=m) 


ulong ti =r; 
ulong t2 = r+mh; 
for (ulong j=0; j<mh; ++j, ++t1, ++t2) 
{ 
Type u = f[t1]; 
Type v = f[t2]; 
f[ti] =u+yv; 
f[t2] =u -v; 
} 


} 
} 


A function that computes the k-th base function of the transform is [FXT: walsh_wak_basefunc() in 
walsh/walshbasefunc.h): 


template <typename Type> 
void walsh_wak_basefunc(Type *f, ulong n, ulong k) 


for (ulong i=0; i<n; ++i) 


[fxtbook draft of 2008-January-19] 


432 Chapter 22: The Walsh transform and its relatives 


ulong x =i & k; 
xX = parity(x); 
fli] = ( O==x 7? +1: -1°); 


} 
The basis functions are shown in figure |22.1-A| Note that the lowest row is (the signed version of) the 


Thue-Morse sequence, see section|1.15.1}on page [37] 


Multi-dimensional Walsh transform 


If one applies the row-column algorithm (see section [20.10.2]on page [405) to compute a two-dimensional 
n xm Walsh transform then the result is exactly the same as with a 1-dimensional n-m transform. That 
is, algorithmically nothing needs to be done for multidimensional Walsh transforms: a k-dimensional 
ny X Ng X ... X ng-transform is identical to a 1-dimensional n,-n2: ... -nz-transform. The length-2” 
Walsh transform is identical to a n-dimensional length-2 Fourier transform. 


22.2 Ejigenvectors of the Walsh transform * 


O: [ +5 +1 +4 +1 41 +1 +4 +4 41 41 +1 +4 41 41 +1 °4+1~4 
1: [+4 +3 4¢1 -1 +1 -1 +1 -1 41 -1 +4 -1 +1 -1 +4 --1 <4 
2: ([ +1 +1 +3 -1 +1 +1 -1 -1 +1 +1 -1 -1 +1 41-1 -1 <4 
3: [ +1 -1 -1 +5 +1 -1 -1 +4 41 -1 -1 +41 +1 -1 -1 41 =<) 
4: [ +1 +1 +4 +1 43 -1 -1 -1 +1 +1 +1 +1 -1 -1 -1 --1 <4) 
5: [ +1 -1 +4 -1 -1 +5 -1 +4 41 -1 +1 -1 -1 +1 -1 41 =<) 
6: [ +1 +1 -1 -1 -1 -1 +5 +4 41 +1 -1 -1 -1 -1 +1 41 =~) 
7: ( +21 -1 -1 +4 -1 +1 44 43 41 -1 -1 +4 -1 +1 +1 --1~4 
8: [ +1 +1 +4 +1 41 +1 +4 +1 -5 -1 -1 -1 -1 -1 -1 -1 ] 
9: [ +1 -1 +4 -1 41 -1 +41 -1 -1 -3 -1 +4 -1 +1 -1 +1] 
10: [ +41 +1 -1 -1 +1 +4 -1 -1 -1 -1 -3 +4 -1 -1 +141 41 ] 
di: [ +2 -1 -1 +4 +1 -1 -1 +4 -1 +1 +1 -5 -1 +1 +1 -1 ] 
12: [ +41 +1 +4 +1 -1 -1 -1 -1 -1 -1 -1 -1 -3 +1 +1 41] 
13: [ +1 -1 +4 -1 -1 +1 -1 +4 -1 +1 -1 +41 41-5 +1 -1 ] 
14: [ +1 +1 -1 -1 -1 -1 +4 +4 -1 -1 +1 +1 41 41-5 -1 ] 
15: [ +41 -1 -1 +1 -1 +4 +1 -1 -1 +1 +1 -1 +1 -1 -1 -3 ] 


Figure 22.2-A: Eigenvectors of the length-16 Walsh transform (Walsh-Kronecker basis) as row vectors. 
The eigenvalues are +1 for the vectors 0...7 and —1 for the vectors 8...16. Linear combinations of 
vectors with the same eigenvalue e are again eigenvectors with eigenvalue e. 


The Walsh transforms are self-inverse, so their eigenvalues can only be plus or minus one. Let a be a 
sequence and let W(a) denote the Walsh transform of a. Set 


uz := Wa)+a (22.2-1) 

Then 
W(u4) = W(W(a))+W(a) = a+W(a) = 41-uy (22.2-2) 
That is, wu; is an eigenvector of W with eigenvalue +1. Equivalently, u- := W(a) — a is an eigenvector 


with eigenvalue —1. Thereby, two eigenvectors can be obtained from an arbitrary nonzero sequence. 


[fxtbook draft of 2008-January-19] 


22.3: The Kronecker product 433 


We are interested in a simple routine that for a Walsh transform of length n gives a set of n eigenvectors 
that span the n-dimensional space. With a routine that computes the k-th basis function of the transform 
we can obtain an eigenvector efficiently by simply adding a delta peak at position k to the basis function. 
The delta peak has to be scaled according to whether a positive or negative eigenvalue is desired and 
according to the normalization of the transform. 


A suitable routine for the Walsh-Kronecker basis (whose basis functions are given in figure |22.1-A] on 


page |430) is 


void 

walsh_wak_eigen(double *v, ulong ldn, ulong k) 

// Eigenvectors of the Walsh transform (walsh_wak). 
// Eigenvalues are +1 if k<n/2, else -1 


3! 
ulong n = 1UL << ldn; 


walsh_wak_basefunc(v, n, k); 
double d = sqrt(n); 
v[k] += (k<n/2 ? +d : -d); 


This routine is given in [FXT: walsh/walsheigen.cc). Figure}22.2-A|was created with the program [FXT: 
fft /walsh-eigenvec-demo.cc). 


Note that with the unnormalized transforms the eigenvalues are +,/n. 


22.3. The Kronecker product 
The length-2 Walsh transform is equivalent to the multiplication of a 2-component vector by the matrix 


We = Be i“ (22.3-1) 


| +1 41 41 41 ] 
+1 -1 41 -1 
Wa = 1 1 1 1 (22.3-2) 
1 1 1 1 
One might be tempted to write 
_ +W. +W2 
WwW. = pee a | (22.3-3) 


This idea can indeed be turned into a well-defined notation which is quite powerful when dealing with 
orthogonal transforms and their fast algorithms. Let A be an m x n matrix 


40,0 0,1 eran a0,n-1 
41.0 a4 ty Q1n-1 
A = : : . (22.3-4) 
Gm—-1,0 Gm—1,1 ara Am—1,n—-1 


then the (right) Kronecker product (or tensor product) with a matrix B is 


ao,0B aji1B ++: a@on-1B 
a;,0B a, 1B Ay @1,n-1B 
A®B := (22.3-5) 
A@m—1,0B G@m—1,1B oe G@m—1,n—-1B 


[fxtbook draft of 2008-January-19] 


434 Chapter 22: The Walsh transform and its relatives 


There is no restriction on the dimensions of B. If B is a r x s matrix then the dimensions of the given 
Kronecker product is (mr) x (ns), and cr+ir+js = Gi,jbk,1- The Kronecker product is not commutative, 
that is, A®B AB®A in general. 


For a scalar factor a the following relations are immediate: 
(aA)@®B = a(A@B) (22.3-6a) 
A®(aB) = a(A@B) (22.3-6b) 


The next relations are the same as for the ordinary matrix product. Distributivity (the matrices on both 
sides of a plus sign must be of the same dimensions): 


(A+B)@C = A@®C+BEeC (22.3-7a) 

A®(B+C) = A®B+A@C (22.3-7b) 
Associativity: 

A®(BEC) = (ASB)eC (22.3-8) 


The matrix product (indicated by a dot) of Kronecker products can be rewritten as 


(A@B)-(C@D) = (A-C)e@(B-D) (22.3-9a) 
(L; @R1)- (Lg @Rze)-...-(bn@Rn) = (In-Le-...- Ln) @(Ri-Re-...-R,) (22.3-9b) 

Set L; = Le =...=L, =: L and R; = Ro =... =R, =: R in the latter relation to obtain 
(L@R)” = L"@R” (22.3-9c) 


The Kronecker product of matrix products can be rewritten as 


(A-B)@(C-D) = (A8C)-(BaD) (22.3-10a) 


Here the matrices left and right from a dot must be compatible for ordinary matrix multiplication. 
One has 


(A@B)? = A7@B? (22.3-11a) 
(A@B)? = A‘'@B" (22.3-11b) 


If A and B are respectively m x n and r x s matrices then 


A®B = (n,@B)-(A @I,) (22.3-12a) 
(A @I,)-(I,@B) (22.3-12b) 


where I, is the n x n identity matrix. If A is n x n and B is t x ¢ then 


det(A@B) = det(A)‘ det(B)” (22.3-13) 


Back to the Walsh transform, we have W, = [1] and for n= 2", n > 1: 


+W/2 +W 7/2 


WwW, = 
| +W 7/2 —W/2 


| = W22Wr2 (22.3-14) 


In order to see that this relation is the statement of a fast algorithm split the (to be transformed) vector x 
into halves 


XY 


fare ba (22.3-15) 


[fxtbook draft of 2008-January-19] 


22.3: The Kronecker product 435 


and write out the matrix-vector product 


W,t = woe ae | = Bs (to + #1) (22.3-16) 


W/2 20 — Wn/2 21 W/o (to — 21) 


That is, a length-n transform can be computed by two length-n/2 transforms of the sum and difference 
of the first and second half of x. 


We define a notation equivalent to the product sign, 
®) Mz = Mi®M2@M3@...@Mn (22.3-17) 
k=1 


where the empty product equals a 1 x 1 matrix with entry 1. When A = B in relation|22.3-11b] we have 
(A@A)1=A-1@A7!, (A@A@A)1=A1@A-!@A7! and so on. That is, 


(® a) 7 (% AT! (22.3-18) 
k=1 k=1 


For the Walsh transform: 


logs (n) 
WwW, = W>2 (22.3-19) 
k=1 
and 
logs (n) 
w,! = Ww," (22.3-20) 
k=1 


The latter relation isn’t that exciting as W)' = We for the Walsh transform. However, it also holds 
when the inverse transform is different from the forward transform. Thereby, given a fast algorithm 
for some transform in form of a Kronecker product, the fast algorithm for the backward transform is 
immediate. 

Computation of the Kronecker product of two matrices is implemented as a method in [FXT: class 


matrix in |matrix/matrix.hi: 


bool kronecker(const matrix<Type> A, const matrix<Type> B) 


{ 
ulong nra = A.nr_, nea = A.nc_; 
ulong nrb = B.nr_, ncb = B.nc_; 
if ( nra * nrb != nr_) return false; 
if ( nca * ncb !=nc_) return false; 
for (ulong ra=0; ra<nra; ++ra) 
ulong ro = ra * nrb; 
for (ulong ca=0; ca<nca; ++ca) 
{ 
ulong co = ca * ncb; 
Type ea = A.get(ra,ca); 
for (ulong rb=0; rb<nrb; ++rb) 
ulong r = ro + rb; 
for (ulong cb=0; cb<ncb; ++cb) 
{ 
Type eb = B.get(rb,cb); 
ulong c = co + cb; 
Type p = ea * eb; 
set(r, c, p); 
} 
} 
} 
return true; 
} 


[fxtbook draft of 2008-January-19] 


436 Chapter 22: The Walsh transform and its relatives 


Here get (r,c) returns the entry in row r and column c, and set (r,c,x) assigns the value x to the entry. 


The direct sum of two matrices is defined as 


A 0 
AOB := | a | (22.3-21) 
In general ASD BABOA. As an analogue to the sum sign we have 
QA :-= 1,@A (22.3-22) 


where I, is the n x n identity matrix. The matrix I, © A consists of n copies of A that lie on the diagonal. 
The Kronecker product can be used to derive properties of unitary transforms, see [199]. 


22.4 A variant of the Walsh transform * 


All operations necessary for the Walsh transform are cheap: loads, stores, additions and subtractions. 

The memory access pattern is a major concern with direct mapped cache, as we have verified comparing 

the first two implementations in this chapter. Even the one found to be superior due to its more localized 

access is guaranteed to have a performance problem as soon as the array is long enough: all accesses are 

separated by a power-of-two distance and cache misses will occur beyond a certain limit. Rather bizarre 

attempts like inserting ‘pad data’ have been reported in order to mitigate the problem. The Gray code 
efits 


permutation described in suena 2.8]on page |97|suggests an interesting solution where the sub-arrays are 
always accessed in mutually tion PA order walsh/walshgray.h walsh/walshgray.h): 


template <typename Type> 

void walsh_gray(Type *f, ulong 1dn) 

// Gray variant of the Walsh transform. 

// Radix-2 decimation in frequency (DIF) algorithm 


{ 
const ulong n = (1UL<<ldn) ; 
for (ulong ldm=ldn; ldm>0; --ldm) // dif 
{ 
const ulong m = (1UL<<ldm) ; 
for (ulong r=0; r<n; rt+=m) 
ulong ti =r; 
ulong t2 =r+m- 1; 
for ( ; t1<t2; ++t1,--t2) 
{ 
Type u = f[t1]; 
Type v = f[t2]; 
f[ti] =u+yv; 
f[t2] =u-v; 
} 
} 
} 
} 


The transform is not self-inverse, however, the inverse transform can be implemented easily be reversing 
the steps: 


template <typename Type> 

void inverse_walsh_gray(Type *f, ulong 1dn) 

// Inverse of walsh_gray(). 

// Radix-2 decimation in time (DIT) algorithm. 


{ 
const ulong n = (1UL<<ldn) ; 


for (ulong ldm=1; ldm<=ldn; ++ldm) // dit 


const ulong m = (1UL<<ldm) ; 
for (ulong r=0; r<n; rt+=m) 
{ 

Yr; 

rtm = 14 


ulong t1 
ulong t2 


[fxtbook draft of 2008-January-19] 


22.5: Higher radix Walsh transforms 437 


a ( 3; ti<t2; +4+t1,--t2) 
Type u = f[t1]; 
Type v = f[t2]; 
f[ti] =u+yv; 
f£[t2] =u -v; 
} 


} 


Using Q for the grs_negate() routine (described below), W;, for walsh.wak(), W, for walsh_gray () 
and G for gray_permute() then 


W. = QW,G* = GW,;'Q (22.4-1) 


That is, the following two sequences of statements 
inverse_gray_permute(f, n); walsh_gray(f, ldn); grs_negate(f, n); 
grs_negate(f, n); inverse_walsh_gray(f, ldn); gray_permute(f, n); 


are both equivalent to the call walsh_wak(f, ldn). The function [FXT: grs_negate() in 
auxl/grsnegate.h changes signs for certain elements: 


template <typename Type> 
void grs_negate(Type +f, ulong n) 
// Negate elements at indices where the Golay-Rudin-Shapiro is negative. 


for (ulong k=0; k<n; ++k) 
if ( grs_negative_q(k) ) flk] = -fIkl; 
} 
The function grs negative_q() is described in section [1.15.5] on page 


It turns out that the Gray-variant only wins on machines where the memory clock speed is significantly 
lower than the CPU. While a call to walsh_gray() alone is never slower than the walsh_wak() routine 
the additional steps often cause too much overhead. 


22.5 Higher radix Walsh transforms 


A generator for short-length Walsh (wak) transforms is given as [FXT: fft/gen-walsh-demo.cc). It can 


create code for DIF and DIT transforms. For example, the code for the 4-point D ranstorms is 


template <typename Type> 
inline void 
short_walsh_wak_dif_4(Type *f) 
{ 

tO, ti, t2, t3; 


ttt rH 
NRONS 
ne] 
0) 


t3 
sumdiff( tO, t2 ); 
sumdiff( t1, t3 ); 
sumdiff( t0, ti ); 
sumdiff( t2, t3 ); 
f [0] tO; 

f [1] 
f [2] 
f [3] 


} 


To keep the code readable, we use the sumdiff() function from [FXT: |aux0/sumdiff.h): 


template <typename Type> 
static inline void sumdiff(Type &a, Type &b) 
// fa, b} <--| fatb, a-b} 


[fxtbook draft of 2008-January-19] 


438 Chapter 22: The Walsh transform and its relatives 


{ Type t=a-b; at=b; b=t; } 
We further need a variant that transforms elements which are not contiguous but lie apart by a distance s: 
template <typename Type> 


inline void 
short_walsh_wak_dif_4(Type *f, ulong s) 


. Type tO, ti, t2, t3; 
ulong x = 0; 
tO = f[x]; x t= 58; 
ti = fx]; x += 8; 
t2 = f[x]; x += 8; 
t3 = fix]; 
} 
sumdiff( t0, t2 ); 
sumdiff( ti, t3 ); 
sumdiff( t0, ti ); 
sumdiff( t2, t3 ); 
Hees x = 0; 
flx] = tO; x += 5s; 
flx] = ti; x += 5s; 
flx] = t2; x += 5s; 
f[x] = t3; 
} 

} 


The short DIF transforms are given in [FXT: |walsh/shortwalshwakdif.h, DIT variants in 
FXT: walsh/shortwalshwakdit.h. A radix-4 DIF transform using these ingredients is [FXT: 
walsh /walshwakd. hy: 


template <typename Type> 

void walsh_wak_dif4(Type *f, ulong ldn) 

// Transform wrt. to Walsh-Kronecker basis (wak-functions). 
// Radix-4 decimation in frequency (DIF) algorithm. 

// Self-inverse. 


const ulong n = (1UL<<ldn) ; 
if ( n<=2 ) 
{ 


if ( n==2 ) short_walsh_wak_dif_2(£); 
return; 


for (ulong ldm=ldn; ldm>3; 1dm-=2) 
{ 


ulong m = (1UL<<1ldm) ; 
ulong m4 = (m>>2); 
for (ulong r=0; r<n; r+=m) 


for (ulong j=0; j<m4; j++) short_walsh_wak_dif_4(f+jtr, m4); 


} 
} 


if (ldn&1) //n is not a power of 4, need a radix-8 step 


for (ulong i0=0; i0<n; i0+=8) short_walsh_wak_dif_8(f+i0) ; 
} 
else 

for (ulong i0=0; iO0<n; i0+=4) short_walsh_wak_dif_4(f+i0) ; 


} 
} 


With the implementation radix-8 DIF transform some care must be taken to choose the correct final step 
size [FXT: walsh/walshwak8.hi: 


template <typename Type> 

void walsh_wak_dif8(Type *f, ulong ldn) 

// Transform wrt. to Walsh-Kronecker basis (wak-functions). 
// Radix-8 decimation in frequency (DIF) algorithm. 

// Self-inverse. 


const ulong n = (1UL<<ldn) ; 


[fxtbook draft of 2008-January-19] 


22.5: Higher radix Walsh transforms 


. ( n<=4 ) 
switch (n ) 
{ 


case 4: short_walsh_wak_dif_4(f); break; 
case 2: short_walsh_wak_dif_2(f); break; 


return; 


} 


const ulong xx = 4; 

ulong ldm; 

for (ldm=ldn; ldm>xx; 1dm-=3) 
{ 


ulong m = (1UL<<1dm) ; 
ulong m8 = (m>>3); 
for (ulong r=0; r<n; r+=m) 


for (ulong j=0; j<m8; j++) short_walsh_wak_dif_8(f+j+tr, m8); 
} 
} 


oe ( ldm ) 


case 4: 
for (ulong i0=0; i0<n; i0+=16) short_walsh_wak_dif_16(f+i0) ; 
break; 

case 3: 
for (ulong i0=0; i0<n; i0+=8) short_walsh_wak_dif_8(f+i0) ; 
break; 

case 2: 
for (ulong i0=0; i0<n; i0+=4) short_walsh_wak_dif_4(f+i0) ; 
break; 


Performance 


439 


For the performance comparison we include a matrix variant of the Walsh transform [FXT: 


walsh/walshwakmatrix.h): 


template <typename Type> 
void walsh_wak_matrix(Type *f, ulong ldn) 


{ 
ulong ldc = (ldn>>1); 
ulong ldr = ldn-ldc; // ldr>=1dc 
ulong nc = (1UL<<ldc); 
ulong nr = (1UL<<ldr); // nrow >= ncol 
for (ulong r=0; r<nr; t++r) walsh_wak_dif4(f+r*nc, ldc); 
transpose2(f, nr, nc); 
for (ulong c=0; c<nc; ++c) walsh_wak_dif4(f+c*nr, ldr); 
transpose2(f, nc, nr); 
} 


The transposition routine is given in [FXT: aux2/transpose2.h. We only use even powers of two so the 


transposition is that of a square matrix. 


As for dyadic convolutions we do not need the data in a particular order so we also include a version of 


the matrix algorithm that omits the final transposition: 


template <typename Type> 
void walsh_wak_matrix_1(Type *f, ulong ldn, int is) 


{ 

ulong ldc = (ldn>>1); 

ulong ldr = ldn-ldc; // 1dr>=1dc 

if ( is<O ) swap2(ldr, ldc); // inverse 

ulong nc = (1UL<<ldc) ; 

ulong nr = (1UL<<ldr); // nrow >= ncol 

for (ulong r=0; r<nr; ++r) walsh_wak_dif4(f+r*nc, ldc); 

transpose2(f, nr, nc); 

for (ulong c=0; c<nc; ++c) walsh_wak_dif4(f+c*nr, ldr); 
} 


[fxtbook draft of 2008-January-19] 


440 Chapter 22: The Walsh transform and its relatives 


The following calls give (up to normalization) the mutually inverse transforms: 


walsh_wak_matrix_1(f, ldn, +1); 

walsh_wak_matrix_1(f, ldn, -1); 
We do not consider the range of transform lengths n < 128 where unrolled routines and the radix-4 
algorithm consistently win. Figure [22.5-A] shows a comparison of the routines given so far. There are 
clearly two regions to distinguish: firstly, the region were the transforms fit into the first-level data 
cache (which is 64 kilobyte, corresponding to 1ldn = 13). Secondly, the region where 1dn > 13 and the 
performance becomes more and more memory bound. 


In the first region the radix-4 routine is the fastest. The radix-8 routine comes close but, somewhat 
surprisingly, never wins. 


In the second region the matrix version is the best. However, for very large sizes its performance could 
be better. Note that with odd 1dn (not shown) its performance drops significantly due to the more 
expensive transposition operation. The transposition is clearly the bottleneck. One can use (machine 
specific) optimizations for the transposition to further improve the performance. 


In the next section we give an algorithm that avoids the transposition completely and consistently out- 
performs the matrix algorithm. 


22.6 Localized Walsh transforms 


A decimation in time (DIT) algorithm combines the two halves of the array, then the halves of the two 
halves, the halves of each quarter, and so on. With each step the whole array is accessed which leads to 
the performance drop as soon as the array does not fit into the cache. 


One can reorganize the algorithm as follows: combine the two halves of the array and postpone further 
processing of the upper half, then combine the halves of the lowers half and again postpone processing of 
its upper half. Repeat until size two is reached. Then use the algorithm at the postponed parts, starting 
with the smallest (last postponed). 


The scheme can be sketched for size 16, as follows: 


hhhhhhhhhhhhhhhh 

hhhhhhhh44444444 

hhhh333344444444 

hh22333344444444 
The letters ‘h’ denote places processed before any recursive call. The blocks of twos, threes and fours 
denote postponed blocks. The Walsh transform is thereby decomposed into a sequence of Haar transforms 
(see figure 23.6-A}on page [476). The algorithm described is most easily implemented via recursion: 


template <typename Type> 
void walsh_wak_loc_dit2(Type *f, ulong 1dn) 


{ 
if ( ldn<i) return; 
// Recursion: 
for (ulong ldm=1; ldm<ldn; ++ldm) walsh_wak_loc_dit2(f+(1UL<<ldm), 1dm) ; 
for (ulong ldm=1; ldm<=ldn; ++1ldm) 
{ 
const ulong m = (1UL<<ldm) ; 
const ulong mh = (m>>1); 
for (ulong t1=0, t2=mh; ti<mh; ++t1, ++t2) sumdiff(f[ti], f[t2]); 
} 
} 


Optimizations are obtained by avoiding recursions for small sizes. We use a radix-4 algorithm as soon as 
the transform size is smaller or equal to the cache size and we avoid recursion for tiny transforms: 


template <typename Type> 
void walsh_wak_loc_dit2(Type *f, ulong 1dn) 


[fxtbook draft of 2008-January-19] 


22.6: Localized Walsh transforms 441 


8 == ldn; MemSize == 2 kB == 256 doubles; rep == 976563 
walsh_wak_dif2(f,1ldn) ; dt= 2.49551 MB/s= 6114 rel= 1 
walsh_wak_dif4(f,1ldn) ; dt= 1.56806 MB/s= 9731 rel= 0.628352 * 
walsh_wak_dif8(f,1ldn) ; dt= 1.57419 MB/s= 9693 rel= 0.63081 
walsh_wak_matrix(f,ldn) ; dt= 2.28047 MB/s= 6691 rel= 0.91383 
walsh_wak_matrix_1(f,ldn,+1); dt= 1.94357 MB/s= 7851 rel= 0.778827 
walsh_gray(f,1dn) ; dt= 2.39791 MB/s= 6363 rel= 0.960888 
10 == ldn; MemSize == 8 kB == 1024 doubles; rep == 195313 
walsh_wak_dif2(f,1ldn) ; dt= 2.26683 MB/s= 6731 rel= 1 
walsh_wak_dif4(f,1ldn) ; dt= 1.47338 MB/s=10356 rel= 0.649977 * 
walsh_wak_dif8(f,1ldn) ; dt= 1.65262 MB/s= 9233 rel= 0.729044 
walsh_wak_matrix(f,ldn) ; dt= 1.91859 MB/s= 7953 rel= 0.846378 
walsh_wak_matrix_1(f,ldn,+1); dt= 1.69215 MB/s= 9017 rel= 0.746485 
walsh_gray(f,1dn) ; dt= 2.18454 MB/s= 6985 rel= 0.9637 
12 == ldn; MemSize == 32 kB == 4096 doubles; rep == 20345 
walsh_wak_dif2(f,1ldn) ; dt= 1.0884 MB/s= 7010 rel= A 
walsh_wak_dif4(f,1ldn) ; dt= 0.723136 MB/s=10550 rel= 0.664403 * 
walsh_wak_dif8(f,1ldn) ; dt= 0.790313 MB/s= 9654 rel= 0.726124 
walsh_wak_matrix(f,ldn) ; dt= 1.01233 MB/s= 7536 rel= 0.930112 
walsh_wak_matrix_1(f,ldn,+1); dt= 0.926387 MB/s= 8236 rel= 0.851146 
walsh_gray(f,1ldn) ; dt= 1.05364 MB/s= 7241 rel= 0.968062 
14 == ldn; MemSize == 128 kB == 16384 doubles; rep == 2180 
walsh_wak_dif2(f,1ldn) ; dt= 1.17042 MB/s= 3260 rel= iL 
walsh_wak_dif4(f,1ldn) ; dt= 1.14861 MB/s= 3321 rel= 0.981368 
walsh_wak_dif8(f,1ldn) ; dt= 1.08501 MB/s= 3516 rel= 0.927026 
walsh_wak_matrix(f,ldn) ; dt= 0.669182 MB/s= 5701 rel= 0.571747 
walsh_wak_matrix_1(f,ldn,+1); dt= 0.552063 MB/s= 6910 rel= 0.471681 * 
walsh_gray(f,1dn) ; dt= 1.00794 MB/s= 3785 = rel= 0.86118 
16 == ldn; MemSize == 512 kB == 65536 doubles; rep == 477 
walsh_wak_dif2(f,1ldn) ; dt= 1.40004 MB/s= 2726 rel= 1 
walsh_wak_dif4(f,1ldn) ; dt= 1.70347 MB/s= 2240 rel= 1.21673 
walsh_wak_dif8(f,1ldn) ; dt= 1.12997 MB/s= 3377 rel= 0.807095 
walsh_wak_matrix(f,ldn) ; dt= 0.801902 MB/s= 4759 rel= 0.572769 
walsh_wak_matrix_1(f,ldn,+1); dt= 0.628073 MB/s= 6076 rel= 0.448609 * 
walsh_gray(f,1dn) ; dt= 1.18693 MB/s= 3215 rel= 0.847779 
18 == ldn; MemSize == 2 MB == 256 K doubles; rep == 106 
walsh_wak_dif2(f,1ldn) ; dt= 2.61599 MB/s= 1459 rel= 1 
walsh_wak_dif4(f,1ldn) ; dt= 2.55153 MB/s= 1496 rel= 0.975359 
walsh_wak_dif8(f,1ldn) ; dt= 1.9791 MB/s= 1928 rel= 0.756538 
walsh_wak_matrix(f,ldn) ; dt= 1.77306 MB/s= 2152 rel= 0.677776 
walsh_wak_matrix_1(f,ldn,+1); dt= 1.14735 MB/s= 3326 rel= 0.438591 * 
walsh_gray(f,1dn) ; dt= 2.51539 MB/s= 1517 rel= 0.961545 
20 == ldn; MemSize == 8 MB == 1024 K doubles; rep == 24 
walsh_wak_dif2(f,1ldn) ; dt= 2.64158 MB/s= 1454 rel= L 
walsh_wak_dif4(f,1ldn) ; dt= 2.8532 MB/s= 1346 rel= 1.08011 
walsh_wak_dif8(f,1ldn) ; dt= 2.34867 MB/s= 1635 rel= 0.889113 
walsh_wak_matrix(f,ldn) ; dt= 1.88431 MB/s= 2038 rel= 0.713327 
walsh_wak_matrix_1(f,ldn,+1); dt= 1.21084 MB/s= 3171 rel= 0.458376 * 
walsh_gray(f,1dn) ; dt= 2.58747 MB/s= 1484 rel= 0.979514 
22 == ldn; MemSize == 32 MB == 4096 K doubles; rep == 
walsh_wak_dif2(f,1ldn) ; dt= 2.43537 MB/s= 1445 rel= Hl 
walsh_wak_dif4(f,1ldn) ; dt= 2.82337 MB/s= 1247 rel= 1.15932 
walsh_wak_dif8(f,1ldn) ; dt= 2.07422 MB/s= 1697 rel= 0.851708 
walsh_wak_matrix(f,ldn) ; dt= 1.99251 MB/s= 1767 rel= 0.818155 
walsh_wak_matrix_1(f,ldn,+1); dt= 1.22719 MB/s= 2868 rel= 0.503901 * 
walsh_gray(f,1dn) ; dt= 2.38611 MB/s= 1475 rel= 0.979776 
24 == ldn; MemSize == 128 MB == 16384 K doubles; rep == 1 
walsh_wak_dif2(f,1ldn) ; dt= 2.10939 MB/s= 1456 rel= ul 
walsh_wak_dif4(f,1ldn) ; dt= 2.61517 MB/s= 1175 rel= 1.23977 
walsh_wak_dif8(f,1ldn) ; dt= 2.11508 MB/s= 1452 rel= 1.0027 
walsh_wak_matrix(f,ldn) ; dt= 2.16597 MB/s= 1418 rel= 1.02683 
walsh_wak_matrix_1(f,ldn,+1); dt= 1.28349 MB/s= 2393 rel= 0.608466 * 
walsh_gray(f,1dn) ; dt= 2.04744 MB/s= 1500 rel= 0.970635 


Figure 22.5-A: Relative speed of different implementations of the Walsh (wak) transform. The trans- 
forms were run ‘rep’ times for each measurement, the quantity ‘dt’ gives the elapsed time for rep 
transforms of the given type. The quantity ‘MB/s’ gives the memory transfer rate as if a radix-2 algo- 
rithm was used, it equals ‘Memsize’ times ‘ldn’ divided by the time elapsed for a single transform. The 
‘rel’ gives the performance relative to the radix-2 version, smaller values mean better performance. 


[fxtbook draft of 2008-January-19] 


442 Chapter 22: The Walsh transform and its relatives 


{ 
if ( ldn<=13 ) // parameter: (2**13)*sizeof (Type) <= Li-cache 
{ 
walsh_wak_dif4(f,ldn); // note: DIF version, result is the same 
return; 
} 
// Recursion: 
short_walsh_wak_dit_2(f+2); // ldm== 
short_walsh_wak_dit_4(f+4); // ldm==2 
short_walsh_wak_dit_8(f+8); // ldm==3 
short_walsh_wak_dit_16(£+16); // ldm== 
for (ulong ldm=5; ldm<ldn; ++ldm) walsh_wak_loc_dit2(f+(1UL<<ldm), ldm); 
for (ulong ldm=1; ldm<=ldn; ++1ldm) 
{ 
const ulong m = (1UL<<ldm) ; 
const ulong mh = (m>>1); 
for (ulong t1=0, t2=mh; ti<mh; ++t1, ++t2) sumdiff(f[t1], f[t2]); 
} 
} 


The routine is given in [FXT:|walsh/walshwakloc2.h|. A decimation in frequency (DIF) version is obtained 


by reversion of the steps: 


template <typename Type> 
void walsh_wak_loc_dif2(Type *f, ulong 1dn) 


if ( ldn<=13 ) // parameter: (2**13)*sizeof (Type) <= Li-cache 


{ 
walsh_wak_dif4(f,1ldn) ; 
return; 


} 
for (ulong ldm=ldn; ldm>=1; --1ldm) 
a 

const ulong m = (1UL<<ldm) ; 


const ulong mh = (m>>1); 
for (ulong t1i=0, t2=mh; ti<mh; ++t1, ++t2) 


{ 
Type u = f[ti]; 
Type v = f[t2]; 
f[ti] =u+yv; 
; f£[t2] =u-v; 


} 


// Recursion: 

short_walsh_wak_dif_2(f+2); // ldm== 

short_walsh_wak_dif_4(f+4); // ldm==2 

short_walsh_wak_dif_8(f+8); // ldm==3 

short_walsh_wak_dif_16(£+16); // ldm== 

for (ulong ldm=5; ldm<ldn; ++ldm) walsh_wak_loc_dif2(f+(1UL<<ldm), 1dm); 
} 


The double loop in the algorithm is a reversed Haar transform, see chapter [23] on page The double 


loop in the DIF algorithm is a transposed reversed Haar transform. The (generated) short-length trans- 
forms are given in the files [FXT: |walsh/shortwalshwakdif.h| and [FXT: walsh/shortwalshwakdit.h). For 
example, the length-8, decimation in frequency routine is 


template <typename Type> 
inline void 
short_walsh_wak_dif_8(Type *f) 


{ 

Type tO, ti, t2, t3, t4, t5, t6, t7; 

to = £[0]; ti = £[1]; t2 = £[2]; t3 = £[3]; 

t4 = £[4]; t5 = £(5]; té6 = £[6]; t7 = £17]; 

sumdiff( tO, t4 ); sumdiff( t1, t5 ); sumdiff( t2, t6 ); sumdiff( t3, t7 ); 
sumdiff( tO, t2 ); sumdiff( t1, t3 ); sumdiff( t4, t6 ); sumdiff( t5, t7 ); 
sumdiff( tO, t1 ); sumdiff( t2, t3 ); sumdiff( t4, t5 ); sumdiff( t6, t7 ); 
f[0] = to; £[1] ti; £[2] t2; £(3] = t3; 
£[4] = t4; £[5] t5; £[6] t6; £[7] = t7; 
} 


The used strategy leads to a very favorable memory access pattern that results in excellent performance 
for large transforms. Figure shows a comparison between the localized transforms and the matrix 


[fxtbook draft of 2008-January-19] 


22.6: Localized Walsh transforms 


443 


14 == ldn; MemSize == 128 kB == 16384 doubles; 
walsh_wak_matrix(f,ldn) ; dt= 0.672327 
walsh_wak_matrix_1(f,ldn,+1); dt= 0.555851 
walsh_wak_loc_dit2(f,1dn) ; dt= 0.498558 
walsh_wak_loc_dif2(f,1dn) ; dt= 0.533746 

16 == ldn; MemSize == 512 kB == 65536 doubles; 
walsh_wak_matrix(f,ldn) ; dt= 0.919579 
walsh_wak_matrix_1(f,ldn,+1); dt= 0.692488 
walsh_wak_loc “dita(£, ldn) ; dt= 0.653256 
walsh_wak_loc_dif2(f,1dn) ; dt= 0.670104 

18 == ldn; MemSize == 2 MB == 256 K doubles; 
walsh_wak_matrix(f,ldn) ; dt= 2.2111 
walsh_wak_matrix_1(f,ldn,+1); dt= 1.36827 
walsh_wak_loc “ait2(f, ldn) ; dt= 0.938006 
walsh_wak_loc_dif2(f,1ldn) ; dt= 0.927804 

20 == ldn; MemSize == 8 MB == 1024 K doubles; 
walsh_wak_matrix(f,ldn) ; dt= 2.31178 
walsh_wak_matrix_1(f,ldn,+1); dt= 1.42614 
walsh_wak_loc_dit2(f,1ldn) ; dt= 1.11847 
walsh_wak_loc_dif2(f,1dn) ; dt= 1.11142 
22 == ldn; MemSize == 32 MB == 4096 K doubles; 

walsh_wak_matrix(f,ldn) ; dt= 2.00573 
walsh_wak_matrix_1(f,ldn,+1); dt= 1.23695 
walsh_wak_loc “aita(t, ldn) ; dt= 1.16461 
walsh_wak_loc_dif2(f,1dn) ; dt= 1.16164 
24 == ldn; MemSize == 128 MB == 16384 K doubles; 
walsh_wak_matrix(f,ldn) ; dt= 2.16536 
walsh_wak_matrix_1(f,ldn,+1); dt= 1.28455 
walsh_wak_loc_dit2(f,1ldn) ; dt= 1.10769 
walsh_wak_loc_dif2(f,1dn) ; dt= 1.10601 


rep == 2180 
MB/s= 5674 
MB/s= 6863 
MB/s= 7652 
MB/s= 7148 


rep == 477 
MB/s= 4150 
MB/s= 5511 
MB/s= 5842 
MB/s= 5695 


rep == 106 
MB/s= 1726 
MB/s= 2789 
MB/s= 4068 
MB/s= 4113 


rep == 24 
MB/s= 1661 
MB/s= 2693 
MB/s= 3433 
MB/s= 3455 


rep 
MB/s= 1755 
MB/s= 2846 
MB/s= 3022 
MB/s= 3030 
rep == 1 
MB/s= 1419 
MB/s= 2392 
MB/s= 2773 
MB/s= 2778 


leoexo) ooo eooxeo) ooo ooo 


o0°O 


1 


. 826756 
- 741541 
. 793878 


1 


. 753049 
. 710386 
. 728707 


1 


618819 
424225 
-419611 


1 


-616901 
- 483811 
- 480765 


1 


-616707 
. 580644 
579162 


1 


- 593226 
-511552 
-510775 


* 


Figure 22.6-A: Speed comparison between localized and matrix algorithms for the Walsh transform. 


algorithm. Small sizes are omitted because the localized algorithm has the very same speed as the radix- 
4 algorithm it falls back to. The localized algorithms are the clear winners, even against the matrix 
algorithm with only one transposition. For very large transforms the decimation in frequency version is 
very slightly faster. This is due to the fact that it starts with smaller chunks of data so more of the data 


is in cache when the larger sub-arrays are accessed. 


The localized algorithm can easily be implemented for transforms where a radix-2 step is known. Sec- 
tion on page gives the fast Hartley transform variant of the localized algorithm. 


One can develop similar routines with higher radix. However, a radix-4 version was found to be slower 
than the given routines. A certain speedup can be achieved by unrolling and prefetching. We use the 
C-type double whose size is 8 bytes. Substitute the double loop in the DIF version (that is, the Haar 


transform) by 


// machine specific prefetch instruction: 


#define PREF(p,o) 


ulong 1dm; 


for (ldm=ldn; ldm>=6; 
{ 


const ulong m 


const ulong mh = 


PREF (f, 0); 

PREF (f, 64); 
PREF (f, 128); 
PREF (f, 192); 


for (ulong t1= 


double *p 
PREF (p1, 


double ud 
double ul 
double u2 
double u3 


--1ldm) 


= (1UL<<1ldm) ; 


(m>>1) ; 


PREF (f+mh, 0); 
PREF (f+mh, 64); 


PREF (f+mh, 128); 
PREF (f+mh, 192); 

0, t2=mh; ti<mh; t1+=8, 
1=f£+ tl, *p2 =f + t2; 
256); PREF(p2, 256); 

= f[t1+0], vO = f[t2+0]; 

= f[tit+1], vi = f[t2+1]; 

= £[t1+2], v2 = f£[t2+2]; 
= £[t1+3], v3 = £[t2+3]; 


asm volatile ("prefetchw " #0 "(%0) " 


t2+=8) 


Wy (p) ) 


[fxtbook draft of 2008-January-19] 


444 Chapter 22: The Walsh transform and its relatives 


sumdiff(u0, vO); £[t1+0] = ud; £[t2+0] = vo; 
sumdiff(ul, vi); £[ti+1] = ui; £[t2t+1] = vi; 
sumdiff(u2, v2); £[t1+2] = u2; £[t2+2] = v2; 
sumdiff(u3, v3); £[t1+3] = u3; £[t2+3] = v3; 
double u4 = f[ti+4], v4 = £[t2+4]; 
double u5 = f[tit+5], v5 = £[t2+5]; 
double u6 = f[ti+6], v6 = £[t2+6]; 
double u7 = f[ti+7], v7 = f£[t2+7]; 
sumdiff(u4, v4); £[t1+4] = u4; £[t2+4] = v4; 
sumdiff(u5, v5); £[t1+5] = u5; £[t2+5] = v5; 
sumdiff(u6, v6); £[t1+6] = u6; £[t2+6] = v6; 
sumdiff(u7, v7); £[t1+7] = u7; £[t2+7] = v7; 


} 
} 


for ( ; ldm>=1; --1ldm) 
{ 
const ulong m = (1UL<<ldm) ; 


const ulong mh = (m>>1); 
for (ulong t1=0, t2=mh; ti<mh; ++ti, ++t2) sumdiff(f[t1], f[t2]); 


} 
The following list gives the speed ratio between the optimized and the unoptimized DIF routine: 

14 == ldn; MemSize == 128 kB; ratio = 1.24252 
16 == ldn; MemSize == 512 kB; ratio = 1.43568 
18 == ldn; MemSize == 2 MB; ratio = 1.23875 
20 == ldn; MemSize == 8 MB; ratio = 1.21012 
22 == ldn; MemSize == 32 MB; ratio = 1.19939 
24 == ldn; MemSize == 128 MB; ratio = 1.18245 


For sizes that are out of (level-2) cache most of the speedup is due to the memory prefetch. 


Iterative versions of the algorithms 


DIF IF DIT I 
start length start length 
widest Saas eee aS tks Rota orbs 
a0 eke eae Be noord. eee ke 
scncliiee Been eee nega oot, Soke 
Berg) be snatecoed steed fetal 
St eee ecaleee .. i411. paceeere ee 
ae ale fants de ables eee re 
Bere ol eee niaseokdes pare eee peeled: 
oath. ecayas ies silo g ata 
ay ee ope sp heeece tad. eee 
wdiecadLs ete de ps se ee a ites 
-i.1.. ee a 2d pees 
-1.,11. ree -1141. pits au 
i ba rere bod seat gl TL. aa atk: 
-11.1. asd -11... Baa pe 
-14i1.. ne hier chs 
-1411. CE see 1 eee 


Figure 22.6-B: Binary values of the start index and length of the Haar transforms in the iterative 
version of the localized DIF (left) and DIT (right) transform. Dots are used for zeros. 


In the DIF algorithm the Haar transforms are executed at positions f +2, f+4, f+6,...and the length 
of the transform at position f + s is determined by the lowest set bit in s. Additionally, a full-length 
Haar transform has to be done at the beginning. As C++ code: 


template <typename Type> 
inline void haar_dif2(Type *f, ulong n) 


for (ulong m=n; m>=2; m>>=1) 


const ulong mh = (m>>1); 
for (ulong t1=0, t2=mh; ti<mh; ++t1, ++t2) sumdiff(f[ti], f[t2]); 
} 
} 


template <typename Type> 
void loc_dif2(Type *f, ulong n) 


[fxtbook draft of 2008-January-19] 


22.7: Dyadic (XOR) convolution 445 


haar_dif2(f, n); 
for (ulong z=2; z<n; zt+=2) haar_dif2(ft+z, (z&-z)); 
} 


Note that the routines now take the length of the transform as second argument, not its base-2 logarithm. 
With the DIT algorithm matters are slightly more complicated. A pattern can be observed by printing 
the binary expansions of the starting position and length of the transforms shown in figure22.6-B] (created 
with IFT: /locrr-demo.ce The lengths are again determined by the lowest bit of the start position. 
And we have also seen the pattern in the left column: the reversed binary words in reversed (subset-) 
lexicographic order, see figure [I.27-A]on page The implementation is quite concise: 


template <typename Type> 
inline void haar_dit2(Type *f, ulong n) 


{ 
for (ulong m=1; m<=n; m<<=1) 
{ 
const ulong mh = (m>>1); 
for (ulong t1=0, t2=mh; ti<mh; ++t1, ++t2) sumdiff(f[t1], f[t2]); 
} 
} 


template <typename Type> 
void loc_dit2(Type f, ulong n) 


{ 
for (ulong z=2, u=1; z<n; z+=2) 
ulong s = u<<1; 
haar_dit2(ft+ts, (s&-s)); 
u = prev_lexrev(u) ; 
} 
haar_dit2(f, n); 
} 


The routines are slightly slower than the recursive version because they do not fall back to the full Walsh 
transforms when the transform size is small. 


The DIT scheme is a somewhat surprising application of the seemingly esoteric routine [FXT: 


prev_lexrev() in bits/bitlex.h|. Plus we have found a recursive algorithm for the generation of the 
binary words in (subset-) lexicographic order [FXT: bits/bitlex-rec-demo.cc!): 


void bitlex_b(ulong f, ulong n) 


for (ulong m=1; m<n; m<<=1) bitlex_b(ft+m, m); 
print_bin(" ", f, ldn); 


22.7 Dyadic (XOR) convolution 


Dyadic convolution has XOR where the usual one has plus 


The dyadic convolution of the sequences a and b is the sequence h defined by 


ye = Say; (22.7-1a) 
t1OjJ=T 
= Soaidier (22.7-1b) 


where the symbol ‘@’ stands for bit-wise XOR operator. All three sequence must be of the same length 
that is a power of 2. The dyadic convolution could rightfully be called XOR-convolution. 


The semi-symbolic scheme of the convolution is shown in figure The table is equivalent to the 
one (for cyclic convolution) given in figure]21.1-A]on page The dyadic convolution can be used for 
the multiplication of hypercomplex numbers as shown in section |37.16]on page 


[fxtbook draft of 2008-January-19] 


446 Chapter 22: The Walsh transform and its relatives 


1 012 3 4 5 6 7 8 910 11 12 13 14 15 
0: 012 3 4 5 6 7 8 910 11 12 13 14 15 
1s 103 2 5 4 7 6 9 81110 13 12 15 14 
2: 2 3 0 1 6 7 4 5 1011 8 9 14 15 12 13 
3: 3.2 10 7 6 5 4 1110 9 8 15 14 13 12 
4: 45 6 7 0 1 2 3 12131415 8 9 10 11 
5: 5 4 7 6 1 0 3 2 13121514 9 8 11 10 
6: 6 7 4 5 2 3 0 1 14151213 1011 8 9 
ue 7 6 5 4 3 2 1 0 15 141312 1110 9 8 
8: 8 91011 12131415 012 3 4 5 6 7 
9: 9 81110 13 12 15 14 103 2 5 4 7 6 
10: 1011 8 9 14151213 2 3 0 1 6 7 4 5 
11: 1110 9 8 15141312 3 2 10 7 6 5 4 
12: 12 1415 8 91011 45 6 7 0 1 2 3 
13: 1312 1514 9 81110 5 4 7 6 1 0 3 2 
14: 14151213 1011 89 6 745 23 0 1 
15: 165 141312 1110 9 8 7 6 5 4 3 2 1 0 


Figure 22.7-A: Semi-symbolic scheme for the dyadic convolution of two length-16 sequences. 


A fast algorithm for the computation of the dyadic convolution uses the Walsh transform [FXT: 


dyadic_convolution() in|walsh/dyadiccnvl.hi: 


template <typename Type> 

void dyadic_convolution(Type * restrict f, Type * restrict g, ulong ldn) 
// Dyadic convolution (XOR-convolution): h[] of f[] and g[]: 

// bik] = sum( i XOR j == k, flil*g[k] ) 

// Result is written to g[]. 

// 1dn := base-2 logarithm of the array length 


{ 

walsh_wak(f, ldn); 

walsh_wak(g, ldn); 

const ulong n = (1UL<<ldn) ; 

for (ulong k=0; k<n; ++k) glk] *= f[kl]; 

walsh_wak(g, ldn); 

} 

ia 012 3 4 5 6 7 8 91011 12 13 14 15 
QO: 012 83 4 5 6 7 8 91011 12 13 14 15 
1: 1 0 3 2 5 4 7 6 9 81110 13 12 15 14 
2: 23 01 6 7 4 5 1011 8 9 14 15 12 13 
3: 3 2 1 0 7 6 5 4 1110 9 8 15 14 13 12 
4: 4 5 6 7 Oo 1 2 3 #12 13 14 15 8 9 10 11 
5: 5 4 7 6 10 3 2 13 12 15 14 9 8 11 10 
6: 6 7 4 5 2 3 0 1 14151213 1011 8 9 
7: 7 6 5 4 3 2 1 0 15141312 1110 9 8 
8: 8 91011 12 13 14 15 O- 1- 2- 3- 4- 5- 6- 7- 
9: 9 81110 13 12 15 14 1- O0O- 3- 2- 5- 4- 7- 6- 
10: 1011 8 9 14 15 12 13 2- 3- 0O- 1- 6- 7- 4- 5- 
141: 1110 9 8 15 14 13 12 3- 2- 1- O- 7- 6- 5- 4- 
12: 12 13 14 15 8 9 10 11 4- 5- 6- 7- O- 1i- 2- 3- 
13: 13 12 15 14 9 8 11 10 5- 4- 7- 6- 1- 0- 3- 2- 
14: 14151213 1011 8 9 6- 7- 4- 5- 2- 3- O- 1- 
15: 15141312 1110 9 8 7- 6- 5- 4- 3- 2- 1- 0O- 


Figure 22.7-B: Semi-symbolic scheme for the dyadic equivalent of the negacyclic convolution. Negative 
contributions to a bucket have a minus appended. 


An scheme similar to that of the negacyclic convolution is shown in figure|22.7-B} It can be obtained via 


walsh_wal_dif2_core(f, ldn); 

walsh_wal_dif2_core(g, ldn); 

ulong n = (1UL<<1ldn) ; 

for (ulong i=0,j=n-1; i<j; --j,+ti) fht_mul(f[il, f[jl]l, glil, glj], 0.5); 
walsh_wal_dit2_core(g, ldn); 


where fht_mul() is the operation used for the convolution with fast Hartley transforms [FXT: 


[fxtbook draft of 2008-January-19] 


22.8: The Walsh transform: Walsh-Paley basis 


tion/fhtmulsqr.h!: 


template <typename Type> 

static inline void 

fht_mul(Type xi, Type xj, Type &yi, Type &yj, double v) 
// yi <-- ve( Qexi*xj + xi*xi - xj*xj ) 

// yj <-- v*( Qexi*xj - xi*xi + xj*xj ) 


Type hip = xi, him = xj; 

Type si = hip + him, di = hip - him; 
Type h2p = yi, h2m = yj; 

yi = (h2p * si + h2m * di) * v; 

yj = (h2m * si - h2p * di) * v; 


22.8 The Walsh transform: Walsh-Paley basis 


447 


O: [* * * * * eK * * * Ok Ok KOK KK OK OK OK OK KR KK OK OK OK OK OK OK 
1: [ * * RK KK ROK KOK OK OK OK OK OK 

2: [ * * * ek KK * * OK OK OK OK OK OK OK 

3: [ * * * ke KK * * Ok * OK OK OK Ok 
4: [* * * * * OK OK OK * OK OK OK * Ok * 

5: [ * * * x * * Ok * Ok OK OK * Ok * 
6: [ * * * * * OK OK OK OK OK OK OK * Ok * 
7: [*# * * * * OK OK KOK OK OK KK OK OK 

8: [ * * * x * * x * x * x * Ox * * 
9: [ * * * x * * x * x * x * * 
10: [ * * * Ok * OK * ok OK * * * * 
141: [ * * * Ok * OK * OK * Ok * * OK OK * OK 
12: [ * * * * * * * OK OK * * * 
13: [ * * * * * * Ok * OK * * * * 
14: [ * * * * ok O* * * * * OK OK 
15: [ * * * Ox * Ok Ok x OK OK OK * Ox * 
16: [ * * * * * * * * * * * * * * * 
17: [— * * * * * * * * * * * * * * * * 
18: [ * * * * * * * * * * * * * * * 
19: [ * * * * * * * * * * * * * * 
20: [ * * * * Ok * * * * * * * 
21: [ * * * * Ok * * * * * * * * 

22: [ * * * * * * OK * * * * * * * 

23: [ * * * * * Ok * * * * * * * * 
24: [ x * * Ok * OK * * * * * 
25: [ * * Ok * x * x * * Ok * x * x * x 
26: [ * * * * * * * * * * 
27: [ * * * * * * * * * * 
28: [ * * * * * * * * * Ok * * * 
29: [ x * * * * * * * * * * * * 
30: [ x * * * * * * Ok * * * 
31: [ * * * Ok * * * * * * * * Ox 


J 
] 
J 
] 
] 
] 
] 
] 
] 
] 
] 
] 
] 
] 
] 
] 
] 
] 
] 
] 
] 
] 
] 
] 
] 
] 
] 
] 
] 
] 
] 
] 


Figure 22.8-A: Basis functions for the Walsh transform (Walsh-Paley basis). Asterisks denote the 


value +1, blank entries denote —1. 


A Walsh transform with a different (ordering of the) basis can be obtained by [FXT: walsh/walshpal.h): 


template <typename Type> 
void walsh_pal(Type *f, ulong ldn) 


const ulong n = 1UL<<ldn; 
revbin_permute(f, n); 
walsh_wak(f, ldn); 


// 

// walsh_wak(£, ldn); 

// revbin_permute(f, n); 
} 


[fxtbook draft of 2008-January-19] 


448 Chapter 22: The Walsh transform and its relatives 


The basis functions are shown in figure]22.8-A} Actually one can also apply the revbin permutation before 
the transform. That is, 


W, = W,R = RW, (22.8-1) 

One has for W, 
W, = GW,G =G'W,G" (22.8-2) 
= J2W,o =2° WZ (22.8-3) 


where Z denotes the zip permutation (see section [2.5]on page [93) and G denotes the Gray permutation 
(see section [2.8] on page (97). 


A function that computes the k-th base function of the transform is [FXT: walsh_pal_basefunc() in 


walsh/walshbasefunc.h): 


template <typename Type> 
void walsh_pal_basefunc(Type *f, ulong n, ulong k) 
{ 
k = revbin(k, ld(n)); 
for (ulong i=0; i<n; ++i) 
ulong x =i & k; 
x = parity(x); 
fli] = ( O==x 7? +1: -1~); 


22.9 Sequency ordered Walsh transforms 


The term corresponding to the frequency of the Fourier basis functions is the so-called sequency of the 
Walsh functions, the number of the changes of sign of the individual functions. Note that the sequency 
of a signal with frequency f usually is 2 f. 


If the basis functions shall be ordered by their sequency one can use 


const ulong n = (1UL<<ldn) ; 
walsh_wak(f, ldn); 
revbin_permute(f, n); 
inverse_gray_permute(f, n); 


That is 
Ww = G'RW, = WRG (22.9-1) 


A function that computes the k-th base function of the transform is [FXT: walsh_wal_basefunc() in 


walsh/walshbasefunc.h): 


template <typename Type> 
void walsh_wal_basefunc(Type *f, ulong n, ulong k) 


{ 
k = revbin(k, 1ld(n)+1); 
k = gray_code(k) ; 
// // ="= 
// k = revbin(k, ld(n)); 
// k = rev_gray_code(k) ; 
for (ulong i=0; i<n; ++i) 
a ulong x =i & k; 
x = parity(x); 
f[i] = ( O==x 7? +1: -1); 
} 
} 


A version of the transform that avoids the Gray permutation is based on [FXT: walsh/walshwal.h 


[fxtbook draft of 2008-January-19] 


22.9: Sequency ordered Walsh transforms 449 


O: [* * * * * * KK * x OK OK KOK KOK KOK KOK KKK KOK KOK KK JT (CO) 
14: De * eK KOK KOK KOK KK KOK KK J] ¢ 1) 
2: [* * * * * KK * x eK K KK KK ] C 2) 
3: [ * * * * * KOK * x OK KOK OK J] ¢€ 3) 
4: [* * * * x OK OK KOK * * * * & |] ( 4) 
5: [ * * * * * * * OK OK KK OK OK OK J] ¢€ 5) 
6: [ * * * * * OK OK OK * OK * *x* *k * & |] ( 6) 
7: [Le * * * * Ox * * Ox xe KOK ] € 7) 
8: [ * * * OK KOK * Ok O* x OK OK OK * * ] ( 8) 
9: [* * * OK KOK * xO OK OK x OK OK OK 1 ¢€ 9) 
10: [ * * * Ok x OK OK xk OK OK * Ok * * ] (10) 
141: [ * * * OK * Ok * Ox * Ox * OK OK OK J Ct 2) 
12: [ * * * Ox * Ok * Ox * Ok * * * ] (12) 
13: [ * * * Ox * Ok * * Ox x OKO * Ox J (13) 
14: [ * * * Ox * * * Ox * Ox * Ox * * ] (14) 
15: [ * * * Ox * * Ox * Ox * x * Ok * Ox J (15) 
16: [ * * Ok * Ox * Ox * Ox * x * Ox * OK * |] (16) 
17: [ * * Ok * Ox * Ox * * * * Ox * x J (17) 
18: [ * * OK * * Ox * Ok * * * * Ox * |] (18) 
19: [ * * Ok * * Ok * * Ox * * * Ox J (19) 
20: [ * * * Ox * Ox * Ox * * Ox * * * J] (20) 
21: [ * * * Ox * Ox * * * * * Ox * * Ox J (21) 
22: [ * * * Ox * * * * Ok * * * Ox * * J] (22) 
23: [ * * * Ox * * * * * * Ox * * * Ox J (23) 
24: [ * * * * Ox * * * Ox * * * Ox * * * |] (24) 
25: [ * * * * Ox * * * * * x * * * Ok * J (25) 
26: [ * * * * * * Ox * x * * * * * |] (26) 
27: [ * * * * * * Ox * * * * * * Ok * J] (27) 
28: [ * * * * * * * Ox * * * * * * * |] (28) 
29: [ * * * * * * * * * * * Ox * * * J (29) 
30: [ * * * * * * * * * * * * * * J] (30) 
31: [ * * * * * * * * * * * * * * * J (31) 


Figure 22.9-A: Basis functions for the sequency-ordered Walsh transform (Walsh-Kacmarz basis). As- 
terisks denote the value +1, blank entries denote —1. 


template <typename Type> 

void walsh_wal_dif2_core(Type *f, ulong ldn) 

// Core routine for sequency ordered Walsh transform. 
// Radix-2 decimation in frequency (DIF) algorithm. 


{ 
const ulong n = (1UL<<1dn) ; 


for (ulong ldm=ldn; ldm>=2; --1dm) 
{ 


const ulong m = (1UL<<ldm) ; 
const ulong mh = (m>>1); 
const ulong m4 = (mh>>1); 
for (ulong r=0; r<n; r+=m) 


ulong j; 

for (j=0; j<m4; ++j) 

‘ ulong ti = rt+j; 
ulong t2 = ti+mh; 
double u = f[ti]; 
double v = f[t2]; 
f[ti] =u+yv; 
f£[t2] =u -v; 

} 

for ( ; j<mh; ++j) 

f ulong ti = rt+j; 
ulong t2 = tit+mh; 
double u = f[ti]; 
double v = f[t2]; 
f[ti] =u+y; 
f[t2] =v-u; // reversed 


[fxtbook draft of 2008-January-19] 


450 Chapter 22: The Walsh transform and its relatives 


} 
} 
} 
- ( ldn ) 
// ulong 1dm=1; 
const ulong m = 2; //(1UL<<ldm) ; 
const ulong mh = 1; //(m>>1); 
for (ulong r=0; r<n; r+=m) 
ulong j = 0; 
// for (ulong j=0; j<mh; ++j) 
. ulong ti = r+j; 
ulong t2 = ti+mh; 
double u = f[ti]; 
double v = f[t2]; 
f[ti] =u+y; 
£[t2] =u - Vv; 
} 
} 
} 


} 

The transform still needs the revbin permutation: 
template <typename Type> 

inline void walsh_wal(Type *f, ulong 1dn) 


revbin_permute(f, (1UL<<ldn)); 
walsh_wal_dif2_core(f, ldn); 


// 

// walsh_wal_dit2_core(f, ldn); 
// revbin_permute(f, (1UL<<ldn)); 
} 


A decimation in time (DIT) version of the core-routine is also given in [FXT: |walsh/walshwal.h}. The 


procedure gray_permute() is given in section 2-8)on page 
The sequence of statements 


walsh_gray(f, ldn); grs_negate(f, n); revbin_permute(f, n); 


is equivalent to walsh_wal(f, 1ldn) and might be faster for large arrays. We have 


Wa = BOW, = WwW, RO (22.9-2) 


22.9.1 Even/odd ordering of sequencies 


An alternative ordering of the base functions (first even sequencies ascending then odd sequencies descend- 
ing [FXT: walsh_wal_rev() in|walsh/walshwalrev.h ) can be obtained by either of (with n=1UL<<1dn) 

revbin_permute(f, n); 

gray_permute(f, n); 

walsh_wak(f,1dn) ; 

walsh_wak(f,1dn) ; 

inverse_gray_permute(f, n); 

revbin_permute(f, n); 


zip_rev(f, n); 
walsh_wal(f, ldn); 


walsh_wal(f, 1ldn); 
unzip_rev(f, n); 
walsh_wak(f, 1ldn); 
inverse_gray_permute(f, n); 
revbin_permute(f, n); 


revbin_permute(f, n); 
walsh_gray(f, ldn); 
grs_negate(f, n); 


[fxtbook draft of 2008-January-19] 


22.9: Sequency ordered Walsh transforms 


O: [* * * * * * Ok 
14: [xe * * * KOK K * 
2: [* * * * 

3: [ * * * * 

4: [ * * * Ok 
5: [ * * * OK 
6: [ * * * 

7: ~* * * 

8: [ * * OK * 
9: [ * * x * 
10: [ * * * x 
11: [ * * * Ox 
12: [ * * * * 
13: [ * * * * 
14: [ * * * * 
15: [— * * * * 
16: [ * * * * 
17: [— * * * * 
18: [ * * * * 
19: [ * * * * 
20: [ * * * Ox 
21: [ * * * Ox 
22: [ * * Ox * 
23: [ * * Ox * 
24: [ * * * 

25: [ * * * 

26: [ * * * OK 
27: [ * * * OK 
28: [ * * * * 

29: [* * * * 

30: [* * * * * * * * 
31: [* * * * * kk * 


* OK KK KK OK OK 
* OK OK OK 
* * OK 
* * OK 
x Kk OK OK 
* O* * OK 
* OK * OK 
* * OK * 
* * OK 
* * * 
* * * O* 
* * * 
* OK * 
* * * * 
* * * * 
* * * * 
* * * 


* OK KK KK OK OK 


451 
eK KOK KK KOK KOK K KK KK KT CO) 
x eK K KK KK ] C2) 
x OK KOK * *k * & |] ( 4) 
* x * *x* * * * |] ( 6) 
* Ox * OK O* * * ] ( 8) 
* OK OK OK * Ok * * ] (10) 
* Ox * Ox * * * ] (12) 
* Ox * x * * * ] (14) 
* * Ox * Ox * Ok * |] (16) 
* Ok * * * Ok * |] (18) 
* * * * Ox * * J] (20) 
* Ox * * * Ox * * J] (22) 
* * * Ox * * * |] (24) 
* * Ox * * * * * J] (26) 
* * * * * * * * J] (28) 
* * * * * * * ] (30) 
* * * * * * * J (31) 
* * * * Ox * * J (29) 
* * * * * * Ok * J (27) 
* * Ox * * Ok * J (25) 
* * * * * * x J (23) 
* Ox * * Ox * * Ox J (21) 
* * Ox * * * Ox J (19) 
* * Ox * * Ox J. C17) 
* * Ox * Ok * Ox J (15) 
* Ox x OK OK OK * Ox J (13) 
* Ox * Ox * OK OK OK J (11) 
x OK OK x OK OK OK 1 € 9) 
* OK OK OK * OK OK OK 1 ¢€ 7) 
* * OK OK KOK J] € 5) 
x OK OK KOK * J] € 3) 
] (14) 


Figure 22.9-B: Basis functions for the reversed sequency ordered Walsh transform. Asterisks denote 
the value +1, blank entries denote —1. 


That is, 


=| 
g 
| 


W.GR = RG '‘W, (22.9-3) 
Wee 2 WW, (22.9-4) 
QW,R (22.9-5) 


However, an implementation that is more efficient uses the core-routines that have the Gray permutation 


‘absorbed’ [FXT: walsh_wal_rev() in walsh/walshwalrev.h|: 


template <typename Type> 


inline void walsh_wal_rev(Type *f, ulong ldn) 


{ 
revbin_permute(f, (1UL<<ldn)); 
walsh_wal_dit2_core(f, ldn); 
// == 

// walsh_wal_dif2_core(f, ldn); 

// revbin_permute(f, n); 

} 


This implementation uses the fact that 


Wy = RW.R (22.9-6) 


Sometimes one can do still better, using the following sequence of statements that compute the same 


transform: 


revbin_permute(f, n); walsh_gray(f, ldn); grs_negate(f, n); 


[fxtbook draft of 2008-January-19] 


452 Chapter 22: The Walsh transform and its relatives 


Similar relations as for the transform with Walsh-Paley basis (22.8-2}and|22.8-3]on page|448) hold for W): 


Ww = GWG=G'wW.G! (22.9-7) 
ZWyZ = 2 1W,Z (22.9-8) 


The k-th base function of the transform can be computed as [FXT: walsh_wal_rev_basefunc() in 


walsh /walshbasefunc.h 


template <typename Type> 
void walsh_wal_rev_basefunc(Type *f, ulong n, ulong k) 
{ 
k = revbin(k, ld(n)); 
k = gray_code(k) ; 
// == 
// k = rev_gray_code(k) ; 
// k = revbin(k, ld(n)); 
for (ulong i=0; i<n; ++i) 


ulong x =i & k; 
x = parity(x); 
fli] = ( O==x 7? +1: -1°); 


} 
Oo: [— * * * * Ox * * x OK OK * Ok * x OK OK * |] (16) 
1: [— * * * * Ox * * * * x OK OK * J (15) 
De ie * * * * Ok OK * * * x OK OK * |] (16) 
3: [ * * x OK OF * * * x OK OK * J] (15) 
4: [* * * * * * x OK OK * x ok OK * Ox * |] (16) 
5: [— * * * * * x OK O* * * J (15) 
6: [ x ok OK * * * * * * J (16) 
7: [wx * * * * * * x * * * J (15) 
8: [ * * * * Ox * * * * * * * |] (16) 
9: [* * * * Ox * Ox * * * Ox * Ok * OK OK OK J (15) 
10: [ * * * * * * * * Ox J (16) 
14s (L * * Ok O* * Ox * OK OK OK * * OK OK * |] (15) 
12> [ * * x * * * * * * Ok OK J (16) 
13: [ * * Ok OK * * OK O* * OK OK OK * Ok * * J] (15) 
14: [ * * * Oe OK OK * Ox * * * Ok O* * * |] (16) 
15: [ * * * * OK O* * Ok O* * * J] (15) 
16: [ * * * OK OK * * * * x * Ok OK OK * * ] (16) 
172k * * Ok * Ox * * * J (15) 
18: [ * * * OK * OK OK OK * Ox * Ox * * Ox * * |] (16) 
19: [ * OK O* * * * x KOK * * J (15) 
20: [ x * * Ok * * * * * * |] (16) 
21: [ * * * Ok * x Oe KOK * Ox * Ok OK * J (15) 
22: [ * OK OK OK * OK * Ok * * * OK OK * J (16) 
23: [ * * * * * Ok OK * * Ok OK * J (15) 
242s \[ * * x OK OK * * * * Ok O* J (16) 
95: |[ * x OK KOK * Ox * * * x * |] (15) 
26: [ * * x ok OK * * Ox * Ox * OK O* J (16) 
27: [ * * x x OK O* * * OK KOK * Ox * Ox * * J (15) 
28: [ * x OK OK * * * * OK OK * * * x * |] (16) 
29: [ * * ok O* * * * * OK OK * * J (15) 
30: [ * * OK O* * * * * Ok OK * * J (16) 
31: [ * * OK O* * * Ok x OK KOK * OK OK * * J (15) 


Figure 22.9-C: Basis functions for a self-inverse Walsh transform that has sequencies n/2 and n/2— 1 
only. Asterisks denote the value +1, blank entries denote —1. 


22.9.2 Transforms with sequencies n/2 or n/2—1 


The next variant of the Walsh transform has the interesting feature that the basis functions for a length- 
n transform have only sequencies n/2 and n/2—1 at the even and odd indices, respectively. The 


[fxtbook draft of 2008-January-19] 


22.9: Sequency ordered Walsh transforms 


453 


transform is self-inverse (the basis is shown in figure |22.9-C) and can be obtained via [FXT: walsh_q1 () 


in walsh/walshq.h 


template <typename Type> 
void walsh_qi(Type *f, ulong 1dn) 


4 ulong n = 1UL << ldn; 

grs_negate(f, n); 

walsh_gray(f, ldn); 

revbin_permute(f, n); 

} 

Oo: [ * * * * Ox * OK OK * * Ok OK * * 
1: [— * * * * * OK OK * * 
2: [ * * * * * * Ox * Ok 
3: [ x OK OK * * * * OK O* * 
4: [ * * x OK OK OK OK Ok * Ok * * 
5: [— * * * * * * OK OK 
6: [ * * OK OK * * * 
7: [* * * ok OK OK * * * * * Ok OK 
8: [ * * * OK OK * * * * x * 
9: [ * * * * OK OK OK * x * Ok Ok * 
10: [ * * * OK O* * * 
1 iE x OK O* * x * OK O* * * * 
12+ [ * * * Ox * * * 
13: [ * * x OK OK * * Ox * OK OK OK 
14: [ * x OK O* * * * Ok OK * 
152. 'L * x OK OK * * * * OK OK * 
16: [ * * *K * * * * KOK OX * Ok OK * 
17: [— * * x * * * * * 
18: [ * * * * * KOK OK * Ok * * 
19: [ * * * Ox * * * 
20: [ * * * * * Ok OK * * 
21: [ x * OK O* * x OK OK OK * x * 
99'*\[ * Ok O* * x Ke OK * * 
23: [ * * * OK OK * * Ox * * 
24: [ * * * * OK O* * * OK O* 
25: [ * * OK OX * * OK Ox * OK OK OK * Ok 
26: [ * * OK O* * Ox * Ox * x OK OK 
27: [ * * * * Ok OK * ok OK * * * O* * OK 
28: [ x * * * OK OF * * OK OK OK * 
29: [ x * * * * * Ok O* * 
30: [ * * * Ok O* * * 
31: [* * * * Ok * KK OK * * * * 


a a Sg 
«+ & & 


* 


* * 


+ *& & * 


* * 


* * & 


= & 


+ Ee Ee 


a ee ee ee 


(16) 
(16) 
(16) 
(16) 
(16) 
(16) 
(16) 
(16) 
(16) 
(16) 
(16) 
(16) 
(16) 
(16) 
(16) 
(16) 
(15) 
(15) 
(15) 
(15) 
(15) 
(15) 
(15) 
(15) 
(15) 
(15) 
(15) 
(15) 
(15) 
(15) 
(15) 
(15) 


Figure 22.9-D: Basis functions for a self-inverse Walsh transform (second form) that has sequencies n/2 


and n/2—1 only. Asterisks denote the value +1, blank entries denote —1. 


A different transform with sequency n/2 for the first half of the basis, sequency n/2 — 1 for the second 
half ([FXT: walsh_q2() in walsh/walshq.h , basis shown in figure |22.9-D) is computed by 


template <typename Type> 
void walsh_q2(Type *f, ulong 1dn) 


ulong n = 1UL << ldn; 
revbin_permute(f, n); 
grs_negate(f, n); 
walsh_gray(f, ldn); 


// == 

// grs_negate(f, n); 

// revbin_permute(f, n); 
// walsh_gray(f, ldn); 

} 

One has: 


Wa = RWaR 


[fxtbook draft of 2008-January-19] 


(22.9-9) 


454 Chapter 22: The Walsh transform and its relatives 


The base functions of the transforms can be computed as [F XT: |walsh/walshbasefunc.h 


template <typename Type> 
void walsh_qi_basefunc(Type *f, ulong n, ulong k) 


{ 
ulong qk = (grs_negative_q(k) ? 1 : 0); 
k = gray_code(k) ; 
k = revbin(k, ld(n)); 
for (ulong i=0; i<n; ++i) 
: ulong x =i & k; 
x = parity(x); 
ulong qi = (grs_negative_q(i) 7? 1: 0); 
x “= (qk * qi); 
f£[i] = ( O==x 7? +1: -1 +); 
} 
} 
and 


template <typename Type> 
void walsh_q2_basefunc(Type *f, ulong n, ulong k) 


{ 
ulong qk = (grs_negative_q(k) ? 1: 0); 
k = revbin(k, ld(n)); 
k = gray_code(k) ; 
for (ulong i=0; i<n; ++i) 
t ulong x = i & k; 
x = parity(x); 
ulong gi = (grs_negative_q(i) 7? 1: 0); 
x “= (qk * qi); 
f[i] = ( O==x 7? +1: -1); 
} 
} 


The function grs_negative_q() is described in section|1.15.5)on page [40] 


22.10 Slant transform 


The slant transform can be implemented using a Walsh Transform and just a little pre/post-processing 
[FXT: |walsh/slant.cc}: 


void slant(double *f, ulong ldn) 


walsh_wak(f, 1ldn); 


ulong n = 1UL<<ldn; 
for (ulong ldm=0; ldm<ldn-1; ++1ldm) 


{ 
ulong m = 1UL<<ldm; //m=1, 2, 4, 8, ..., n/4 
double N = m*2, N2 = NxN; 
double a = sqrt(3.0*N2/(4.0*N2-1.0)); 
double b = sqrt(1.0-a*a); // == sqrt((N2-1)/(4*N2-1)); 
for (ulong j=m; j<n-1; j+=4*m) 
: ulong ti = j; 
ulong t2 =j +m 
double fi = f[t1], f2 = f[t2]; 
f[ti] =a * f1 - b * £2; 
f[t2] = b * fi + a * £2; 
} 
} 


} 


Apart from the Walsh transform only an amount of work linear with the array size has to be done: the 
inner loop accesses the elements in strides of 4, 8, 16, ..., 2”~1. 
The inverse transform is: 


void inverse_slant(double *f, ulong 1ldn) 


{ 


[fxtbook draft of 2008-January-19] 


22.11: Arithmetic transform 


A sequency ordered version of the transform can be implemented as follows: 


ulong n = 1UL<<ldn; 
ulong 1ldm=ldn-2; 


do 
{ 


ulong m = 1UL<<ldm; // m = n/4, n/2, ..., 4, 2, 1 
double N = m*2, N2 = NxN; 
double a = sqrt(3.0*N2/(4.0*N2-1.0)); 


double b = sqrt(1.0-a*a) ; 


// == sqrt ((N2-1)/(4+#N2-1)); 


for (ulong j=m; j<n-1; j+=4*m) 


{ 
ulong t1 
ulong t2 
double f 
f[ti] = 
f[t2] = 
} 


} 
while ( ldm-- ); 
walsh_wak(f, 1ldn); 


void slant_seq(double *f, ulong ldn) 


{ 


} 


This implementation can be optimized by combining the involved permutations, see [237]. 


The inverse is obtained by calling the inverse operations in reversed order: 


slant(f, ldn); 
ulong n = 1UL<<ldn; 
inverse_gray_permute(f, n); 
unzip_rev(f, n); 
revbin_permute(f, n); 


void inverse_slant_seq(double *f, ulong ldn) 


{ 


ulong n = 1UL<<ldn; 
revbin_permute(f, n); 
zip_rev(f, n); 
gray_permute(f, n); 


inverse_slant(f, ldn); 


22.11 Arithmetic transform 


How to make a arithmetic transform out of a Walsh transform: 
‘Forward: replace Cutv) by (u), and (u-v) by (v-u). 
Backward: replace (atv) by (u), and Cu-v) by Cutv). ’ 


On to the code [FXT: |walsh/arithtransform.h : 


template <typename Type> 
void arith_transform_plus(Type *f, ulong 1dn) 

// Arithmetic Transform (positive sign). 

// Radix-2 decimation In Frequency (DIF) algorithm. 


{ 


const ulong n = (1UL<<ldn) ; 
for (ulong ldm=ldn; ldm>=1; --1dm) 


{ 


const ulong m 


ulong ti 
ulong t2 


(AUL<<1dm) ; 
const ulong mh = (m>>1); 
for (ulong r=0; r<n; r+=m) 


Yr; 
r+mh; 


for (ulong j=0; 


{ 


j<mh; 


t++j, ++t1, ++t2) 


[fxtbook draft of 2008-January-19] 


455 


456 Chapter 22: The Walsh transform and its relatives 


+ 
1 
D+ itt 
\ 
++i 
+ 
\ 
\ 
++ 
+ 
i} 
i} 
D+ itt 


+ 
' 
' 
(o+ + t+ 
(+ +1+tit 


ONaAnNRWNRO 
+ 


+ 
\ 
' 
+ ee 
+ 
\ 
\ 
+1 t ite 
+ ' \ 
\ t+ ee 
' + 
a ee | 


ee ee ee 


+ 
+ 1 


Figure 22.11-A: Basis functions for the Arithmetic transform (A~, the one with the minus sign). The 
values are +1, blank entries denote 0. 


Type u = f[t1]; 
Type v = f[t2]; 
f[ti] =u; 
f£[t2] =ut+y; 
} 
} 
} 
} 
and 


template <typename Type> 

void arith_transform_minus(Type *f, ulong ldn) 

// Arithmetic Transform (negative sign). 

// Radix-2 decimation In Frequency (DIF) algorithm. 
// Inverse of arith_transform_plus(). 


[--snip--] 
f[t1] 
f£[t2] 


u; 
v- uU; 


[--snip--] 


The length-2 transforms can be written as 


Atv = ke a a = Fea (22.11-1) 


Ayu = E | Fa = lee (22.11-2) 


[fxtbook draft of 2008-January-19] 


| 


22.11: Arithmetic transform 


457 


AONAnNRWNHKO 
++ ++ 
+e tetetest 
+ 
+ + 
+ 
++ t+ 
+ 


+ 
+ 
+ 


++ t+ 


+e ete teeter tee eeeeet 


+++ 


+++ 


++ ++ 


+e tet eteet 


++ t+ 


++ ++ 


++ tte eteet 


+ +t + 


a 
SSS 


Figure 22.11-B: Basis functions for the inverse Arithmetic transform (AT, the one without minus sign). 


The values are +1, blank entries denote 0. 


That the transform with the minus is called the forward transform is tradition. Similar to the Fourier 
transform we avoid the forward- backward- naming scheme and put: 


template <typename Type> 


inline void arith_transform(Type *f, ulong ldn, int is) 


if ( is>o ) 
else 


arith_transform_plus(f, ldn); 
arith_transform_minus(f, ldn); 


In Kronecker product notation (see section on page |433) the arithmetic transform and its inverse 


can be written as 


ap = | 


as = | 


The k-th element of the arithmetic At transform is 


where i C k means that the bits of 7 are a subset of the bits of ki ic kk = = (iAk) =1. 


Atla 


0 log. (n) 
i | At= ®& Az (22.11-3a) 
k=1 
0 logs (n) 
i A, = & 47 (22.11-3b) 
k=1 
jk = So ai (22.11-4a) 


ick 


For the 


[fxtbook draft of 2008-January-19] 


458 Chapter 22: The Walsh transform and its relatives 


transform A7~ we have 


A [ale = (-1)7?) S$> (-1)? a; (22.11-4b) 
ick 


where p(x) is the parity of «. 


22.11.1 Transposed arithmetic transform 


We define a transposed arithmetic transforms B+ and B™~ via 


1 1 log, (n) 
a ye — Ves oh = + 
By = | : | Bra Co 2) (22.11-5a) 
k=1 
re | log. (n) 
By = | ‘ =| Br = ® By (22.11-5b) 


Then the transforms are [FXT: walsh/arithtransform.h 


template <typename Type> 
void transposed_arith_transform_plus(Type *f, ulong 1dn) 


[--snip--] 
f[t1] 
f£[t2] 


uty; 
Vv; 


[--snip--] 


template <typename Type> 
void transposed_arith_transform_minus (Type *f, ulong ldn) 


{[--snip--] 


f[t1] 
£[t2] 


u- Vv; 
Vv; 
[--snip--] 


22.11.22 Relation to Walsh transform 


To establish the relation to the Walsh transform recall that its decomposition as a Kronecker product is 


Jt: a log. (n) 
We = Be at Wr= & We (22.11-6) 
k=1 
Now as (W2 Af) Ay = Wo» the expression in parenthesis is the matrix that transforms the 2-point 


arithmetic transform (with the negative sign) to the Walsh transform. Similarly, as (5 A} W2)W2 = Aj, 
the matrix leading to the conversion from Walsh to arithmetic transform can be determined. One finds: 


(W2 AS) AJ = Wo= | s 7 Ay (22.11-7a) 
(W2,Az) AJ = Wo= | - AZ (22.11-7b) 
i= _~_1f 41 41 
(54 Wa) We = ASS | 4 v4 We (22.11-7c) 
1 i et 
(542 Ws) We = Ale; | ‘- i | We (22.11-7d) 


[fxtbook draft of 2008-January-19] 


22.12: Reed-Muller transform 459 


The Kronecker product of the given matrices gives the converting transform. For example, using rela- 


tion |22.11-7a\ define 


logs (n) 42 ze 
T, i= ®) | A | (22.11-8) 
k=1 


Then 7, converts a arithmetic (minus sign) transform to a Walsh transform: W, = T, A;. For the 
relations between the arithmetic transform, the Reed-Muller transform and the Walsh transform, see [226]. 


22.12 Reed-Muller transform 


How to make a Reed-Muller transform out of the arithmetic transform: 
‘Replace + and - by XOR, done.’ 


The Reed-Muller transform is can be obtained from the arithmetic transform by working modulo two. 
The transform is self-inverse, its basis functions are identical to those of the arithmetic transform A™, 
shown in figure|22.11-Blon page The implementation is almost identical to [FXT: walsh_wak_dif2() 


in|walsh/walshwak2.h’. The only changes are 


Walsh: f[t1] --> Reed-Muller: f[ti] 
Walsh: £[t2] --> Reed-Muller: f[t2] 


There we go [FXT: walsh/reedmuller.h): 


template <typename Type> 

void word_reed_muller_dif2(Type *f, ulong ldn) 

// Reed-Muller Transform. 

// Radix-2 decimation in frequency (DIF) algorithm. 
// Self-inverse. 

// Type must have the XOR operator. 


uty; 
u-v; 


const ulong n = (1UL<<1dn) ; 
for (ulong ldm=ldn; ldm>=1; --1ldm) 


{ 
const ulong m = (1UL<<ldm) ; 
const ulong mh = (m>>1); 
for (ulong r=0; r<n; rt+=m) 
: ulong ti = 1; 
ulong t2 = rt+mh; 
for (ulong j=0; j<mh; ++j, ++t1, ++t2) 
Type u = f[ti]; 
Type v = f[t2]; 
f[ti] =u; 
f£[t2] =u v; 
a 
} 
} 


} 

The decimation in time algorithm can be obtained from [FXT: walsh_wak_dit2() in|walsh/walshwak2.h 
by the very same changes. As given, the transforms work word-wise, if the bit-wise transform is wanted 
use 


template <typename Type> 
inline void bit_reed_muller(Type *f, ulong 1dn) 


{ 

word_reed_muller_dif2(f, ldn); 

ulong n = 1UL << ldn; 

for (ulong k=0; k<n; ++k) f[k] = yellow_code(f[k]); 
} 


The yellow_code() (see section on page|45) can also be applied before the main loop. In fact, the 
yellow code is the Reed-Muller transform on a binary word. 


[fxtbook draft of 2008-January-19] 


460 Chapter 22: The Walsh transform and its relatives 


The other ‘color-transforms’ of section lead to variants of the Reed-Muller transform, the blue code 
gives another self-inverse transform, the red code and the green code give transforms R and E so that 


RRR = id R'=RR=E 
EEE = id E|=EE=R 
RE = ER=id 


In fact, all relations given in the referenced section hold. 


(22:19-1) 
(22.12-2) 
(22.12-3) 


As can be seen from the ‘atomic’ matrices (relations}1.18-12c]... |1.18-12f/on page[50) the four transforms 


corresponding to the ‘color codes’ are obtained by 


Walsh: f[ti] =u+v; £[t2] =u - v; 
B: f[ti] =u ~* v; f£[t2] =v; (transposed Reed-Muller transform) 
Y: f[ti] =u; £[t2] =u ~*~ v; (Reed-Muller transform) 
R: f[ti] =v; £[t2] =u v; 
E: f[ti] =u v; f£[t2] = u; 


The basis functions of the transforms are shown in figure |22.12-A 
The transposed Reed-Muller transform can be obtained by setting 


Walsh: f[ti] =ut+v; =--> transposed Reed-Muller: f[ti] =u ~ v; 
Walsh: £[t2] =u -v; =--> transposed Reed-Muller: f[t2] = v; 
yellow red green 
11141111111111111 at Es Ws Eis ss Bs Bs ss Ei Dee 1 
ote tt. dede deeded Teta d ha neiew-ataedte deeatens 11 
oodles tA ccd ocd fe Uae is Vp Fs Fes Es Le : 
paeen ets Kemer eee es | 5 Fret are (ae aes ee 
1111 a4 1111 1111 
ciate ilse wauade tiv... .dte.. ss. 
leaenegetiditi ts PAT eee 
Sh eames: wid: Wide dy Did a var eS 
eoiginsuad hg eight 11..11 Te Thee ee ees 
imeas ate eae th Pod! A dois Wiabies tained? eaten 
Ws adedeaeg hd ducadias a?  oasGndace Rater OR oae 1122 ss Ess eee oe 
Welded Thi eee ncdd ens ok We od degeeseres eteiaee ala oos 
Tetvdadtedetideds “avaeescwadecs souk 11 it eee eee err ne ety dedi ddd tt 
Us a Ds Ws a Bp Us Ds se 1 Wis bungie doar ios od 8 Goes 41111111111111111 


Figure 22.12-A: Basis functions of the length-16 blue, yellow, red, and green transforms. 


The symbolic powering idea from section on page |45] leads to transforms with bases (using eight 


element arrays and the yellow code): 


i earns a Weide ba de eenice er Ne Ks i hs rere 11..1 1111 
Lie sscas uae ees 1.01. 1,1.1,1 Wes ie: ae edie sek 1.1 
: ene We coach Wes esce 1 1, uk ar Paar Es leap 11 
1 eae tei54 ae ere sere 3 eee Saco dees @ 1 
5 ie Deri Sriedbea dies 1,1, ehh S25 peared Leds 1111 
bgiean 1.5 dubvavane das piseae dey sae erag dk peacaeh es saneeoe key trices ed Wg dk 
Sas saare day 1 Hema ahks ete ie seeabebusi ced sue anata adele 3 acevabacw al Scocsecressana tle: 
aha savage 1 eee re | ere El Sohne acest lk re | sacdaee a wk bese deg eee 
x=0 x=1 x=2 x=3 x= x=5 x=6 


The program [FXT: bits/bitxtransforms-demo.cc) gives the matrices for 64-bit words. 


A function that computes the k-th base function of the transform is [FXT: |walsh/reedmuller.h): 


template <typename Type> 
inline void reed_muller_basefunc(Type *f, ulong n, ulong k) 


for (ulong i=0; i<n; ++i) 
ffi] = ( Gi & k\)==k 7? +1: 0); // is k a bit-subset of i ? 


} 


Functions that are the word-wise equivalents of the Gray code are given in [FXT: jauxl/wordgray.h): 


[fxtbook draft of 2008-January-19] 


22.12: Reed-Muller transform 461 


template <typename Type> 
void word_gray(Type *f, ulong n) 


for (ulong k=0; k<n-1; ++k) f[k] “= fl[k+1]; 


and 
void inverse_word_gray(Type *f, ulong n) 


ulong x = 0, k =n; 
while ( k-- ) {x “= f[k]; flk] = x; } 


As one might suspect, these are related to the Reed-Muller transform. Writing Y (‘yellow’) for the Reed- 
Muller transform, g for the word-wise Gray code and S, for the cyclic shift by k words (word zero is 
moved to position k) one has 


YoaY = @ (22.12-4) 
YsSaY = 9° (22.12-5) 
¥S.¥° Sg? (22.12-6) 


These are exactly the relations |1.18-10a}... |1.18-10cjon page [49] for the bit-wise transforms. For k >= 0 
the operator 5; corresponds to the shift toward element zero (use [FXT: rotate_sgn() in|perm/rotate.h ). 


The power of the word-wise Gray code is perfectly equivalent to the bit-wise version: 


template <typename Type> 
void word_gray_pow(Type *f, ulong n, ulong x) 
{ 


for (ulong s=1; s<n; s*=2) 
if ( x & 1) 


// word_gray ** s: 
for (ulong k=0, j=kts; j<n; ++k,++j) flk] “= f[j]; 


} 
x >>= 1; 
} 
} 
Let e be the reversed Gray code operator, then we have for the transposed Reed-Muller transform B: 
Bigs = -« (22.12-7) 
BS1,B =e (22.12-8) 
Bak = ~€* (22.12-9) 
Further, 
BS, Ro = 2 (22.12-10) 
Ee®R = Sy (22.12-11) 


The transforms as Kronecker products (all operations are modulo two): 


Bn = © Bz where By = E ‘| (22.12-12a) 
1 0 

Yn = @® ¥Y where Y= E | (22.12-12b) 
— 0 1 

R, = (® Ro where R2= | ; ‘| (22.12-12c) 
— is, 

En, = (® Ea where Ey = E | (22.12-12d) 


[fxtbook draft of 2008-January-19] 


462 Chapter 22: The Walsh transform and its relatives 


22.13 The OR-convolution, and the AND-convolution 


i 012 3 4 5 6 7 8 910 11 12 13 14 15 
0: 012 3 4 5 6 7 8 910 11 12 13 14 15 
1: 113 3 5 5 7 7 9 9 11 11 #13 13 15 15 
2: 23 23 6 7 6 7 10 111011 #14 15 14 15 
oO 3.3 3 3 7 7 7 7 (111 11 11 11 «+15 15 15 15 
4: 45 6 7 4 5 6 7 12131415 12 13 14 15 
5: 5 5 7 7 5 5&5 7 7 13 13 15 15 13 13 15 15 
6: 6 7 6 7 6 7 6 7 14 151415 14 15 14 15 
7: 7 7 7 T %7T 7 7 7T +%15 15 15 15 15 15 15 15 
8: 8 9101411 12131415 8 91011 12 13 14 15 
9: 9 91111 13131515 9 91111 #%13 13 15 15 
10: 10111011 14151415 10111011 14 15 14 15 
11: 411 11 11 11 #15 15 15 15 11 111111 #15 15 15 15 
12: 12 131415 12131415 12131415 12 13 14 15 
13: 13 13 15 15 13 13 15 15 13 13 15 15 13 13 15 15 
14: 14151415 14151415 14151415 14 15 14 15 
15: 15 15 15 15 15 15 15 15 151515 15 15 15 15 15 


Figure 22.13-A: Semi-symbolic scheme for the OR-convolution of two length-16 sequences. 


_ 012 3 4 5 6 7 8 910 11 12 13 14 15 
0: 0000 0000 000 0 00 0 0 
i: oO 10 1 o 10 1 0 101 oO 1 0 1 
2: 0022 002 2 002 2 00 2 2 
3% 0123 012 3 012 3 0 1 2 3 
4: 0000 4444 0000 4 4 4 4 
5: Oo 101 45 45 01 01 4 5 4 5 
6: 0022 4 466 002 2 4 4 6 6 
7: 0123 4 567 012 3 4 5 6 7 
8: 0000 0000 8 8 8 8 8 8 8 8 
9'; oO 10 1 0 i101 89 8 9 8 9 8 9 
10: 002 2 002 2 8 81010 8 8 10 10 
11% 012 3 01 2 3 8 91011 #8 9 10 11 
12 0000 4 4 4 4 8 8 8 8 12 12 12 12 
13: Oo 101 4 5 4 5 8 9 8 9 12 13 12 13 
14: 002 2 4 4 6 6 8 81010 12 12 14 14 
15: 012 3 4 5 6 7 8 910 11 12 13 14 15 


Figure 22.13-B: Semi-symbolic scheme for the AND-convolution of two length-16 sequences. 


Let a and b be sequences of length a power of two. We define the OR-convolution h of a and b, as 


h, = S- a; bj (2213-1) 


IV J=T 


where V denotes bit-wise OR. The symbolic table for the OR-convolution is shown in figure }22.13-A] (see 
figure |21.1-Alon page an explanation of the scheme). The OR-convolution can be computed as 


h = A~|At*[a]- At[B)] (22.13-2) 


where At and A~ are the arithmetic transforms given in section |22.11]on page An implementation 
is [FXT: walsh/or-convolution.hi: 


template <typename Type> 
inline void or_convolution(Type * restrict f, Type * restrict g, ulong ldn) 
// Compute the OR-convolution h[] of f[] and g[]: 
// bk] = sum(i | j == k, fli] *glj]) 
// £[] and g[] must not overlap. 
// Result written to g[]. 
{ 
arith_transform_plus(f, ldn); 
arith_transform_plus(g, ldn); 


[fxtbook draft of 2008-January-19] 


22.13: The OR-convolution, and the AND-convolution 463 


const ulong n = (1UL<<ldn) ; 
for (ulong k=0; k<n; ++k) glk] *= f£[k]; 
arith_transform_minus(g, ldn); 


We also have 
h = Y! [Y[a]-Y[b}] = Y[Y[a]-Y [8] (22.13-3) 


where Y is the Reed-Muller transform given in section |22.12]on page 


Define the AND-convolution h of two sequences a and b as 


h, = bP a; bj (22.13-4) 


tAJ=T 


where A denotes the bit-wise AND. The symbolic scheme is shown in figure]22.13-B| The AND-convolution 
can be computed as 


h = B-[B*[a)-Bt[o]] (22.13-5) 


where Bt and B~ are the transposed arithmetic transforms. The implementation of the AND-convolution 
is [FXT: walsh/and-convolution.h!: 


template <typename Type> 
inline void and_convolution(Type * restrict f, Type * restrict g, ulong ldn) 
// Compute the AND-convolution h[] of f[] and g[]: 
// bik] = sum(i & j == k, £[i] *g[j]) 
// £(] and g[] must not overlap. 
// Result written to g[]. 
{ 
transposed_arith_transform_plus(f, ldn); 
transposed_arith_transform_plus(g, ldn); 
const ulong n = (1UL<<ldn) ; 
for (ulong k=0; k<n; ++k) glk] *= f£[k]; 
transposed_arith_transform_minus(g, ldn) ; 


} 


The same is true modulo two: 
h= B~' [Bla] - Bib} | = B| Bla] - Bid] (22.13-6) 


here B is the transposed Reed-Muller transform. 


[fxtbook draft of 2008-January-19] 


464 Chapter 22: The Walsh transform and its relatives 


[fxtbook draft of 2008-January-19] 


Chapter 23 


The Haar transform 


465 


Haar transforms are invertible transforms that do not involve trigonometric factors. We present several 
variants of the transform whose computation involves just proportional n operations. Haar transforms 
can be used as building blocks of the Walsh transform. We give two non-standard splitting schemes for 


Haar transforms, based on the Fibonacci and Mersenne numbers. 


23.1 The ‘standard’ Haar transform 


m 
; 
+ ++ 
+ 
+ 
+ 
+ 
+ 
+ 
+ 
+ 
+ 
+ 
+ 
+ 
+ 
+ 
\ 
\ 
i} 
\ 
\ 
' 
1 
\ 
\ 
i] 
\ 
\ 


++ t+ 


ee rN ee 
= 
+ 
+ 
+ 
+ 
I 
| 
| 
| 


t+ +0 - 


tHe eee tteeeeeeteeeeetrteeeeetst si 


++ - -] 


1/sqrt (32) 
1/sqrt (32) 
1/sqrt (16) 
1/sqrt (16) 
1/sqrt (8) 
1/sqrt (8) 
1/sqrt (8) 
1/sqrt (8) 
1/sqrt (4) 
1/sqrt (4) 
1/sqrt (4) 
1/sqrt (4) 
1/sqrt (4) 
1/sqrt (4) 
1/sqrt (4) 
1/sqrt (4) 
1/sqrt (2) 
1/sqrt (2) 
1/sqrt (2) 
1/sqrt (2) 
1/sqrt (2) 
1/sqrt (2) 
1/sqrt (2) 
1/sqrt (2) 
1/sqrt (2) 
1/sqrt (2) 
1/sqrt (2) 
1/sqrt (2) 
1/sqrt (2) 
1/sqrt (2) 
1/sqrt (2) 
1/sqrt (2) 


Figure 23.1-A: Basis functions for the Haar transform. Only the signs of the nonzero entries are shown. 
The absolute value of the nonzero entries in each row is given at the right. The norm of each row is one. 


[fxtbook draft of 2008-January-19] 


466 Chapter 23: The Haar transform 


The Haar transform of a length-n sequence f consists of log,(n) steps were the sums and differences of 
adjacent pairs of elements f2;, f2;+1 are computed. The sums are then written to the lower half of the 
array f, the differences to the higher half. Ignoring the order (and normalization), each step corresponds 
to a matrix multiplication: 


+1 +1 fo 
+ -d fi 


| 

T 
— 
+ 
Be 
Se 


+1 +1 . | fa (23.1-1) 


+1 +1 fe 


The step is applied to the full array, then to the lower half, the lower quarter, ..., the lower four elements, 
the lowest pair. (The array length n must be a power of two.) The computational cost of the transform 
is proportional n+ n/2+n/4+...+4+2 which is ~ O(n). The basis functions for the Haar transform 
have finite support, they are shown in figure [23.1-A] 


The following implementation involves 2n multiplications 2 which make the transform orthogonal, 
corresponding to a scalar factor of /2 in the relation |23.1-1 


template <typename Type> 
void haar(Type +f, ulong 1dn) 


{ 
ulong n = (1UL<<1dn) ; 
const Type s2 = sqrt(0.5); // normalization factor 
Type *g = new Type[n]; // scratch space 
for (ulong m=n; m>1; m>>=1) // n, n/2, n/4, n/8, ..., 4, 2 
{ 
ulong mh = (m>>1); 
for (ulong j=0, k=O; j<m; j+=2, k++) // sums and differences of adjacent pairs 
Type x = f[j]; 
Type y = f[j+1]; 
g[k] = (x + y) * s2; // sums to lower half 
glmht+k] = (x - y) * s2;  // differences to higher half 
} 
copy(g, f, m); 
} 
delete [] g; 
} 


We can reduce the number of multiplications to n by delaying the multiplies with the sums [FXT: haar () 


in haar /haar.h): 


template <typename Type> 
void haar(Type +f, ulong ldn, Type *ws=0) 


{ 
ulong n = (1UL<<1dn) ; 
Type s2 = sqrt(0.5); 
Type v = 1.0; 
Type *g = ws; 


if ( !ws ) g = new Type[n]; 
for (ulong m=n; m>1; m>>=1) 


v *= $2; 
ulong mh = (m>>1); 
for (ulong j=0, k=O; j<m; jt+=2, k++) 


{ 
Type x = f[j]; 
Type y = f[j+i1]; 
g(k] a i a 
glmht+k] = (x - y) ¥* v3 
} 


[fxtbook draft of 2008-January-19] 


23.2: In-place Haar transform 467 


copy(g, f, m); 


f£[0] *= v; // v == 1.0/sqrt(n) ; 
if ( !ws ) delete [] g; 
} 


The temporary workspace can be supplied by the caller. 


The inverse Haar transform is obtained by applying the inverse steps in reversed order [FXT: 
inverse_haar() in|haar/haar.h': 


template <typename Type> 
void inverse_haar(Type *f, ulong ldn, Type *ws=0) 
{ 

ulong n = (1UL<<1dn) ; 

Type s2 = sqrt(2.0); 

Type v = 1.0/sqrt(n); 

Type *g = ws; 

if ( !ws ) g = new Type[n]; 

£[0] *= v; 

for (ulong m=2; m<=n; m<<=1) 


ulong mh = (m>>1); 
for (ulong j=0, k=O; j<m; jt=2, k++) 


Type x = f[k]; 

Type y = f[mhtk] * v; 
glj] = x+y; 
gljtt] = x- y; 


} 
copy(g, f, m); 
v *= $2; 


ay 
if ( !ws ) delete [] g; 
} 


A generalization of the steps used in the Haar transform leads to the wavelet transforms treated in 


chapter [26] on page [515] 


23.2 In-place Haar transform 


The ‘standard’ Haar transform routines are not in-place, they use a temporary storage. A rather simple 
reordering of the basis functions, however, allows for to an in-place algorithm [FXT: haar_inplace() in 
haar/haar.h): 


template <typename Type> 
void haar_inplace(Type *f, ulong 1dn) 


: ulong n = 1UL<<ldn; 
Type s2 = sqrt(0.5); 
Type v = 1.0; 
for (ulong js=2; js<=n; js<<=1) 
v *= $2; 
for (ulong j=0, t=js>>1; j<n; jt=js, t+=js) 
{ 
Type x = f[j]; 
Type y = f[tl]; 
f[j] = x+y; 
f(t] = (x - y) * v; 
} 
} 
£[0] *= v; // v==1.0/sqrt(n); 
} 


The inverse is [FXT: inverse_haar_inplace() in haar/haar.h: 


template <typename Type> 
void inverse_haar_inplace(Type *f, ulong 1dn) 


[fxtbook draft of 2008-January-19] 


468 Chapter 23: The Haar transform 


O: [F+ tt tttteee ee eee ete tteteeeeeeee eet tty) 1/sqrt(32) 
1: [+ - J] 1/sqrt (4) 
oa eae ane J] 1/sqrt (4) 
3: [ #2 J] 1/sqrt (4) 
4: [+#++4+---- ] 1/sqrt (8) 
5: [ + - ] 1/sqrt (4) 
6: [ toy = J] 1/sqrt (4) 
7: pS J] 1/sqrt (4) 
8: [++ ee eee ¢-------- ] 1/sqrt (16) 
9: [ + J] 1/sqrt (4) 
10: [ 5 A ee J] 1/sqrt (4) 
11: [ + - J] 1/sqrt (4) 
12: [ tee 4 ---- ] 1/sqrt (8) 
13: [ + - ] 1/sqrt (4) 
14: [ 5 i J] 1/sqrt (4) 
15: [ + - ] 1/sqrt (4) 
16: [Fete ee eeeeeeeeeeeo----- - - ee ee ee ee ] 1/sqrt (32) 
17: [ + - ] 1/sqrt (4) 
18: [ ++ -- J] 1/sqrt (4) 
19: [ +> J 1/sqrt (4) 
20: [ tee e0-0-- J] 1/sqrt (8) 
21: [ + - J] 1/sqrt (4) 
22: [ ++ J 1/sqrt (4) 
23: [ + - J] 1/sqrt (4) 
24: [ tee eetetteorc--- ee J 1/sqrt (16) 
25: [ ie + ee 
26: [ Ore ie. ee 
27: [ + - J 1/sqrt (4) 
28: [ ++ 4++4----) 1/sqrt(8) 
29: [ + - J 1/sqrt (4) 
30: [ ++--) 1/sqrt (4) 
31: [ + -] 1/sqrt (4) 


Figure 23.2-A: Haar basis functions, in-place order. Only the signs of the nonzero entries are shown. 
The absolute value of the nonzero entries in each row is given at the right. The norm of each row is one. 


: ulong n = 1UL<<ldn; 
Type s2 = sqrt(2.0); 
Type v = 1.0/sqrt(n) ; 
£[0] *= v; 
for (ulong js=n; js>=2; js>>=1) 
for (ulong j=0, t=js>>1; j<n; jt=js, t+=js) 
Type x = f[jl; 
Type y = f[t] * v; 
f[j] = x+y; 
f[t] = x-y; 
} 
v *= $2; 
} 
} 


The in-place Haar transform H; is related to the ‘usual’ Haar transform H by a permutation Py via the 
relations 


H = Py-H; (23.2-1) 
HEY = Ae Pa (23;2-2) 


The permutation Py can be programmed as 


template <typename Type> 
void haar_permute(Type *f, ulong n) 
{ 
revbin_permute(f, n); 
for (ulong m=4; m<=n/2; m*=2) revbin_permute(ftm, m); 


[fxtbook draft of 2008-January-19] 


23.3: Non-normalized Haar transforms 469 


O: [F+ tt ttteee eee eee ttteeeeeee eee ett ti) 1/sqrt(32) 
1: [++ ete teeteeeeeeteee------------ -- J 1/sqrt (32) 
De etd ode Ge pe oe So ] 1/sqrt (16) 
3: [ teeeetetet-o----- - J 1/sqrt (16) 
4: [+++4+---- ] 1/sqrt (8) 
5: [ tee e050 - J] 1/sqrt (8) 
6: [ oe ob. ge ie ee J 1/sqrt(8) 
7: ++ +4----)) 1/sqrt(8) 
Se [edo J] 1/sqrt (4) 
9: [ a J] 1/sqrt (4) 
10: [ 5 i ie J] 1/sqrt (4) 
14: [ ++ -- ] 1/sqrt (4) 
12: [ t++—-- J] 1/sqrt (4) 
13: [ ro ] 1/sqrt (4) 
14: [ ++ —-- J] 1/sqrt (4) 
15: [ ++--] 1/sqrt(4) 
16: [+ - J] 1/sqrt (2) 
17: [ + - ] 1/sqrt (2) 
18: [ + - J] 1/sqrt (2) 
19: [ + - ] 1/sqrt (2) 
20: [ +- ] 1/sqrt (2) 
21: [ + - J] 1/sqrt (2) 
22: [ + - ] 1/sqrt (2) 
23: [ + - J 1/sqrt (2) 
24: [ fy J] 1/sqrt (2) 
25: [ + - J] 1/sqrt (2) 
26: [ + - ] 1/sqrt (2) 
27: [ + - J 1/sqrt (2) 
28: [ + - ] 1/sqrt (2) 
29: [ + - J] 1/sqrt (2) 
30: [ + - ] 1/sqrt (2) 
31: [ + -] 1/sqrt (2) 


Figure 23.2-B: Basis functions of the in-place order Haar transform followed by a revbin permutation. 
The ordering is such that basis functions that are identical up to a shift appear consecutively. 


} 

The revbin permutations in the loop do not overlap, so the inverse Haar permutation is obtained by 
simply swapping the loop with the full-length revbin permutation [FXT: perm/haarpermute.hi: 
template <typename Type> 

void inverse_haar_permute(Type *f, ulong n) 


for (ulong m=4; m<=n/2; m*=2) revbin_permute(ftm, m); 
revbin_permute(f, n); 


} 

Then, as given above, haar is equivalent to 
haar_inplace(); haar_permute() ; 

and inverse_haar is equivalent to 


inverse_haar_permute() ; inverse_haar_inplace(); 


23.3. Non-normalized Haar transforms 


Versions of the Haar transform without normalization are given in [FXT: haar/haarnn.h|. The basis 
functions are the same as for the normalized versions, only the absolute value of the nonzero entries are 
different. 

template <typename Type> 


void haar_nn(Type *f, ulong ldn, Type *ws=0) 


{ 
ulong n = (1UL<<1dn) ; 


[fxtbook draft of 2008-January-19] 


470 


Type *g = ws; 
if ( !ws ) g = new Typel[n]; 
for (ulong m=n; m>1; m>>=1) 


ulong mh = (m>>1); 
for (ulong j=0, k=O; j<m; jt+=2, k++) 


{ 
Type x = f[j]; 
Type y = f[j+1]; 
g[k] = yy 
glmhtk] = x - y; 


} 
copy(g, f, m); 


if ( !ws ) delete [] g; 
} 
The inverse is 
template <typename Type> 
void inverse_haar_nn(Type *f, ulong ldn, Type *ws=0) 


{ 


ulong n = (1UL<<1dn) ; 

Type s2 = 2.0; 

Type v = 1.0/n; 

Type *g = ws; 

if ( !ws ) g = new Type[n]; 
£[0] *= v; 


for (ulong m=2; m<=n; m<<=1) 


ulong mh = (m>>1); 
for (ulong j=0, k=O; j<m; jt+=2, k++) 


Type x = f[k]; 

Type y = f[mhtk] * v; 
gl = 24-95 
glj+t1] = x-y; 


} 
copy(g, f, m); 
v *= $2; 


} 
if ( !ws ) delete [] g; 
} 


An unnormalized transform that works in-place is 


template <typename Type> 
void haar_inplace_nn(Type *f, ulong ldn) 


: ulong n = 1UL<<ldn; 
for (ulong js=2; js<=n; js<<=1) 
for (ulong j=0, t=js>>1; j<n; jt=js, t+=js) 
Type x = f[j]; 
Type y = f[tl]; 
f[j] = x+y; 
f[t] = x-y; 
} 
} 
} 


The inverse routine is 


template <typename Type> 
void inverse_haar_inplace_nn(Type *f, ulong 1dn) 


{ 
ulong n = 1UL<<ldn; 


Type s2 = 2.0; 

Type v = 1.0/n; 

£[0] *= v; 

for (ulong js=n; js>=2; js>>=1) 


for (ulong j=0, t=js>>1; j<n; jt=js, t+=js) 


[fxtbook draft of 2008-January-19] 


Chapter 23: The Haar transform 


23.4: Transposed Haar transforms 471 


Type x = f[jl]; 
Type y = f[t] * v; 
f[j] = x+y; 
f(t] = x-y; 

} 

v *= 82; 


The sequence of statements { haar_inplace_nn(); haar_permute(); } is equivalent to 
{ haar_nn(); }. The sequence { inverse_haar_permute(); inverse_haar_inplace(); } is 
equivalent to { inverse_haar(); }. 


23.4 Transposed Haar transforms 


AONAnDRWNHO 
tte tee et 


1 
tet t 


i 
I 
+ 


Ltt ete ete eteerteetetet 
1 
\ 
\ 
+ 


+t et 


\ 
(+t e tee eet 


\ 
\ 
ttt t 


Ue en Be ee ee ee De ee eB 
ee ee ee 


teeter tee teeeeeteeteeteeteeeteeteeteegese 


Figure 23.4-A: Basis functions for the transposed Haar transform. Only the signs of the basis functions 
are shown. At the blank entries the functions are zero. 


Figure shows the bases functions of the transposed Haar transform. The shown routine are given 
in [FXT: haar/transposedhaarnn.h). The following routine does an unnormalized Haar transform. The 


result is, up to normalization, the same as with inverse_haar(). The implementation uses a scratch 
array: 


template <typename Type> 
void transposed_haar_nn(Type *f, ulong ldn, Type *ws=0) 
{ 

ulong n = (1UL<<1ldn) ; 

Type *g = ws; 

if ( !ws ) g = new Type[n]; 

for (ulong m=2; m<=n; m<<=1) 


[fxtbook draft of 2008-January-19] 


472 Chapter 23: The Haar transform 


ulong mh = (m>>1); 
for (ulong j=0, k=O; j<m; jt+=2, k++) 


{ 
Type x = f[k]; 
Type y = f[mhtk]; 
glj] = x+y; 
glyAt oS cae ys 


} 
copy(g, f, m); 


} 
if ( !ws ) delete [] g; 
} 


The inverse transform is 


template <typename Type> 
void inverse_transposed_haar_nn(Type *f, ulong ldn, Type *ws=0) 


{ 
ulong n = (1UL<<1dn) ; 
Type *g = ws; 
if ( !ws ) g = new Type[n]; 
for (ulong m=n; m>1; m>>=1) 
ulong mh = (m>>1); 
for (ulong j=0, k=O; j<m; jt=2, k++) 
{ 
Type x = f[j] * 0.5; 
Type y = f[j+1] * 0.5; 
g[k] eae am 
glmhtk] = x- y; 
} 
copy(g, f, m); 
if ( !ws ) delete [] g; 
} 


The next routine is equivalent to the sequence of statements { inverse_haar_permute() ; 
transposed_haar_inplace_nn(); }. Its advantage is that no scratch array is needed: 


template <typename Type> 
void transposed_haar_inplace_nn(Type *f, ulong ldn) 


s ulong n = 1UL<<ldn; 
for (ulong js=n; js>=2; js>>=1) 
{ 
for (ulong j=0, t=js>>1; j<n; jt=js, t+=js) 
Type x = f[j]; 
Type y = f[tl]; 
f[j] = x+y; 
f(t] = x-y; 
} 
} 
} 


The inverse transform is 


template <typename Type> 
void inverse_transposed_haar_inplace_nn(Type *f, ulong ldn) 


: ulong n = 1UL<<ldn; 
for (ulong js=2; js<=n; js<<=1) 
for (ulong j=0, t=js>>1; j<n; jt=js, t+=js) 
Type x = f[j] * 0.5; 
Type y = f[t] * 0.5; 
f[j] = x+y; 
f[t] = x-y; 
} 
} 
} 


[fxtbook draft of 2008-January-19] 


23.5: The reversed Haar transform 473 


1+ 
\ + 
+ 
lt + + t+ 
+ 
ltt e tee eet 


ONOAnPWNRO 


i 
+ 
ltt 


\ 
es 
ltt tt 
tte tee teeter erteetetest 


1 
+ 
ltt et 


+ 
tte ee eet 


teeter te te eee tee teeteeeeeeteeteeeeegese 

i 
\ 
' 
' 

i} 

\ 

+ 

+t et 


aT TIMI TIMI MM MIM MMM MM MMM MM MTM MNT MNT TM NTMI NI 
ee ee 


Figure 23.4-B: Basis functions for the transposed in-place Haar transform. Only the signs of the basis 
functions are shown. At the blank entries the functions are zero. 


23.5 The reversed Haar transform 


Let H,,; denote the non-normalized in-place Haar transform (haar_inplace_nn), Let Hy,,; denote the 
transposed non-normalized in-place Haar transform (transposed_haar_inplace_nn), R the revbin per- 
mutation, H the reversed Haar transform and H; the transposed reversed Haar transform. Then 


H => RAgh (23.5-1a) 
HA, = RnR (23.5-1b) 
A = RAR (23.5-1c) 
Ho = Bae (23.5-1d) 


Code for the reversed Haar transform [FXT: haar_rev_nn() in haar/haarrevnn.h): 


template <typename Type> 
void haar_rev_nn(Type *f, ulong ldn) 


{ 

// const ulong n = (1UL<<1dn) ; 
for (ulong ldm=ldn; ldm>=1; --1ldm) 
a 


const ulong m = (1UL<<ldm); 
const ulong mh = (m>>1); 
ulong r = 0; 
// for (ulong r=0; r<n; r+=m) // almost walsh_wak_dif2() 
{ 
ulong t2 = 
for (ulong 


{ 


r 
r+ 
j=O; j<mh; ++j, ++t1, ++t2) 


[fxtbook draft of 2008-January-19] 


A474 Chapter 23: The Haar transform 


+ 
+ 
+ 
+ 
' 
+ 
+ 
' 
+ 
+ 
' 
+ 
+ 
' 
+ 
+ 
i) 
+ 
+ 
1 
+ 
+ 


ONOnRPWNRO 


Ue en Be De ee De De De De ee BO eB 
to+ 
ee ee ee 


Figure 23.5-A: Basis functions for the reversed Haar transform. Only the signs of the nonzero entries 
are shown. 


Type u = f[t1]; 
Type v = f[t2]; 
f[ti] =u+y; 
f£[t2] =u -v; 


} 


Note that this is almost the radix-2 DIF implementation for the Walsh transform The only change is 
that the line for (ulong r=0; r<n; rt+=m) was replaced by ulong r = 0. The transform can also 
be computed via the following sequence of statements: { revbin_permute(); haar_inplace_nn() ; 
revbin_permute(); }. 


The inverse transform is obtained by the equivalent modification with the DIT implementation for the 
Walsh transform and normalization: 


template <typename Type> 
void inverse_haar_rev_nn(Type *f, ulong ldn) 


{ 
for (ulong ldm=1; ldm<=ldn; ++1dm) 
{ 
const ulong m = (1UL<<ldm) ; 
const ulong mh = (m>>1); 
ulong r = 0; 
// for (ulong r=0; r<n; rt=m) // almost walsh_wak_dit2() 
{ 


ulong ti = 1; 
ulong t2 = r + mh; 
for (ulong j=0; j<mh; ++j, ++t1, ++t2) 


Type u = f[ti] * 0.5; 


[fxtbook draft of 2008-January-19] 


23.6: Relations between Walsh and Haar transforms 475 


Type v = f£[t2] * 0.5; 
f£[t1] uty; 
f£ [t2] u- Vv; 


} 


The reversed transposed Haar transform is, up to normalization, the inverse of haar_rev_nn(). It is 
given in [FXT: |haar/transposedhaarrevnn.hi: 


template <typename Type> 
void transposed_haar_rev_nn(Type *f, ulong ldn) 


for (ulong ldm=1; ldm<=ldn; ++1dm) 


const ulong m = (1UL<<ldm) ; 
const ulong mh = (m>>1); 
ulong r = 0; 
// for (ulong r=0; r<n; rt=m) // almost walsh_wak_dit2() 
: ulong ti =r; 
ulong t2 = r + mh; 
for (ulong j=0; j<mh; ++j, ++t1, ++t2) 


{ 
Type u = f[t1]; 
Type v = f[t2]; 
f[ti] =u+y; 
j f[t2] =u -v; 


} 


The same result would be obtained by the following sequence of statements: { revbin_permute() ; 
transposed_haar_inplace_nn(); revbin_permute(); }. The inverse transform is 


template <typename Type> 
void inverse_transposed_haar_rev_nn(Type *f, ulong 1dn) 


{ 
// const ulong n = (1UL<<l1dn) ; 
for (ulong ldm=ldn; ldm>=1; --1dm) 


const ulong m = (1UL<<ldm) ; 
const ulong mh = (m>>1); 
ulong r = 0; 
// for (ulong r=0; r<n; rt=m) // almost walsh_wak_dif2() 
' ulong ti = 1; 
ulong t2 = r + mh; 
for (ulong j=0; j<mh; ++j, ++t1, ++t2) 


{ 
Type u = f[ti] * 0.5; 
Type v = f[t2] * 0.5; 
f[ti] =u+yv; 
f£[t2] =u -v; 

} 


23.6 Relations between Walsh and Haar transforms 


23.6.1 Walsh transforms from Haar transforms 


A length-n Walsh transform can be obtained from one length-n Haar transform, one transform of length- 
5, two transforms of length-7, four transforms of length-3, ...and 7 transforms of length-2. Using the 


reversed Haar transform the implementation is most straightforward: A Walsh transform (W;, the one 
with the Walsh Kronecker base) can be implemented as 


[fxtbook draft of 2008-January-19] 


476 Chapter 23: The Haar transform 


Haar transforms: 


H(16) H(8) H(4) H(2) 
AAAAAAAAaaaaaaaa BBBBbbbb CCcc Dd 
AAAAaaaa BBbb Cc 
Afaa Bb 
Aa 

Walsh(16) ="= 1*H(16) + 1*H(8) + 2*H(4) + 4*H(2) 
AAAAAAAAaaaaaaaa 
AAAAaaaaBBBBbbbb 
AAaaCCccBBbbCCcc 
AaDdCcDdBbDdCcDd 


Figure 23.6-A: Symbolic description of how to build a Walsh transform from Haar transforms. 


Transposed Haar transforms: 


H(16) H(8) H(4) H(2) 

Aa 

Afaa Bb 

AAAAaaaa BBbb Cc 

AAAAAAAAaaaaaaaa BBBBbbbb CCcc Dd 
Walsh(16) ="= 1*H(16) + 1*H(8) + 2*H(4) + 4*H(2) 

AaDdCcDdBbDdCcDd 

AAaaCCccBBbbCCcc 

AAAAaaaaBBBBbbbb 

AAAAAAAAaaaaaaaa 


Figure 23.6-B: Symbolic description of how to build a Walsh transform from Haar transforms, trans- 
posed version. 


// algorithm WH1: 

ulong n = i1UL<<ldn; 

haar_rev_nn(f, ldn); 

for (ulong ldk=ldn-1; ldk>0; --ldk) 


{ 
ulong k = 1UL << ldk; 


for (ulong j=k; j<n; j+=2*k) haar_rev_nn(f+j, ldk); 
} 


The idea, as a symbolic scheme, is shown in figure The scheme obtained by reversing the order of 
the lines is shown in figure}23.6-B} It corresponds to the computation of W; using the transposed version 
of the Haar transform: 

// algorithm WHIT: 

ulong n = 1UL<<ldn; 

for (ulong ldk=1; ldk<ldn; ++1dk) 


ulong k = 1UL << ldk; 
for (ulong j=k; j<n; j+=2*k) transposed_haar_rev_nn(f+j, ldk); 
} 


transposed_haar_rev_nn(f, ldn); 


Two more methods are obtained by reversing the individual lines of the schemes seen so far, see figure 
These correspond to the computation of the inverse Walsh transform (W,- — 4 W,,) either as 


// algorithm WH2T: 

ulong n = i1UL<<ldn; 
inverse_transposed_haar_rev_nn(f, ldn); 
for (ulong ldk=ldn-1; ldk>0; --ldk) 


[fxtbook draft of 2008-January-19] 


23.6: Relations between Walsh and Haar transforms A477 


AAAAAAAAaaaaaaaa aaaaaaaaAAAAAAAA 
AAAAaaaaBBBBbbbb bbbbBBBBaaaaAAAA 
AAaaCCccBBbbCCcc ccCCbbBBccCCaaAA 
AaDdCcDdBbDdCcDd dDcCdDbBdDcCdDaA 
WH1 WH2T 
AaDdCcDdBbDdCcDd dDcCdDbBdDcCdDaA 
AAaaCCccBBbbCCcc ccCCbbBBccCCaaAA 
AAAAaaaaBBBBbbbb bbbbBBBBaaaaAAAA 
AAAAAAAAaaaaaaaa aaaaaaaaAAAAAAAA 
WH1T WH2 


Figure 23.6-C: Symbolic scheme of the four versions of the computation of the Walsh transform via 
Haar transforms. 


{ 
ulong k = 1UL << ldk; 
for (ulong j=k; j<n; j+=2*k) inverse_transposed_haar_rev_nn(f+j, ldk); 
} 
or as 


// algorithm WH2: 
ulong n = 1UL<<ldn; 
for (ulong ldk=1; ldk<ldn; ++1dk) 


{ 
ulong k = 1UL << ldk; 


for (ulong j=k; j<n; j+=2*k) inverse_haar_rev_nn(f+j, ldk); 
} 


inverse_haar_rev_nn(f, ldn); 


23.6.2 Haar transforms from Walsh transforms 


The (~ n log(n)) schemes given here are not a efficient method to compute the Haar transform (which 
is ~ n). Instead, they can be used to identify the type of Haar transform that is the building block of a 
given Walsh transform. 


The non-normalized transposed reversed Haar transform can (up to normalization) be obtained via 


// algorithm HW1: transposed_haar_rev_nn(f, ldn); =*= 
for (ulong ldk=1; ldk<ldn; ++1dk) 
{ 


ulong k = 1UL << ldk; 
walsh_wak(ft+k, ldk); 


} 
walsh_wak(f, 1ldn); 
and its inverse as 


// algorithm HW1I: inverse_transposed_haar_rev_nn(f, ldn); ="= 
walsh_wak(f, ldn); 
for (ulong ldk=1; ldk<ldn; ++1dk) 


{ 
ulong k = 1UL << ldk; 


walsh_wak(f+k, ldk); 
The non-normalized transposed Haar transform can (again, up to normalization) be obtained via 


// algorithm HW2: transposed_haar_nn(f, ldn); ="= 
for (ulong ldk=1; ldk<ldn; ++1dk) 
{ 


[fxtbook draft of 2008-January-19] 


478 Chapter 23: The Haar transform 


Walsh transform: 

w(16) 
AaDdCcDdBbDdCcDd 
AAaaCCccBBbbCCcc 
AAAAaaaaBBBBbbbb 
AAAAAAAAaaaaaaaa 


Inverse (or transposed) Walsh transforms: 


W(8): W(4): W(2): 
BBBBbbbb CCcc Dd 
BBbbCCcc CcDd 
BbDdCcDd 

BBBBbbbb 

CCccBBbbCCcc 

DdCcDdBbDdCcDd 

Aa AaDdCcDdBbDdCcDd 

Afaa AAaaCCccBBbbCCcc 

AAAAaaaa AAAAaaaaBBBBbbbb 

AAAAAAAAaaaaaaaa AAAAAAAAaaaaaaaa 
Haar (16) ="= W(16) + W(8) + W(4) + W(2) 


Figure 23.6-D: Symbolic description of how to build a Haar transform from Walsh transforms. 


ulong k = 1UL << ldk; 
walsh_pal(ft+k, 1dk); 


walsh_pal(f, ldn); 
and its inverse as 
// algorithm HW2I: inverse_transposed_haar_nn(f, ldn); == 


walsh_pal(f, ldn); // =°= revbin_permute(f, n); walsh_wak(f, ldn); 
for (ulong ldk=1; ldk<ldn; ++1ldk) 
{ 


ulong k = 1UL << ldk; 
walsh_pal(ft+k, 1dk); 
} 


The symbolic scheme is given in figure |23.6-D 


23.7 Nonstandard splitting schemes * 


All radix-2 transforms recursively split the length of the array into halves. The size of the transforms 
is limited to powers of two. In a recursive implementation we use the fact that 2* = 2*-! + 2-1, 
With N; := 2" we have No = 1, and Ny = Np_-1 + Ne_1. We use different recursive schemes to derive 
nonstandard variants of the Haar and Walsh transforms. 


23.7.1 Fibonacci-Haar and Fibonacci-Walsh transform 


One can use the Fibonacci numbers F,, = F,-1 + Fn—1 (where Fo = 0 and F; = 1) to construct a 
Fibonacci-Haar transform as follows [FXT: haar /fib-haar.h : 


inline void fibonacci_haar(double *a, ulong f0, ulong f1) 
// In-place Fibonacci-Haar transform of a[0,...,f0-1]. 


[fxtbook draft of 2008-January-19] 


23.7: Nonstandard splitting schemes * 479 


O: CTt+tete¢¢¢+ 4+ ¢+ 4+ 4+ ¢ 4+ ¢ 4+ ¢+ 4+ 4+ 4+ 4+ <4 
1: [T+-++-+-+ 4+ -4+ 4+ -4+ -+ 4-4-4 4 
2: — + - + + - + -+ + -+ + - ] 
3: [ + - + + - + - + ] 
4: [— + - + + - + - + Jj 
5: [ + = + + = ] 
6: [| + = + - = JA 
TL * = + + - J 
8: [ + = + ] 
9: [— + = + ] 
10: [ + - + ] 
14 + 7 + ] 
12: [ + - + ] 
13: [+ - ] 
14: [ + = ] 
15: [ + = ] 
16: [ + = 7] 
rly Cae + a 1 
18: [ + = i 
19: [ + = 7] 
20: [ + - j 


Figure 23.7-A: Basis functions for the non-normalized Fibonacci-Haar transform. Only the signs of the 
nonzero entries are shown. At the blank entries the functions are zero. 


// £0 must be a Fibonacci number, f1 the next smaller Fibonacci number. 


if ( f0 <2) return; 

ulong £2 = f0 - f1; 

for (ulong j=0,k=f1; j<f2; ++j,++k) 
{ 


double u = a[j], v = alk]; 
alj] = (utv) * SQRT1_2; 
: alk] = (u-v) * SQRT1_2; 


fibonacci_haar(a, f1, £2); 


} 
A non-normalized version is obtained by omitting the multiplications with 1/\/2 (=SQRT1_2). The basis 
functions for the non-normalized transform with length-21 (= Fs) are shown in figure}23.7-A](compare to 


figure |23.5-A]on page|474). The second row corresponds to the rabbit sequence described in section |36.11 
on page Figure |23.7-A| was created with the program [FXT: fft/fib-haar-demo.cc. 


O: Tt+t+t+rt+ ++ 4+ 4+ 4+ 4+ 4+ 4+ 4 ++ 44+ 4 4+ J 
1: [T+ -++-+-+ 4+ -4+ 4+ -4+ -4+ 4-4-4 4 
2: [~ + - + + - + -+ + -+ + - ] 
3: [T+t+ -- ++ +4 --++ --++ ] 
4: [+- -++- + - -++- -++- ] 
5: [~+t+et+ ---+++ +++ ---] 
6: [+--+ -+-+-+4+ +- + -+- ] 
7: C+ - - + + - + - - + ] 
8: [+ t+t =e = ++ t+ 4+ i 
9: [+t-++- -+--+4+-4+ 4+ - ] 
10: [+ - + - + - + - + ] 
1i: [++ -- -- ++ t+ -- ] 
12: [+ - - + -+ +-4+- - + ] 
13: [+++ ++ 4+ 4+ 4+ (4 = ee eer ] 
14: [+-++-+4+-+ -+--+-4+- 4) 
15: [~ + - + + - - + - + ] 
16: [++ -- ++ -- + + - ] 
17: [T+ - -++4+- - + +--+ ] 
18: [+++ --- --- +++ ] 
19: [+- + -+- -+- +- +] 
20: [ + - - + - + + - ] 


Figure 23.7-B: Basis functions for the non-normalized Fibonacci-Walsh transform. 


A Fibonacci- Walsh transform can be obtained by adding one line in the recursive implementation of the 


[fxtbook draft of 2008-January-19] 


480 Chapter 23: The Haar transform 


Fibonacci-Haar transform [F XT: |walsh/fib-walsh.hj: 


inline void fibonacci_walsh(double *a, ulong f0, ulong f1) 
// In-place Fibonacci-Walsh transform of al0,...,f0-1]. 
// £0 must be a Fibonacci number, f1 the next smaller Fibonacci number. 


if ( f0 <2) return; 
ulong f2 = f0 - f1; 
for (ulong j=0,k=f1; j<f2;  ++j,++k) 
{ 
double u = a[j], v = alk]; 
aljl (ut+tv) * SQRT1_2; 
alk] = (u-v) * SQRT1_2; 


} 
fibonacci_walsh(a, fi, £2); 
fibonacci_walsh(at+fi, £2, £1-f2); // <--= omit line to obtain Haar transform 


} 
The basis functions for the length 21 transform are shown in figure |23.7-B] which was created with the 


program [F XT: fft/fib-walsh-demo.cc. 
The given routines can be optimized by inserting short-length transforms as recursion end. 


One can obtain Haar-like and Walsh-like transforms for any linear recursive sequence that is increasing. 
A construction for recurrences Ny = Nx—1 + Ng—1—p is considered in [106]. 


23.7.2. Mersenne-Haar and Mersenne-Walsh transform 


Mersenne-Haar Mersenne-Walsh 
Oo: [+ + + + + + + + ] Oo: [+ + + + + + + + J 
1: [ + + + + ] 1: [— + + + + ] 
2: — + - + - + - + - |] 2: [+ - + - + - + - ] 
3? [ + + ] 33 + + ] 
4: [~+ - + - ] 4: [+ + - - + + - - ] 
5: [ + 7 + - J 5: [ + 7 + - ] 
6: [ + - + - ] 6: [ + - - + + - - + J 
7: [ + ] 7: [ + ] 
8: [+ - ] 8: [+ + + + - - - - ] 
9: [ + = ] 9: [ + + = - J 
10: [ + - ] 10: fe = Fe eS EY] 
11: [ + 7 ] 11: [ + 7 ] 
12: [ + = ] 123 Ga me 
13: [ + - ] 13: [ + - - + J 
14: [ + - ] 14: P+ - - + = + + = J 


Figure 23.7-C: Basis functions for the non-normalized Mersenne-Haar transform (left), and Mersenne- 
Walsh transform (right). Only the signs of the nonzero entries are shown. At the blank entries the 
functions are zero. 


For the Mersenne numbers M;, = 2* — 1 we have the recursion M;, = 2- M,_1 +1. This can be used to 
obtain a Mersenne- Walsh transform [F XT: |walsh/mers-walsh.h): 


inline void mersenne_walsh(double *a, ulong f0) 

// In-place Mersenne-Walsh transform of a[0,...,f0-1]. 
// £0 must be a Mersenne number. 

// Self-inverse. 


if ( f0 <2) return; 
ulong f1 = f0 >> 1; // next smaller Mersenne number 


for (ulong j=0,k=fiti; j<f1;  ++j,++k) 
{ 

double u = a[j], v = alk]; 

aljl (ut+tv) * SQRT1_2; 

alk] = (u-v) * SQRT1_2; 


mersenne_walsh(a, f1); 


[fxtbook draft of 2008-January-19] 


23.7: Nonstandard splitting schemes * 481 


mersenne_walsh(a+fit+i, f1); // <--= omit line to obtain Mersenne-Haar transform 


Figure |23.7-C] (right) gives the basis functions for the non-normalized Mersenne-Walsh transform. The 
Mersenne-Haar transform is obtained by deleting one line as indicated. The implementation is given 
in [FXT: haar/mers-haar.h, the basis functions of the non-normalized version are shown at the left 


of figure |23.7-C| The figure was created with the programs [FXT: |fft/mers-walsh-demo.cc) and [FXT: 


fft /mers-haar-demo.cc). Note that both transforms leave the central element unchanged. 


[fxtbook draft of 2008-January-19] 


482 Chapter 23: The Haar transform 


[fxtbook draft of 2008-January-19] 


483 


Chapter 24 


The Hartley transform 


The Hartley transform is a trigonometric transform whose practical importance comes from the fact 
that it maps real data to real data. While the fast algorithms for radix-2 can be found without great 
difficulty the higher radix algorithms are not obvious. Therefore it is appropriate to describe the Hartley 
transform in terms of the Fourier transform. A method for the conversion of FFT algorithms to fast 
Hartley transform (FHT) algorithms is given. 


Routines for the conversion of Hartley transforms to and from Fourier transforms are described. Convo- 
lution routines based on the FHT are given for complex and real valued data. An efficient procedure for 
the computation of the negacyclic convolution is described. 


24.1 Definition and symmetries 


The discrete Hartley transform (HT) of a length-n sequence a is defined as 


c = Hal (24.1-1a) 
n—-1 
1 2rkea . 24rkex 
Ch I= Jaret (cos . + sin . ) (24.1-1b) 


That is, almost like the Fourier transform but with ‘cos+ sin’ instead of ‘cos+i- sin’. The (continuous 
version of the) Hartley transform is treated in [130]. 


The Hartley transform of a purely real sequence is purely real: 
Hla] € R- for aeR (24.1-2) 
It also is its own inverse: 
H{[H[a]] = a (24.1-3) 


Symmetry is conserved, like for the Fourier transform: the Hartley transform of a symmetric, antisymmet- 
ric sequence is symmetric, antisymmetric, respectively. Using the notation from section on page 
one has 


Hlas] = +H [as] = +H [ag] (24.1-4a) 
Hles] = —H{aa] = —H [aa] (24.1-4b) 


An algorithm for the fast (n log(n)-) computation of the Hartley transform is called a fast Hartley 
transform (FHT). 


[fxtbook draft of 2008-January-19] 


484 Chapter 24: The Hartley transform 


24.2 Radix-2 FHT algorithms 


24.2.1 Decimation in time (DIT) FHT 


Notation: For a length-n sequence a of let X!/2a denote the sequence with elements az cos ma/n + 
Gz sina x/n. The operator X!/? is the equivalent to the operator S!/? of the Fourier transform algorithms. 
We use the notation (even) and (odd) as introduced on page [378| The radix-2 decimation in time (DIT) 
step for the FHT: 


n/2 


(a) ef?) Ht [alever)| + 21/274 [oleae] (24.2-1a) 


H [al ria") ne? ay [ateven)] — ey [a‘o24)] (24.2-1b) 


This is the equivalent to relations |20.3-3a] and |20.3-3b]on page [379] 
Pseudo code for a recursive radix-2 DIT FHT (C++ version in [FXT: fht/recfht2.cc)): 


procedure rec_fht_dit2(a[], n, x[]) 
// real a[O..n-1] input 

// veal x[0..n-1] result 

{ 


real b[O..n/2-1], c{0..n/2-1] // workspace 
real s[0..n/2-1], t[0..n/2-1] // workspace 


if n == 1 then 


x[0] := a[0] 
return 
nh := n/2; 
for k:=0 to nh-i 
s(k] := a[2*k] // even indexed elements 
t[k] := a[2*k+1] // odd indexed elements 


rec_fht_dit2(s[], nh, b[]) 
rec_fht_dit2(t[], nh, c[]) 


hartley_shift(c[], nh, 1/2) 
ad k:=0 to nh-1 


x [k] := blk] + c[k]; 
x[k+nh] := blk] - clk]; 


} 
The result is returned in the array in x[]. The procedure hartley_shift() implements the operator 
X1/?. it replaces element cj, of the input sequence c by cz cos(a k/n) + cn_~% sin(t k/n). As pseudo code: 


procedure hartley_shift_05(c[], n) 
// real c[O..n-1] input, result 


nh := n/2 
j:=n-1 
aa k:=1 to nh-1 


c := cos( PI*k/n ) 
s := sin( PI*k/n ) 


{clk], clj]} := {clk] *c+c[j]*s, clk] *s-c[j]*c} 
j= jel 


} 
C++ implementations are given in [FXT: fht/hartleyshift.h}. A version that exploits the symmetry of 


the trigonometric factors is 


#define Tdouble long double 
#define Sin sinl 


[fxtbook draft of 2008-January-19] 


24.2: Radix-2 FHT algorithms 


template <typename Type> 
inline void hartley_shift_05_v2rec(Type *f, ulong n) 


Tdouble be = Sin(phi0), al = Sin(0.5*phi0O); al *= (2.0*al); 


for (ulong i=1, j=n-1, k=nh-1, l=nh+1; ix<k; ++i, --j, --k, ++1) 


{ Tdouble tt = c; c -= (al*tttbe*s); s -= (al*s-be*tt); } 


{ 
const ulong nh = n/2; 
a ( n>=4 ) 
ulong i0=nh/2, j0=3*i0; 
Type fi = f£[10], fj = f[jol; 
double cs = SQRT1_2; 
f£[i0] = (fi + fj) * cs; 
£[jO] = (fi - fj) * cs; 
a ( n>=8 ) 
const Tdouble phiO = PI/n; 
Tdouble s = 0.0, c = 1.0; 
{ 
fi = fi]; 
fj = f[jl; 
f[i] = fi * (double)c + fj * 
f[j] = fi * (double)s - fj * 
fi = tik]; 
fj = £11]; 
f[k] = fi * (double)s + fj * 
f£[1] = fi * (double)c - fj * 
} 
} 
} 
} 


#undef Tdouble 


#undef Sin 


(double)s; 
(double)c; 


(double)c; 
(double)s; 


Pseudo code for a non-recursive radix-2 DIT FHT: 


procedure fht_depth_first_dit2(a[], 1ldn) 
// real a[O..n-1] input,result 


{ 


n := 2**ldn // length of a[] is a power of 2 


revbin_permute(a[], n) 
a ldm:=1 to ldn 


m 
mh : 
m4 : 


for r: 


{ 


2**1dm 
m/2 
m/4 


=0 to n-m step m 


for j:=1 
{ 


k 


C= 
sis 


to m4-1 // hartley_shift(atr+mh,mh,1/2) 


mh - j 
a[r+mh+j] 
a[r+mh+k] 


cos(j*PI/mh) 
sin(j*PI/mh) 


fu, v} := fu*ctv*s, u*s-v*c} 


a[r+mh+j] 
alrt+mh+k] 


for j:=0 


u 
Vv 


a[rt+j] 
a[r+j+mh] 


=u 
=v 
to mh-1i 


alrt+j] 
a[r+jtmh] 


[fxtbook draft of 2008-January-19] 


485 


486 Chapter 24: The Hartley transform 


The derivation of the ‘usual’ DIT2 FHT algorithm starts by combining the Hartley-shift with the sum /diff- 
operations [FXT: fht /fhtdit2.cc : 


void fht_depth_first_dit2(double *f, ulong ldn) 


{ 
const ulong n = 1UL<<ldn; 
revbin_permute(f, n); 
for (ulong ldm=1; ldm<=ldn; ++1ldm) 
const ulong m = (1UL<<l1dm) ; 
const ulong mh = (m>>1); 
const ulong m4 = (mh>>1); 
const double phiO = M_PI/mh; 
for (ulong r=0; r<n; rt+=m) 
{ // j= 
ulong ti =r; 
ulong t2 = ti + mh; 
sumdiff(f[t1], £[t2]); 
if ( m4 ) 
{ 
ulong ti = r+ m4; 
ulong t2 = ti + mh; 
sumdiff(f[t1], £[t2]); 
} 
for (ulong j=1, k=mh-1; j<k; ++j,--k) 
{ 
double s, c; 
SinCos(phi0+j, &s, &c); 
ulong tj = r+ mh + j; 
ulong tk = r+mh+k; 
double fj = f[tj]; 
double fk = f[tk]; 
f[tj] =fj *c+fk*s; 
f[tk] = fj * s - fk * c; 
ulong ti = r+ j; 
ulong t2 = tj; // == ti + mh; 
sumdiff(f[t1], £[t2]); 
ti=asrtk; 
t2 = tk; // == ti + mh; 
sumdiff(f[t1], £[t2]); 
} 
} 
a 
} 


Finally, as with the FFT equivalent (see page 380), the number of trigonometric computations can be 
reduced by swapping the innermost loops [FXT: fht/fhtdit2.cc): 

void fht_dit2(double *f, ulong ldn) 

‘a Radix-2 decimation in time (DIT) FHT. 


const ulong n = 1UL<<ldn; 
revbin_permute(f, n); 
for (ulong ldm=1; ldm<=ldn; ++1dm) 
{ 
const ulong m = (1UL<<ldm) ; 
const ulong mh = (m>>1); 


const ulong m4 = (mh>>1); 
const double phiO = M_PI/mh; 


for (ulong r=0; r<n; rt+=m) 


{ // j= 
ulong ti =r; 
ulong t2 = ti + mh; 


sumdiff(f[ti], £#[t2]); 


[fxtbook draft of 2008-January-19] 


24.2: Radix-2 FHT algorithms 487 


if ( m4 ) 
{ 


ulong ti = r+ m4; 
ulong t2 = ti + mh; 
sumdiff(f[t1], £[t2]); 


} 
for (ulong j=1, k=mh-1; j<k; ++j,--k) 
{ 


double s, c; 
SinCos(phi0+*j, &s, &c); 


for (ulong r=0; r<n; rt+=m) 


ulong tj = r+ mh + j; 

ulong tk = r+mh+k; 

double fj = f[tj]; 

double fk = f[tk]; 

f[tj] = fj * c+ fk * s; 
f[tk] = fj * s - fk * ¢c; 
ulong ti =r+ j; 

ulong t2 = tj; // == t1 + mh; 
sumdiff(f[t1], £[t2]); 

ti =rt+k; 


t2 = tk; // == ti + mh; 
sumdiff(f[ti], £#[t2]); 


24.2.2 Decimation in frequency (DIF) FHT 


The radix-2 decimation in frequency step for the FHT is (compare to relations |20.3-6a] and |20.3-6b] on 
page |382): 


H ian n/a H jattere a gn (24.2-2a) 


7 [aloe Me ae jaw? (ater) _ avriont))) (24.2-2b) 


Pseudo code for a recursive radix-2 DIF FHT (the C++ equivalent is given in [FXT: fht/recfht2.cc)): 


procedure rec_fht_dif2(a[], n, x[]) 
// real a[O..n-1] input 
u real x[0..n-1] result 


real b[0..n/2-1], c{0..n/2-1] // workspace 
real s[0..n/2-1], t[0..n/2-1] // workspace 


if n == 1 then 
{ 


x[0] := a[0] 
return 
} 
nh := n/2; 
aa k:=0 to nh-1 
s[k] := alk] // ?left’? elements 
t[k] := alktnh] // ’right’ elements 
} 


oe k:=0 to nh-1 


: {s[k], t[k]} := {s[k]+t[k], s[k]-t[k]} 
hartley_shift(t[], nh, 1/2) 


rec_fht_dif2(s[], nh, b[]) 
rec_fht_dif2(t[], nh, c[]) 


[fxtbook draft of 2008-January-19] 


488 Chapter 24: The Hartley transform 


j :=0 

for k:=0 to nh-1i 
x[j] = bik] 
x[j+1] := c[k] 
j i= 5+2 


} 
} 


Pseudo code for a non-recursive radix-2 DIF FHT (C++ version in [FXT: fht/fhtdif2.cc]): 


procedure fht_depth_first_dif2(a[], 1ldn) 
// real a[O..n-1] input,result 


{ 
n := 2**ldn // length of a[] is a power of 2 
for ldm:=ldn to 1 step -1 
{ 
m = 2**ldm 
mh := m/2 
m4 := m/4 
for r:=0 to n-m step m 
{ 
for j:=0 to mh-1 
{ 
u := alrtj] 
v := alr+j+mh] 
alr+j] =utyv 
alrt+jtmh] :=u-v 
} 
for j:=1 to m4-1 
{ 
k := mh - j 
u := a[rtmhtj] 
v := a[lr+mhtk] 
c := cos(j*PI/mh) 
s := sin(j*PI/mh) 
fu, v} := fuxctv*s, u*xs-v*c} 
alrtmh+j] :=u 
a[rt+mh+k] := v 
$ 
} 
} 
revbin_permute(a[], n) 
} 


The ‘usual’ DIF2 FHT algorithm then is again obtained by swapping the inner loops, a C++ implemen- 
tation is [FXT: fht_dif2() in |fht/fhtdif2.cc : 


void fht_dif2(double *f, ulong 1dn) 
// Radix-2 decimation in frequency (DIF) FHT 


{ 
const ulong n = (1UL<<ldn) ; 


for (ulong ldm=ldn; ldm>=1; --1ldm) 
{ 


const ulong m = (1UL<<ldm) ; 
const ulong mh = (m>>1); 
const ulong m4 = (mh>>1); 
const double phiO = M_PI/mh; 


for (ulong r=0; r<n; rt+=m) 
{ //j = 
ulong ti =r; 


ulong t2 = ti + mh; 
sumdiff(f[ti], f[t2]); 


if ( m4 ) 

{ 
ulong ti = r+ m4; 
ulong t2 = ti + mh; 


[fxtbook draft of 2008-January-19] 


24.3: Complex FT by HT 489 


sumdiff(f[t1], £[t2]); 
} 
for (ulong j=1, k=mh-1; j<k; ++j,--k) 
{ 


double s, c; 
SinCos(phi0+j, &s, &c); 


for (ulong r=0; r<n; rt+=m) 


ulong tj = r+ mh + j; 

ulong tk = r + mh + k; 

ulong ti = r+ j; 

ulong t2 = tj; // == t1 + mh; 
sumdiff(f[ti], £#[t2]); 
ti=rt+k; 


t2 = tk; // == ti + mh; 
sumdiff(f[ti], £#[t2]); 


double fj = f[tj]; 
double fk = f[tk]; 
f[tj] fj *c+ fk * s; 


f[tk] = fj * s - fk * c; 


} 
a 


revbin_permute(f, n); 


24.3 Complex FT by HT 


The relations between the HT and the FT can be read off directly from their definitions and their 
symmetry relations. Let o be the sign of the exponent in the FT, then the HT of a complex sequence 
dé Cis 


Fld] = 5 (Hid + Fld +04 (H (dq —H1d)) (24.3-1) 


Written out for the real and imaginary part of d=a+ib (a,b€R): 


ReFlatib] = (1 [a] + Ha] — o (1) - 7M) (24.3-2a) 


Im Fla+ib] = 


NLR NI] eR 


(1 (1+ 70 +0 (1 [a] -H{l)) (24.3-2b) 
Using the symmetry relations |24.1-4a} and |24.1-4b]on page one can recast the relations as 


MeFla+ib] = =Hlas—oba] (24.3-3a) 


ImFlatib] = <H[bs+oayl (24.3-3b) 


Dlr wl] eR 


Both formulations lead to the very same conversion procedure. The following pseudo code is for a complex 
FT by HT conversion: 


fht_fft_conversion(a[], b[], n, is) 

// preprocessing to use two length-n FHTs 
// to compute a length-n complex FFT 

// ox 

// postprocessing to use two length-n FHTs 
// to compute a length-n complex FFT 

// Self-inverse. 


for k:=1 to n/2-1 


[fxtbook draft of 2008-January-19] 


490 Chapter 24: The Hartley transform 


{ 
t := n-k 
as := alk] + alt] 
aa := alk] - alt] 
bs := bLk] + bit] 
ba := bLk] - blIt] 
aa := is * aa 
ba := is * ba 
alk] := 1/2 * (as - ba) 
a[t] := 1/2 * (as + ba) 
b[k] := 1/2 * (bs + aa) 
} b(t] := 1/2 * (bs - aa) 


} 


The C++ implementations are given in [FXT: fft/fhtfft.cc) for type double and [FXT: |fft/fhtcfft.cc, for 
type complex. Now we have two options to compute a complex FT by two HTs. Version I does the 
FHTs first: 


fft_by_fhti(al], b[], n, is) 
// real a[O..n-1] input,result (real part) 
// veal b[0..n-1] input,result (imaginary part) 


fht(a[], n) 
fht(b[], 
fht_fft_conversion(a[], b[], n, is) 


5B 
Y 


Version 2 does the FHTs at the end of the routine: 


fft_by_fht2(al], b[], n, is) 
// real a[O..n-1] input,result (real part) 
// real b[O..n-1] input,result (imaginary part) 


fht_fft_conversion(a[], b[], n, is) 
fht(a[], n) 
fht(b[], n) 

} 


Note that the real and imaginary parts of the FT are computed independently by this procedure. This 
can be very advantageous when the real and imaginary part of complex data lies in separate arrays. The 


C++ version is given in [FXT: iff /fatfft.cc). 
24.4 Complex FT by complex HT and vice versa 


either version from section |24.3]and there is nothing new. Really? If one has a type complex version of 


A complex valued HT is simply two HTs (one of the real, one of the imaginary part). So we can use 
i 
both the conversion and the j 


HT routine then the complex FFT can be computed as either 


fft_by_fhti(c[], n, is) 
// complex c[0..n-1] input,result 


fht(c[], n) 
fht_fft_conversion(c[], n, is) 


} 
or the same with swapped statements. 


This may not make you scream but here is the message: it makes sense to do so. One saves half of the 

trigonometric computations and book keeping. It is pretty easy to derive a complex FHT from the real 

version and with a well optimized FHT you get an even better optimized FFT. C++ implementations of 

complex FHTs are given in ey SURES (DIF algorithm), [FXT: (DIT algorithm), 
tht /ctht0.cc 


and, for zero padded data, [FXT: 


The other way round: computation of a complex FHT using FFTs. Let T be the operator corresponding 


[fxtbook draft of 2008-January-19] 


24.5: Real FT by HT and vice versa 491 


to the fht_fft_conversion. The operator is its own inverse: T = T~!. We have seen that 


F=HuH-T and FH=T-H (24.4-1) 


H=T-F and H=F-T (24.4-2) 


Hence we have either 


fht_by_fft(c[], n, is) 
// complex c[0..n-1] input,result 


fft(c[], n) 
fht_fft_conversion(c[], n, is) 


or the same thing with swapped lines [FXT: fft/fhtcfft.cc|. The same ideas also work for separate real 
and imaginary parts but in that case one should rather use separate FHTs for the two arrays. 


24.5 Real FT by HT and vice versa 


To express the real and imaginary part of a Fourier transform of a purely real sequence a € R by its 


Hartley transform use relations |24.3-2a] and |24.3-2b]on page and set b = 0: 


ReFla] = 5 (HL [a] + Ta) (24.5-1a) 
gmFla] = o 5 (Hal — Hal) (24.5-1b) 


A C++ implementation is [FXT: fht_real_complex_fft() in |realfft/realfftbyfht.cc : 


template <typename Type> 

static inline void sumdiff05(Type &a, Type &b) 
// {a, b} <--| {0.5*(atb), 0.5*(a-b)} 

{ Type t=(a-b)*0.5; at=b; a*=0.5; b=t; } 
template <typename Type> 

static inline void sumdiff05_r(Type &a, Type &b) 
// fa, b} <--| {0.5*(atb), 0.5*(b-a)} 

{ Type t=(b-a)*0.5; at=b; a*=0.5; b=t; } 


void 
fht_real_complex_fft(double *f, ulong ldn, int is/*=+1*/) 
{ 

fht(f, ldn); 


const ulong n = (1UL<<ldn) ; 


if ( is>O ) for (ulong i=1,j=n-1; i<j; it++,j--) sumdiffo5(f[il, f£[j]); 
else for (ulong i=1,j=n-1; i<j; i++,j--) sumdiffo5_r(flil, f[jl]); 


[fxtbook draft of 2008-January-19] 


492 Chapter 24: The Hartley transform 


At the end of the procedure the ordering of the output data c= F [a] € Cis 


all] = Reco (24.5-2) 
a(t = Re Cy 
a2 = Re C2 
a[n/2} = Recyso 
a(n/2 +1 = Im Cn /2-1 
a[n/2 +2 = Im Cn/2-2 
a[n/2 +3 = Im Cn/2—3 
aln—1] = Imcqy 


The inverse procedure is given in [FXT: realfft/realfftbyfht.cc : 


void 
fht_complex_real_fft(double *f, ulong ldn, int is/*=+1*/) 


{ 
const ulong n = (1UL<<ldn) ; 


if ( is>O ) for (ulong i=1,j=n-1; i<j; it+,j--) sumdiff(f[i], f[j]); 
else for (ulong i=1,j=n-1; i<j; it+,j--) diffsum(f[i], f[j]); 


fht (f,1dn) ; 
} 


The function sumdiff() is defined in [FXT: aux0/sumdiff.h): 


template <typename Type> 

static inline void sumdiff(Type &a, Type &b) 
// {a, b} <--| {atb, a-b} 

{ Type t=a-b; at=b; b=t; } 


template <typename Type> 

static inline void diffsum(Type &a, Type &b) 

// fa, b} <--| {a-b, atb} 

{ Type t=a-b; bt=a; a=t; } 

The input has to be ordered as given above (relations |24.5-2). The sign of the transform (is) has to be 
the same as with the forward version. 


Computation of a (real-valued) FHT using a real-valued FFT proceeds similar as for complex versions. 
Let T;-2- be the operator corresponding to the post-processing in real_complex_fft_by_fht(), and Tyo, 
correspond to the preprocessing in complex_real_fft_by_fht(). That is 


F ar =H- Teor and Fr2e = 1tr2° H (24.5-3) 


1 
Tr 


The operators are mutually inverse: T,2. = Ty5, and Tyr = Th Multiplying the relations and using 


Troe * Loar = Tear» Trac = 1 gives 
H= Teor : Fr. and H= Fear “ T 126 (24.5-4) 


The corresponding code should be obvious. Watch out for real-to-complex FFTs that use a different 
ordering of the output than given in relation |24.5-2 


24.6 Higher radix FHT algorithms 


Higher radix FHT algorithms seem to get complicated due to the structure of the Hartley shift operator. 
In fact there is a straightforward way to turn any FFT decomposition into an FHT algorithm. 


[fxtbook draft of 2008-January-19] 


24.7: Convolution via FHT 493 


For the moment assume that we want to compute a complex HT, further assume we want to use a radix-r 
algorithm. At each step we have r short HTs and want to combine them to a longer HT but we do not 
know how this might be done. In section on page [489] we learned how to turn a HT into an FT 
using the T-operator. And we have seen radix-r algorithms for the FFT. The crucial idea is to use the 
conversion operator JT’ as a wrapper around the FFT-step that combines several short FTs into a longer 
one. Here is how to turn a radix-r FFT-step into an FHT-step, simply do the following: 


1. first convert the r short HTs into FTs (use T on the subsequences) 
2. then perform the radix-r the FFT step 
3. finally convert the FT into a HT (use T on the sequence) 
For efficient implementations one obviously wants to combine the computations. 


To obtain real-valued FHTs note that the real and imaginary parts do not ‘mix’: one can use the identical 
algorithm with real input (and the corresponding data types). With a radix-r step the scheme always 
accesses 2r elements simultaneously. The symmetry of the trigonometric factors is thereby automatically 
exploited. Splitting steps for the radix-4 FHT and the split-radix FHT are given in [218]. 


24.7 Convolution via FHT 


The convolution property of the Hartley transform can be stated as 


Hla@b]) = ; (1 [a] 1 [b] — Ha] H [b] +H [a] H [b] + H [al H i) (24.7-1) 


or, with c:= H [a] and d:= H [}], written element-wise: 


1 — — 
Hla®bl, = 5 (cede — Tdi + Ce Te +7 de) (24.7-2a) 
1 = = 
= 5 (ce (de + de) + % (de — Ge) (24.7-2b) 


The latter form reduces the number of multiplications. When turning the relation into an algorithm one 
has to keep in mind that both elements y, = H [a @ b] and y_; must be computed simultaneously. 


24.7.1 Implementation as pseudo code 
Pseudo code for the cyclic convolution of two real valued sequences x[] and y[] via the FHT. n must 
be even, the result is returned in y[]: 


procedure fht_cyclic_convolution(x[], y[], n) 
// real x[0..n-1] input, modified 

// real y[0..n-1] result 

{ 


// transform data: 


fht(x[], n) 
fht(y0], n) 
// ponyosue ton in transformed domain: 
j c= n- 
= i:=1 to n/2-1 
xi := x[il 
xj := x[jl 
yp := yli] + yfjl // == yljl] + ylil 
ym := ylil - yfjl // == -(y[jl] - ylil) 


y li] = (xi*yp + xj*ym) /2 
(xj*yp - xi*ym)/2 


< 
fa 
ua. 
Ww 
"od 


j= j-t 


[fxtbook draft of 2008-January-19] 


494 Chapter 24: The Hartley transform 


} 
ylo] := x[0]*y[0] 
if n>1 then yl[n/2] := x[n/2]+*y[n/2] 


// transform back: 
fht(y0], n) 


// normalize: 
for i:=0 to n-1 


yli] := ylil /n 
} 


It is assumed that the procedure fht() does no normalization. The C++ equivalent is given in [FXT: 


convolution/fhtcnvl.cc . 


Equation |24.7-2a]on the previous page (slightly optimized) for the auto convolution is 


Hla@al, = 5 (ce (ck + &&) + (cx ~7))) (24.7-3a) 
= ee oe (24.7-3b) 


2 
where c = H [a]. 
We give pseudo code for the cyclic auto convolution that uses a fast Hartley transform, n must be even: 


procedure cyclic_self_convolution(x[], n) 
// real x[0..n-1] input, result 


// transform data: 


fht(x[], n) 
// convolution in transformed domain: 
j:=n-t 
aad i:=1 to n/2-1 
ci := x[i] 
ej i= x[j] 
t1 := ci*cj // == cj*ci 
t2 := 1/2*(ci*ci-cj*cj)  // == -1/2*(cj*cj-cix*ci) 
x[i] := ti + t2 
x[j] := t1 - t2 
jis j-t 
x [0] := x[0]*x[0] 


if n>1 then x[n/2] := x[n/2]*x[n/2] 


// transform back: 
fht(x[], n) 


// normalize: 
for i:=0 to n-1 


x{i] := xfi] /n 
} 
For odd n replace the line 
for i:=1 to n/2-1 
by 
for i:=1 to (n-1)/2 
and omit the line 


if n>1 then x[n/2] := x[n/2]*x[n/2] 


in both procedures above. 


[fxtbook draft of 2008-January-19] 


24.7: Convolution via FHT 495 


24.7.2 C++ implementations 


The FHT based routine for the cyclic convolution of two real sequences is: 


void fht_convolution(double * restrict f, double * restrict g, ulong 1dn) 


{ 


fht(f, ldn); 

fht(g, ldn); 

fht_convolution_core(f, g, ldn); 

fht(g, ldn); 
} 
The equivalent to the element-wise multiplication is given in [FXT: convolution/fhtcnvlcore.cc': 
void 


fht_convolution_core(const double * restrict f, double * restrict g, ulong ldn, 
double v/*=0.0*/) 
// Auxiliary routine for the computation of convolutions 


// via Fast Hartley Transforms. 
// 1dn := base-2 logarithm of the array length. 
// v'!=0.0 chooses alternative normalization. 


const ulong n = (1UL<<1ldn); 
if ( v==0.0 ) v = 1.0/n; 


g[O] *= (v * £[0]); 
const ulong nh = n/2; 


if ( nh>o ) 
{ 


ginh] *= (v * f[nh]); 
v *= 0.5; 
for (ulong i=1,j=n-1; i<j; i++,j--) fht_mul(f[i], fj], glil, gfj], v); 
} 
} 


where [F XT: |convolution/fhtmulsqr.h|: 


template <typename Type> 

static inline void 

fht_mul(Type xi, Type xj, Type &yi, Type &yj, double v) 
// yi <-- ve Q4xi*xxj + xi*xi - xj*xj ) 

// yj <-- veC Qexi*xj - xi*xi + xj*xj ) 


Type hip = xi, him = xj; 
Type si = hip + him, di = hip - him; 
Type h2p = yi, h2m = yj; 
yi = (h2p * si + h2m * di) * v; 
yj = (h2m * si - h2p * di) * v; 
t 


A C++ implementation of the FHT based self-convolution is given in [FXT: |convolution/fhtcnvla.cc). It 


uses the routine 
void 
fht_auto_convolution_core(double *f, ulong ldn, 


double v/*=0.0*/) 
// v'!=0.0 chooses alternative normalization 


const ulong n = (1UL<<ldn) ; 
if ( v==0.0 ) v = 1.0/n; 
f£[0] *= (v * £[0]); 

. ( n>=2 ) 


const ulong nh = n/2; 
f[nh] *= (v * f[nh]); 
v *= 0.5; 
for (ulong i=1,j=n-1; i<nh; i++,j--) fht_sqr(f[i], f[j], vw); 
} 
} 


where [F XT: \convolution/fhtmulsqr.h): 


template <typename Type> 

static inline void 

fht_sqr(Type &xi, Type &xj, double v) 
// xi <-- ve Q4xi*xj + xi*xi - xj*xj ) 


[fxtbook draft of 2008-January-19] 


496 Chapter 24: The Hartley transform 


// xj <-- v*( Qexi*xj - xi*xi + xj*xj ) 


Type a= xi, b = xj; 
Type si = (a + b) * (a - b); 


a *=b; 
a += a; 
xi (atsi) * Vv; 


(a-si) * Vv; 


24.7.3 Avoiding the revbin permutations 


The observation that the revbin permutations can be omitted with FFT based convolutions (see sec- 


tion |21.1.3}on page |411) applies again [FXT: convolution/fhtcnvlcore.cc : 


void 
fht_convolution_revbin_permuted_core (const double * restrict f, 
double * restrict g, 
ulong ldn, 
double v/*=0.0*/) 
// Same as fht_convolution_core() but with data access in revbin order. 


const ulong n = (1UL<<ldn); 
if ( v==0.0 ) v = 1.0/n; 


glO] *= (v * £[0]); // 0 == revbin(0) 
if ( m>=2) g[i] *= (v * £[1]); // 1 == revbin(nh) 


if ( n<4 ) return; 


v *= 0.5; 
const ulong nh = (n>>1); 


ulong r=nh, rm=n-1; // nh == revbin(1), ni-1 == revbin(n-1) 
fht_mul(f[r], flrm], g[r], glrm], wv); 

ulong k=2, km=n-2; 

gate ( k<nh_ ) 


// k& even: 

rm -= nh; 

ulong tr = r; 

r°=nh; for (ulong m=(nh>>1); !((r7=m)&m); m>>=1) {3} 
fht_mul(f[r], flrm], g[r], glrm], v); 


r += nh; 

fht_mul(f[r], flrm], gir], glrm], v); 
--km; 

} ? 

} 


The optimized version saving three revbin permutations is [F XT: |convolution/fhtcnvl.cc': 


void fht_convolution(double * restrict f, double * restrict g, ulong ldn) 
{ 

fht_dif_core(f, ldn); 

fht_dif_core(g, ldn); 

fht_convolution_revbin_permuted_core(f, g, ldn); 

fht_dit_core(g, ldn); 


24.8 Negacyclic convolution via FHT 


Pseudo code for the computation of the negacyclic (auto-) convolution via FHT: 


procedure negacyclic_self_convolution(x[], n) 
// real x[0O..n-1] input, result 


[fxtbook draft of 2008-January-19] 


24.9: Localized FHT algorithms 497 


hartley_shift_05(x, n) // preproces 
fht(x, n) // transform data 


// convolution in transformed domain: 

j= n-1 

for i:=0 to n/2-1 // here i starts from zero 
x [i] 

x[j] 

:= ak*b+(a*a-b*b) /2 

:= a*b-(a*a-b*b) /2 


fht(x, n) // transform back 
hartley_shift_05(x, n) // postprocess 
} 


C++ implementations for the negacyclic convolution and self convolution are given in [FXT: 


lution/fhtnegacnvl.cc|. The FHT-based negacyclic convolution is turns out to be extremely useful for 


the computation of weighted transforms, for example in the MFA-based convolution for real input, see 


section |21.4.1]on page |421 


24.9 Localized FHT algorithms 


Localized routines for the FHT can be obtained by slight modifications of the corresponding algorithms 
for the Walsh transform described in section on page The decimation in time (DIT) version is 


[FXT: |fht/fhtloc2.h): 


template <typename Type> 
void fht_loc_dit2_core(Type *f, ulong ldn) 


{ 
if ( ldn<=13 ) // sizeof (Type)*(2**thres) <= L1_CACHE_BYTES 
fht_dit_core(f, ldn); 
return; 
} 
// Recursion: 
fht_dit_core_2(f+2); // ldm== 
fht_dit_core_4(£+4); // ldm==2 
fht_dit_core_8(£+8); // ldm==3 
for (ulong ldm=4; ldm<ldn; ++ldm) fht_loc_dit2_core(£+(1UL<<ldm), 1ldm) ; 
for (ulong ldm=1; ldm<=ldn; ++1dm) 
{ 
const ulong m = (1UL<<ldm) ; 
const ulong mh = (m>>1); 
hartley_shift_05(f+mh, mh); 
for (ulong t1=0, t2=mh; ti<mh; ++t1, ++t2) sumdiff(f[ti], f[t2]); 
} 
} 


The routine hartley_shift_05() is described in|24.2.1lon page One should choose a implementation 
that uses trigonometric recursion as this improves performance considerably. 


The decimation in frequency (DIF) version is: 


template <typename Type> 
void fht_loc_dif2_core(Type *f, ulong ldn) 


if ( ldn<=13 ) // sizeof (Type)*(2**thres) <= L1_CACHE_BYTES 
fht_dif_core(f, ldn); 


return; 


} 
for (ulong ldm=ldn; ldm>=1; --1dm) 
{ 


[fxtbook draft of 2008-January-19] 


498 Chapter 24: The Hartley transform 


const ulong m = (1UL<<ldm) ; 
const ulong mh = (m>>1); 
for (ulong t1=0, t2=mh; ti<mh; ++t1, ++t2) sumdiff(f[t1], f[t2]); 
hartley_shift_05(f+mh, mh); 
} 


// Recursion: 

fht_dif_core_2(f+2); // ldm== 

fht_dif_core_4(£+4); // ldm==2 

fht_dif_core_8(£+8); // ldm==3 

for (ulong ldm=4; ldm<ldn; ++ldm) fht_loc_dif2_core(f+(1UL<<ldm), 1dm) ; 
} 


The (generated) short-length transforms are given in the files [FXT: |fht/shortfhtdifcore.h) and [FXT: 
fht/shortfhtditcore.h|. For example, the length-8 decimation in frequency routine is 
template <typename Type> 


inline void 
fht_dif_core_8(Type *f) 


: Type gO, f0, f1, gl; 
sumdiff(f[0], #[4], £0, gO); 
sumdiff(f[2], f[6], f1, g1); 
sumdiff(f0, f1); 
sumdiff(g0, g1); 

Type si, ci, s2, c2; 

sumdiff(f[1], £[5], si, c1); 

sumdiff(f£[3], f[7], s2, c2); 

sumdiff(si, s2); 

sumdiff(f0, si, £[0], £[1]); 

sumdiff(fi, s2, £[2], £[3]); 

c1 *= SQRT2; 

c2 *= SQRT2; 

sumdiff(g0, ci, £[4], £[5]); 

sumdiff(gi, c2, £[6], f[7]); 
} 


An additional revbin permutation is needed if the data is required in order. The FHT can be computed 
by either 


fht_loc_dif2_core(f, ldn); 
revbin_permute(f, 1UL<<ldn) ; 


or 


revbin_permute(f, 1UL<<ldn) ; 
fht_loc_dit2_core(f, ldn); 


Performance for large arrays is excellent: the convolutions based on the transforms [FXT: 


tion/fhtloccnvl.cc 


void 
loc_fht_convolution(double * restrict f, double * restrict g, ulong ldn) 
{ 
fht_loc_dif2_core(f, ldn); 
fht_loc_dif2_core(g, 1ldn); 
fht_convolution_revbin_permuted_core(f, g, ldn); 
fht_loc_dit2_core(g, ldn); 
} 


and [FXT: convolution/fhtloccnvla.cc 


void 
loc_fht_auto_convolution(double *f, ulong ldn) 


fht_loc_dif2_core(f, ldn); 
fht_auto_convolution_revbin_permuted_core(f, ldn) ; 
fht_loc_dit2_core(f, ldn); 

} 


gave a significant (more than 50 percent) speedup for the high precision multiplication routines (see 


section on page |532) used in the hfloat library [20]. 


[fxtbook draft of 2008-January-19] 


24.10: Two-dimensional FHTs 499 


24.10 ‘Two-dimensional FHTs 


A two-dimensional FHT can be computed almost as easy as a two-dimensional FFT, only a trivial 


additional step is needed. Start with the row-column algorithm described in section |20.10.2]on page [405] 
{ht /twodimfht.cc| 


[FXT: |fht/twodimfht.cc : 


void 

row_column_fht(double *f, ulong nr, ulong nc) 
// FHT over rows and columns. 

// nr := number of rows 

// nc := number of columns 


ulong n = nr * nc; 


// £ht over rows: 
ulong ldc = ld(nc); 
for (ulong k=0; k<n; kt=nc) FHT(f+tk, ldc); 


// fht over columns: 
double *w = new double[nr] ; 
for (ulong k=0; k<nc; k++) skip_fht(f+k, nr, nc, w); 
delete [] w; 
} 


Note that no attempt has been made to make the routine cache friendly: the routine skip_fht() [FXT: 


fht/skipfht.cc} simply copies a column into the scratch array, does the FHT and copies the data back. 


is is not yet a two-dimensional FHT, the following post-processing must be made: 


void 

y_transform(double +f, ulong nr, ulong nc) 

// Transforms row-column-FHT to 2-dimensional FHT. 
// Self-inverse. 

// nr := number of rows 

// nc := number of columns 


ulong rh = nr/2; 
if ( nrk1l ) rht+; 


ulong ch = nc/2; 

if ( nck1l ) cht+; 

ulong n = nr*nc; 

for (ulong tr=1, ctr=nc; tr<rh; trt+,ctrt=nc) // ctr=nc*tr 


: double *pa = f + ctr; 
double *pb = pa + nc; 
double *pc = f +n - ctr; 
double *pd = pc + nc; 
for (ulong tc=1; tc<ch; tct+) 
t patt; 
pb--; 
pctt+; 
pd--; 
double e = (*pa + *pd - *pb - *pc) * 0.5; 
*pa -= e; 
*pb += e; 
*pc += e; 
*pd -= e; 
} 
} 


} 


The canned routine is therefore 


void 
twodim_fht (double *f, ulong nr, ulong nc) 
// Two dimensional fast Hartley transform (FHT) 


// nr := number of rows 
// nc := number of columns 


row_column_fht(f, nr, nc); 
y_transform(f, nr, nc); 


[fxtbook draft of 2008-January-19] 


500 Chapter 24: The Hartley transform 
24.11 Discrete cosine transform (DCT) by HT 


The discrete cosine transform (DCT) with respect to the basis 


wy = Wee ee where (24.11-1) 
i ed 
WK) { V/2 else 


can be computed from the FHT using an auxiliary routine which is its own inverse. As pseudo code: 


procedure cos_rot(x[], y[], n) 
// Real x[0..n-1] input 

// Real y[0O..n-1] result 

{ 


c := cos(phi*k) 

s := sin(phi*k) 

cps := (cts) *sqrt (1/2) 

cms := (c-s)*sqrt (1/2) 

y [k] = cms*x[k] + cps*x[n-k] 
y[n-k] := cps*x[k] - cms*x[n-k] 


} 
} 


The C++ equivalent is [FXT: cos_rot() in dcetdst/cosrot.cc). 
Pseudo code for the computation of the DCT via FHT: 


procedure dcth(x[], ldn) 
// real x[0..n-1] input,result 


n := 2**1ldn 
real y[0..n-1] // workspace 
unzip_rev(x, y, n) 
fht (y[] ,1dn) 
cos_rot(y[], xf], n) 
} 


where unzip_rev() is the reversed unzip permutation (see section [2.6]on page |95): 


procedure unzip_rev(a[], b[], n) 
// real a[O..n-1] input 
a real b[0..n-1] result 


k := a[k2] 
b[nh+k] := a[n-1-k2] 


Pseudo code for the computation of the inverse discrete cosine transform via FHT: 


procedure idcth(x[], 1ldn) 

// real x[0..n-1] input,result 

: n := 2**1ldn 
real y[0..n-1] // workspace 
cos_rot(x[], yf], n); 
fht (y[] ,1dn) 

; zip_rev(y[], xf], n) 


where the routine zip_rev() is the reversed zip permutation: 


[fxtbook draft of 2008-January-19] 


24.12: Discrete sine transform (DST) by DCT 501 


procedure zip_rev(a[], bf], n) 
// real a[O..n-1] input 
ts real b[0..n-1] result 


nh := n/2 
for k:=0 to nh-i 
k2 := 24k 
bLk] = a[k2] 
: b[nh+k] := a[n-1-k2] 


} 


The C++ implementations of both the forward and the backward transform [FXT: dcetdst/dcth.cc) avoid 
the temporary array if no scratch space is supplied. The algorithms are given in [177] and [178]. 
An alternative variant for the computation of the DCT that also uses the FHT is given in [FXT: 


dctdst /dcetzapata.cc), the algorithm is described in [16]. 


24.12 Discrete sine transform (DST) by DCT 


The basis of the discrete sine transform (DST) is 


u(k) = sin (TED a) (24.12-1) 


n 


Pseudo code for the computation of the DST via the discrete cosine transform (DCT): 


procedure dst(x[] ,1ldn) 
// real x[0..n-1] input,result 


nh := 
for k:=1 to n-1 step 2 


n := 2**ldn 
n/2 


x[k] := -x[k] 
dct(x, ldn) 
for k:=0 to nh-1i 
swap(x[k], x[n-1-k]) 
} 


The corresponding C++ implementation is [FXT: dsth() in |dctdst/dsth.cc]. Pseudo code for the com- 


putation of the inverse sine transform using the inverse cosine transform: 


procedure idst(x[] ,1dn) 
// real x[0..n-1] input,result 


n := 2**1dn 
nh := n/2 
for k:=0 to nh-1 
swap(x[k], x{n-1-k]) 
idct(x, 1ldn) 
for k:=1 to n-1 step 2 
x[k] := -x[k] 
} 


The C++ version is [FXT: idsth() in dctdst/dsth.cc’. 


[fxtbook draft of 2008-January-19] 


502 Chapter 24: The Hartley transform 
24.13 Automatic generation of transform code 


FFT generators are programs that output FFT routines, usually for fixed (short) lengths. In fact the 
thoughts here are not at all restricted to FFT codes. However, fast transforms and routines that can be 
unrolled like those for matrix multiplication or convolution are prime candidates for automated generation. 


One can write code generators that have a built-in algorithmic knowledge. We restrict our attention to 
a simpler method known as partial evaluation. Writing such a program is easy: take an existing FFT 
and change all computations into print statements that emit the necessary code. The process, however, 
is less than delightful and error-prone. 


It would be much better to have another program that takes the existing FFT code as input and emit 
the code for the generator. Let us call this a meta-generator. Implementing such a meta-generator of 
course is highly nontrivial. It actually is equivalent to writing an interpreter for the language used plus 
the necessary data flow analysis. A practical compromise is to write a program that, while theoretically 
not even close to a meta-generator, creates output that, after a little hand editing, is a usable generator 
code. 


One may further want to print the current values of the loop variables of the original code as comments 
at the beginning of a block. Thereby it is possible to locate the corresponding part (with respect to both 
file and temporal location) of a piece of generated code in the original file. In addition one may keep the 
comments of the original code. 


With FFTs it is necessary to identify (‘reverse engineer’) the trigonometric values that occur in the process 
in terms of the corresponding argument (rational multiples of 7). The actual values should be inlined 
to some greater precision than actually needed, thereby one avoids the generation of multiple copies of 
the (logically) same value with differences only due to numeric inaccuracies. Printing the arguments, 
both as they appear and in lowest terms, inside comments helps to understand (or further optimize) the 
generated code: 


double c1=.980785280403230449126182236134; // == cos(Pi*1/16) == cos(Pi*1/16) 
double s1i=.195090322016128267848284868476; // == sin(Pi*1/16) == sin(Pi*1/16) 
double c2=.923879532511286756128183189397; // == cos(Pi*2/16) == cos(Pi*1/8) 
double s2=.382683432365089771728459984029; // == sin(Pi*2/16) == sin(Pi*1/8) 


Automatic verification of the generated codes against the original is a mandatory part of the process. 


A level of abstraction for the array indices is of great use: when the print statements in the generator 
emit some function of the index instead of its plain value it is easy to generate modified versions of the 
code for permuted input. That is, instead of 


cout << "sumdiff(f0, £2, g[" << kO << "], g[" << k2 << "]);" << endl; 
cout << "sumdiff(f1, £3, g[" << k1 << "], g[" << k3 << "]);" << endl; 


use 


cout << "sumdiff(f0, £2, " << idxf(g,k0) << ", " << idxf(g,k2) << ");" << endl; 
cout << "sumdiff(f1, £3, " << idxf(g,k1) <<", " << idxf(g,k3) << ");" << endl; 


where idxf(g, k) can be defined to print a modified (for example, revbin-permuted) index k. 


A generated length-8 DIT FHT core (from [FXT: |fht/shortfhtditcore.h ) shall serve as an example: 


template <typename Type> 
inline void fht_dit_core_8(Type *f) 
// unrolled version for length 8 


{ // start initial loop 

{// fi=0 gi=l 
Type gO, f0, f1, gl; 
sumdiff(f[0], f£[1], f0, gO); 
sumdiff(f[2], £[3], f1, g1); 
sumdiff(f0, f1); 
sumdiff(g0, g1); 
Type si, ci, s2, c2; 
sumdiff(f[4], £[5], si, c1); 
sumdiff(f[6], f[7], s2, c2); 


[fxtbook draft of 2008-January-19] 


24.13: Automatic generation of transform code 


} 


// opcount by generator: 


Generated DIF FHT codes for lengths up to 64 are given in [FXT: fht/shortfhtdifcore.h). 


sumdiff(s1, s2); 


sumdiff(f0, si, 


f[0], £[4]); 


sumdiff(f1, s2, £[2], £[6]); 


ci *= SQRT2; 
c2 *= SQRT2; 
sumdiff(g0, c1, 


f[1], £#[5]); 


sumdiff(gi, c2, £[3], #[7]); 


} 
} // end initial loop 


#mult=2=0.25 


/pt  #add=22=2.75/pt 


503 


The generated codes can be useful when one wants to spot parts of the original code that need further 
optimization. Especially repeated trigonometric values and unused symmetries tend to be apparent in 
the unrolled code. 


It is a good idea to let the generator count the number of operations (multiplications, additions, loads 
and stores) of the code it emits. It is even better if those numbers are compared to the corresponding 
values found in the compiled assembler code. 


Checking the generated machine code 


It is possible to have GCC produce the assembler code with the original source interlaced. This is a great 


tool for code optimization. The necessary commands are (include- and warning flags omitted) 


uae create assembler code: 
+ -S -fverbose-asm -g -02 test.cc -o test.s 


: create a. pater ial with source lines: 
as -alhnd t Ss 1 


For example, the generated length-4 DIT FHT core from [FXT: |fht /shortfhtditcore.h is 


test.1lst 


template <typename Type> 
inline void fht_dit_core_4(Type *f) 
// unrolled version for length 4 


{ 


} 


With Type set to double the generated assembler is (some editing for readability) 


Type f0, f1, £2, £3; 


sumdiff(f[0], f[1], 
sumdiff(f[2], f£[3], 


f0, f1); 
£2, £3); 


sumdiff(f0, £2, £[0], £[2]); 
sumdiff(f1i, £3, £[1], £[3]); 


16:test.cc **** 


18:test.cc **** 
19:test.cc **** 
49 0000 660F120F 
50 0004 660F1247 


50 08 
20:test.cc ***x 


52 0009 660F1257 


10 
54 000e F20F10D9 
56 0012 F20F5CC8 
59 0016 F20F10E2 
62 001a F20F58D8 
64 O001e 660F1247 


18 

65 0023 F20F58E0 
66 0027 F20F5CDO 
2i:test.cc ***x* 

69 002b F20F10C3 
70 002f F20F58C4 
71 0033 F20F5CDC 
72 0037 F20F1107 
22:test.cc ***x 

74 003b F20F10C1 


double f0, fi, f 
sumdiff(f[0], fL 
movipd 
movipd 


sumdiff(f[2], fL 
movipd 


movsd 
subsd 
movsd 
addsd 
movipd 


addsd 
subsd 
sumdiff(f0, f2, 
movsd 
addsd 
subsd 
movsd 
sumdiff(f1, £3, 
movsd 


void fht_dit_core_4(double *f) 
17:test.cc ****« { 


2, £3; 
1], £0, £1); 


(frdi), %xmm1 
8(%rdi), %xmmO 


3]. £2, £3); 


16(%rdi), %xmm2 


Zxmmi, %xmm3 
%xmm0, %xmmi 
Zxmm2, %xmm4 
%xmm0, %xmm3 


24(4%rdi), %xmmO0 


%xmm0, %xmm4 
%xmm0, %xmm2 
f[0], £[2]); 
Zxmm3, %xmmO 
yxmm4, %xmmO 
jxmm4, %xmm3 
zxmm0, (hrdi) 
f[1], £[3]); 


Zxmmi, %xmmO 


#* £, tmp63 


#, 


#, 


# 
# 
# 
# 


#, 


+H HOH 


tmp64 


tmp67 


tmp63, f0 
tmp64, fi 
tmp67, £2 
tmp64, f0 
tmp68 


tmp68, £2 
tmp68, £3 


f0, tmp71 
£2, tmp71i 
£2, £0 

tmp71i,* f 


f1, tmp73 


[fxtbook draft of 2008-January-19] 


504 Chapter 24: The Hartley transform 


75 OO3f F20F5CCA subsd %xmm2, %xmm1 # £3, f1 
77 0043 F20F115F movsd ‘%xmm3, 16(/rdi) # f0, 

77 alt 

79 0048 F20F58C2 addsd %xmm2, %xmmO # £3, tmp73 
80 004c F20F114F movsd ‘%xmmi, 24(%rdi) # fi, 

80 18 

81 0051 F20F1147 movsd ‘%xmm0, 8(/rdi) # tmp73, 

81 


08 
23:test.cc **** } 


Note that the assembler code is not always in syne with the corresponding source lines, especially with 
higher levels of optimization. 


24.14 Ejigenvectors of the Fourier and Hartley transform * 


Let ag := a+d@ be the symmetric part of a sequence a, then 
F|Fl[as|| = as (24.14-1) 


Now let u4 := ag + Flas | and u_ := ag —Flas], then 


Fluy] = Flas|tas = ag+Flas| = +1-uz (24.14-2a) 
Flu_] = Flas|]—as = -(ag—Flag|) = -1-u (24.14-2b) 
Both u, and u_ are symmetric. For a4 := a—G, the antisymmetric part of a, we have 
F[F[aa]] = -a, (24.14-3) 
Therefore with v4 := aatiFlaa| and v_ := aa —tFlaa]: 
Flvuz] = Flag] —tag = -i(agtiFlag]) = —t-v4 (24.14-4a) 
Flv-]| = Flaa]t+iaa = +i(aa—iFlaa]) = +i-v- (24.14-4b) 


Both v, and v_ are antisymmetric. The sequences u,, u_, v4, and v_ are eigenvectors of the FT, with 
eigenvalues +1, —1, —2 and +7 respectively. The eigenvectors are pairwise perpendicular. Using the 
relation 


a= (uy tu_+v,+v_) (24.14-5) 


we can, for a given sequence, find a transform that is a ‘square root’ of the FT: compute u,, u_, v4, 
and v_, and a transform F%* [a] for \ € R as 


F(a) = 5 (+1) uy +(-1) u_ + (-é)* v4 + (4%)? v) (24.14-6) 


Then F° [a] is the identity and F' [a] is the usual FT. The transform F'/? [a] is a transform so that 
F'/? |F4/2 [al] = F [a], that is, a ‘square root’ of the FT. The transform F1/? [a] is not unique as the 
expressions +1!/? and +i!/? are not. 


The eigenvectors of the Hartley Transform are 


uz := at+H{al (24.14-7a) 
uw := a-Hi{a (24.14-7b) 
The eigenvalues are +1, one has H [u,] =+1-u, and H[u_] =—-1-u_. 


Let M be the n x n matrix corresponding to the length-n Fourier transform with positive sign o, that is 
Myc = 1//n exp (27irc/n). Then its characteristic polynomial (see relation |40.5-2|on page [864) is 


p(x) = (#- (jhe) (a+ pee (x — a (a+ ee ie (24.14-8) 


[fxtbook draft of 2008-January-19] 


24.14: Eigenvectors of the Fourier and Hartley transform * 505 


We write p(x) = 2" + cp_y a” 1+... +ce,%+co. The trace of the matrix M is 
n-1 
Tr(M) = Vn 5 exp (2irk?/n) (24.14-9) 
k=0 
It equals (—cp_1, the negative sum of all roots of p(x), and) 
1+%, +1, 0, +i (24.14-10) 


for n mod 4 = 0,1, 2,3, respectively. A closed form is (1 +77") /(1 — i). The generating function for the 
sequence of values is ((1 +4) — x) / (1+ (-1+%)2—i2?). 


The determinant of M equals ((—1)" co, (—1)” times the product of all roots of p(a), and) 
+%, +1, -1, -1, -i, -1, +1, +i (24.14-11) 


for n mod 8 = 0,1,2,...,7. A closed form is (1+72)/2 (1+ (-7)"). The generating function for the 
sequence is (i+ a — #? —ia%) /(1+-2%). 


[fxtbook draft of 2008-January-19] 


506 Chapter 24: The Hartley transform 


[fxtbook draft of 2008-January-19] 


507 


Chapter 25 


Number theoretic transforms 
(NTTs) 


We introduce the number theoretic transforms (NTTs). After understanding the necessary concepts 
from number theory (see also chapter it turns out that the routines for the fast NTTs are rather 
straightforward translations of the FFT algorithms. We give radix-2 and radix-4 routines but there 
should be no difficulty to translate any given (complex valued) FFT algorithm into the equivalent NTT 
algorithm. For the translation of real valued FFT (or FHT) routines one needs to express sines and 


cosines in modular arithmetic, this is presented in sections |37.12.6] and |37.12.7 


As no rounding errors occur with the underlying modular arithmetic the main application of NTTs is 
the fast computation of exact convolutions. 


25.1 Prime moduli for NTTs 


How to make a number theoretic transform out of your FFT: 
‘Replace exp(+2mi/n) by a primitive n-th root of unity, done.’ 


We want to implement FFTs in Z/mZ (the ring of integers modulo some integer m) instead of C, the 
(field of the) complex numbers. These FFTs are called number theoretic transforms (NTTs), mod m 
FFTs or (if m is a prime) prime modulus transforms. 


There is a restriction for the choice of m: for a length n NTT we need a primitive n-th root of unity. A 
number r is called an n-th root of unity if r” = 1. It is called a primitive n-th root if r®¥ A1Vk <n. 


t 27i/n 27 i/21 


In C matters are simple: e* is a primitive n-th root of unity for arbitrary n. For example, e 
is a primitive 21-th root of unity. Now r = e?7*/® is also 21-th root of unity but not a primitive root, 
because r? = 1. A primitive n-th root of 1 in Z/mZ is also called an element of order n. The ‘cyclic’ 


property of the elements r of order n lies in the heart of all FFT algorithms: r’+* = r*. 


In Z/mZ things are not that simple: for a given modulus m primitive n-th roots of unity do not exist for 
arbitrary n. They exist for some maximal order R only. Roots of unity of an order different from R are 
available only for the divisors d; of R: r®/4 is a dj-th root of unity because (r?/%)% = r® = 1, 
Therefore n, the length of the transform, must divide the maximal order R. This is the first condition 
for NTTs. 


The operations needed in FFTs are addition, subtraction and multiplication. Division is not needed, 
except for division by n for the final normalization after transform and back-transform. Division by n is 
multiplication by the inverse of n, so n must be invertible in Z/mZ. 


[fxtbook draft of 2008-January-19] 


508 Chapter 25: Number theoretic transforms (NTTs) 


Therefore n, the length of the transform, must be coprime to the modulus m: gcd(n,m) = 1. This is the 
second condition for NTTs. 


We restrict our attention to prime moduli, though NTTs are also possible with composite moduli. If the 
modulus is a prime p then Z/pZ is the field F, = GF(p): all elements except 0 have inverses and ‘division 
is possible’. Thereby the second condition is trivially fulfilled for all NTT lengths n < p: a prime p is 
coprime to all integers n < p. 


Roots of unity are available for the maximal order R = p—1 and its divisors: Therefore the first condition 
on n for a length-n mod p NTT being possible is that n divides p — 1. This restricts the choice for p to 
primes of the form p = vn +1: for length-n = 2* NTTs one will use primes like p = 3-5-2?7+1 (31 


bits), p = 13-278 + 1 (32 bits), p =3-29-2°° + 1 (63 bits) or p = 27 - 2°9 + 1 (64 bits). 
arg 1: 62 == wb [word bits, wb<=63] default=62 
arg 2: 0.01 == deltab oe are in the range [wb-deltab, wb]] default=0.01 
minb = 61.99 = wb-0.0 
arg 3: 44 == minx cee 2(min(fftlen))] default=44 
fees = 44: ----- 
4580495072570638337 = 0x3£91300000000001 = 1 + 2744 * 83 * 3137 (61.9902 bits) 
4581058022524059649 = 0x3£93300000000001 = 1 + 2744 * 3 * 11 * 13 * 607 (61.9904 bits) 
4582113553686724609 = 0x3£96f00000000001 = 1 + 2744 * 3 * 7 * 79 * 157 (61.9907 bits) 
4585702359639785473 = Ox3fa3b00000000001 = 1 + 2°44 * 3°2 * 11 * 2633 (61.9918 bits) 
4587039365779161089 = 0x3fa8700000000001 = 1 + 2°44 * 7 * 193°2 (61.9923 bits) 
4587391209500049409 = Ox3fa9b00000000001 = 1 + 2°44 * 3 * 17 * 5113 (61.9924 bits) 
4588130081313914881 = Ox3fac500000000001 = 1 + 2°44 * 3 * 5 * 17387 (61.9926 bits) 
ee = 0x3fb1700000000001 = 1 + 2°44 * 11 * 37 * 641 (61.9931 bits) 
--snip-- 
4610999923171655681 = Ox3ffd900000000001 = 1 + 2°44 * 5 * 19 * 31 * 89 (61.9998 bits) 
ee eee = Ox3ffdf00000000001 = 1 + 2°44 * 262111 (61.9998 bits) 
4580336742896238593 = 0x3f90a00000000001 = 1 + 2°45 * 29 * 67°72 (61.9902 bits) 
4581533011547258881 = 0x3f94e00000000001 = 1 + 2°45 * 3 * 5 * 8681 (61.9905 bits) 
4584347761314365441 = 0x3f9ee00000000001 = 1 + 2°45 * 5 * 11 * 23 * 103 (61.9914 bits) 
4587655092290715649 = Ox3faaa00000000001 = 1 + 2°45 * 3 * 7°2 * 887 (61.9925 bits) 
pies ee 
= 48: Sak. 
4585508645593296897 = 0x3fa3000000000001 = 1 + 2°48 * 11 * 1481 (61.9918 bits) 
Say SAG. 22.2 
4582975570802900993 = 0x3f9a000000000001 = 1 + 2°49 * 7 * 1163 (61.991 bits) 
ope aen ar te eeeet = 0x3fc6000000000001 = 1 + 2°49 * 3°2 * 907 (61.9949 bits) 
4601552919265804289 = 0x3fdc000000000001 = 1 + 2750 * 61 * 67 (61.9968 bits) 


Figure 25.1-A: Primes suitable for NTTs of lengths dividing 2“. 


modulus (hex) factorization + 1 log (m-1)/log(2) 


Ox3f40f80000000001 == 2°43.3°2.5°2.7°2.47+1 61.9831 
Ox3cQeb50000000001 == 2°40.373.5°2.77°3.17+1 61.9083 
0x3d673d0000000001 == 2°740.372.5°3.772.73+1 61.9402 
Ox3fc22b0000000001 == 2°40.372.5°2.7°2.379+1 61.9945 
Ox3bf6190000000001 == 2°40.372.57°3.7.499+1 61.906 
0x3d1d690000000001 == 2°40.372.5°2.7.2543+1 61.9335 
Ox3d8c270000000001 == 2°40.372.5°2.7.13.197+1 61.9436 
Ox3e8e8d0000000001 == 2°40.372.5°2.7.19.137+1 61.9671 
Ox8ee4af0000000001 == 2°40.3°2.5°2.7.2617+1 61.9748 
Ox3ed23a0000000001 == 2741.372.5°2.7.1307+1 61.9732 
Ox3fafb60000000001 == 2°741.372.5°4.7.53+1 61.9929 
Ox3c46140000000001 == 2742.373.5°2.7.11.19+1 61.9135 
0x3e32440000000001 == 2°42.3°2.5°2.7.647+1 61.9588 
0x3d23900000000001 == 2°44.3°3.5°2.7.53+1 61.934 


Figure 25.1-B: Primes suitable for NTTs of lengths dividing 24° 3? 5? 7. 


Primes suitable with NTTs can be generated with the program [FXT: mod/fftprimes-demo.cc|. A short- 
A few moduli that allow for transforms of lengths dividing 


ened sample output is shown in figure i 
240 . 32.5? 7 are shown in figure|25.1-B| the data is taken from [FXT:|mod/moduli.txt. 


[fxtbook draft of 2008-January-19] 


25.2: Implementation of NTTs 509 


25.2 Implementation of NTTs 


To implement NTTs (modulo m, length n) one has to implement modular arithmetics and replace e* 27 */” 


by an primitive n-th root r of unity in Z/mZ in the code. A C++ class implementing modular arithmetics 
in FXT is [FXT: class mod in mod/mod.h). 


For the inverse transform one uses the (mod m) inverse r~' of r that was used for the forward transform. 
The element r~! is also a primitive n-th root. Methods for the computation of the modular inverse are 


described in section |37.1.4] on page (gcd algorithm) and on page (powering algorithm: r~! = 
aa | 


While the notion of the Fourier transform as a ‘decomposition into frequencies’ seems to be meaningless 
for NTTs the algorithms are denoted with ‘decimation in time/frequency’ in analogy to those in the 
complex domain. 


The nice feature of NTTs is that there is no loss of precision in the transform as with the floating point 
FFTs. Using the trigonometric recursion in its most naive form is mandatory, as the computation of 
roots of unity is expensive. 


25.2.1 Radix-2 DIT NTT 


Pseudo code for the radix-2 decimation in time (DIT) NTT (to be called with 1dn=log2(n)): 


procedure mod_fft_dit2(f[], ldn, is) 

// mod_type £[0..2**1dn-1] 

{ 
n := 2**ldn 
rn := element_of_order(n) // (mod_type) 
if is<O then rn := rn**(-1) 


revbin_permute(f[], n) 
aa ldm:=1 to ldn 


m = 2**1ldm 
mh := m/2 
dw := rn**(2**(1ldn-ldm)) // (nod_type) 
wo osieil // (mod_type) 
for j:=0 to mh-1 
{ 
for r:=0 to n-m step m 
{ 
tl := rtj 
t2 := tit+mh 
v := £[t2]*w // (mod_type) 
u := f[t1] // (mod_type) 
f[t1] := utv 
f£[t2] := u-v 
} 
w := wtdw // trig recursion 
} 


} 
} 


As shown in section |20.3.1]on page it is a good idea to extract the 1dm==1 stage of the outermost 
loop: Replace 


: ldm:=1 to ldn 


by 
for r:=0 to n-1 step 2 


{f[r], f[rt+i]} := f{f[r]+f[rt+i1], flr]-f[r+1]} 


[fxtbook draft of 2008-January-19] 


510 Chapter 25: Number theoretic transforms (NTTs) 


ad ldm:=2 to ldn 


The C++ implementation is given in [FXT: |ntt/nttdit2.cc’: 


void 
ntt_dit2_core(mod *f, ulong ldn, int is) 
// Auxiliary routine for ntt_dit2() 
// Decimation in time (DIT) radix-2 FFT 
// Input data must be in revbin_permuted order 
// 1dn := base-2 logarithm of the array length 
// is := sign of the transform 
{ 
const ulong n = 1UL<<ldn; 
for (ulong i=0; i<n; i+=2) sumdiff(f[i], f[it1]); 


for (ulong ldm=2; ldm<=ldn; ++1dm) 
£ 
const ulong m = (1UL<<ldm) ; 
const ulong mh = (m>>1); 


const mod dw = mod::root2pow( is>O ? ldm : -ldm ); 
mod w = (mod::one); 


for (ulong j=0; j<mh; ++j) 


{ 
for (ulong r=0; r<n; rt+=m) 
const ulong ti =r+ j; 
const ulong t2 = ti + mh; 
mod v = £[t2] * w; 
mod u = f[ti]; 
f[ti] =u+yv; 
f[t2] =u-v; 
} 
w *= dw; 
} 
} 
} 
void 


ntt_dit2(mod *f, ulong ldn, int is) 
y Radix-2 decimation in time (DIT) NTT 


revbin_permute(f, 1UL<<ldn) ; 
ntt_dit2_core(f, ldn, is); 


The elements of order 2" are precomputed upon initialization of the mod class. The call to 
mod: :root2pow() is a simple table lookup. 


25.2.2 Radix-2 DIF NTT 


Pseudo code for the radix-2 decimation in frequency (DIF) NTT: 


procedure mod_fft_dif2(f[], ldn, is) 
// mod_type £[0..2**1dn-1] 
{ 


n := 2**ldn 
dw := element_of_order(n) // (mod_type) 
if is<O then dw := rn**(-1) 
for ldm:=ldn to 1 step -1 
{ 
2**1dm 


m 
m. 
w:= 1 // (mod_type) 
for j:=0 to mh-1 

{ 

for r:=0 to n-m step m 


ti 
62.3 


rt+j 
ti+mh 


[fxtbook draft of 2008-January-19] 


25.2: Implementation of NTTs 511 


v := £[t2] // (mod_type) 
u := f[t1] // (mod_type) 
f[ti] := utv 
£[t2] := (u-v)*w 
} 
w := wtdw // trig recursion 
} 
dw := dw*dw 


} 


revbin_permute(f[], n) 


} 


As in section |20.3.2]on page extract the 1dm==1 stage of the outermost loop: 
Replace the lime 


for ldm:=ldn to 1 step -1 
by 
for ldm:=ldn to 2 step -1 


and insert 
for r:=0 to n-1 step 2 


{f[r], f[rt+i]} := f{f[r]+f[rt+1], flr]-f[r+1]} 


before the call of revbin_permute (f[] ,n). 
The C++ implementation is given in [FXT: |ntt/nttdif2.cc : 


void 

ntt_dif2_core(mod *f, ulong ldn, int is) 

// Auxiliary routine for ntt_dif2(). 

// Decimation in frequency (DIF) radix-2 NTT. 
// Output data is in revbin_permuted order. 

// 1dn := base-2 logarithm of the array length. 
// is := sign of the transform 


{ 
const ulong n = (1UL<<ldn) ; 


mod dw = mod::root2pow( is>O ? ldn : -ldn ); 
for (ulong ldm=ldn; ldm>1; --1ldm) 


const ulong m = (1UL<<ldm) ; 
const ulong mh = (m>>1); 


mod w = mod::one; 


for (ulong j=0; j<mh; ++j) 


{ 
for (ulong r=0; r<n; rt+=m) 
const ulong ti =r+ j; 
const ulong t2 = ti + mh; 
mod v = f[t2]; 
mod u = f[ti]; 
f[ti] = (u+v); 
f£[t2] = (u- v) * Ww; 
} 
w *= dw; 
dw *= dw; 


} 


for (ulong i=0; i<n; i+=2) sumdiff(f[i], f[i+1]); 
} 


void 
ntt_dif2(mod *f, ulong ldn, int is) 
// Radix-2 decimation in frequency (DIF) NTT 


{ 
ntt_dif2_core(f, ldn, is); 
revbin_permute(f, 1UL<<ldn) ; 


[fxtbook draft of 2008-January-19] 


512 Chapter 25: Number theoretic transforms (NTTs) 


25.2.3 Radix-4 NTTs 


The radix-4 versions of the NTT are straightforward translations of the routines that use complex num- 
bers. We simply give the C++ implementations 


Decimation in time (DIT) algorithm 


Code for a radix-4 decimation in time (DIT) NTT [FXT: ntt/nttdit4.cc): 


static const ulong LX = 2; 


void 
ntt_dit4_core(mod *f, ulong ldn, int is) 
// Auxiliary routine for ntt_dit4() 


// Decimation in time (DIT) radix-4 NIT 
// Input data must be in revbin_permuted order 


// 1dn := base-2 logarithm of the array length 
// is := sign of the transform 


{ 
const ulong n = (1UL<<1dn) ; 


if (ldn&1) //n is not a power of 4, need a radix-2 step 


£ 

for (ulong i=0; i<n; i+t=2) sumdiff(f[i], f[it+1]); 
} 
const mod imag = mod::root2pow( is>0 ? 2: -2 ); 


ulong 1ldm = LX + (l1dn&1); 
for ( ; ldm<=ldn ; 1ldm+=LX) 


const ulong m = (1UL<<ldm) ; 
const ulong m4 = (m>>LX); 


const mod dw = mod::root2pow( is>O ? ldm : -ldm ); 
mod w = (mod::one) ; 

mod w2 W;3 

mod w3 W;3 


for (ulong j=0; j<m4; j++) 
{ 


for (ulong r=0, i0=jt+r; r<n; rt=m, i0+=m) 


const ulong ii = i0 + m4; 
const ulong i2 = ii + m4; 
const ulong i3 = i2 + m4; 
mod a0 = f[i0]; 
mod a2 = f[ili] * w2; 
mod ai = £[1i2] * w; 
mod a3 = £[1i3] * w3; 
mod t02 = a0 + a2; 
mod ti3 = ail + a3; 
£[i0] = t02 + t13; 
£[i2] = t02 - t13; 
t0O2 = a0 - a2; 
t13 = al - a3; 
t13 *= imag; 
f[i1] = t02 + t13; 
£[i3] = t02 - t13; 
} 
w *= dw; 


} 
} 


void 
ntt_dit4(mod *f, ulong ldn, int is) 


[fxtbook draft of 2008-January-19] 


25.2: Implementation of NTTs 513 


v Radix-4 decimation in time (DIT) NTT 


revbin_permute(f, 1UL<<ldn) ; 
ntt_dit4_core(f, ldn, is); 


Decimation in frequency (DIF) algorithm 


Code for a radix-4 decimation in frequency (DIT) NTT [FXT: |ntt /nttdif4.cc : 


static const ulong LX = 2; 


void 

ntt_dif4_core(mod *f, ulong ldn, int is) 

// Auxiliary routine for ntt_dif4(). 

// Decimation in frequency (DIF) radix-4 NTT. 
// Output data is in revbin_permuted order. 

// 1dn := base-2 logarithm of the array length. 


// is := sign of the transform 
{ 
const ulong n = (1UL<<ldn); 
const mod imag = mod::root2pow( is>0 ? 2: -2 ); 
for (ulong ldm=ldn; ldm>=LX; 1dm-=LX) 
{ 


const ulong m = (1UL<<ldm); 
const ulong m4 = (m>>LX); 


const mod dw = mod::root2pow( is>O ? ldm : -ldm ); 
mod w = (mod::one); 

mod w2 W3 

mod w3 W3 


for (ulong j=0; j<m4; j++) 
{ 


for (ulong r=0, i0=jt+r; r<n; rt=m, i0+=m) 


const ulong il = i0 + m4; 
const ulong i2 = ii + m4; 
const ulong i3 = i2 + m4; 
mod aO = f[i0]; 
mod ai = f[ill]; 
mod a2 = £[i2]; 
mod a3 = £[i3]; 
mod t02 = a0 + a2; 
mod ti3 = ai + a3; 
£[i0] = (t02 + t13); 
f£[i1] = (t02 - t13) * w2; 
t0O2 = a0 - a2; 
t13 = al - a3; 
ti3 *= imag; 
£[i2] = (t02 + t13) * w; 
£[i3] = (t02 - t13) * w3; 
} 
w *= dw; 
w2 =w * W;3 
w3 = w * w2; 
} 
} 
if (ldn&1) //n is not a power of 4, need a radix-2 step 
{ 
for (ulong i=0; i<n; it+t=2) sumdiff(f[i], f[it+1]); 
} 


void 
ntt_dif4(mod *f, ulong ldn, int is) 
// Radix-4 decimation in frequency (DIF) NIT 


{ 
ntt_dif4_core(f, ldn, is); 
revbin_permute(f, 1UL<<ldn) ; 


[fxtbook draft of 2008-January-19] 


514 Chapter 25: Number theoretic transforms (NTTs) 
25.3. Convolution with NTTs 


The NTTs are natural candidates for the computation of exact integer convolutions, as used in high 
precision multiplication algorithms. One must keep in mind that ‘everything is mod m’, the largest value 
that can be represented is m— 1. One can simply choose a big enough m to get rid of this problem. If 
m does not fit into a single machine word this may slow down the computation unacceptably. 


It is better to choose m as the product of several coprime moduli m, that are all just below machine word 
size, compute the convolutions for each modulus m,, and finally use the Chinese Remainder Theorem 
(see section on page|747) to obtain the result modulo m. 


If length-n FFTs are used for convolution there must be an inverse element for n. This imposes the 
condition gcd(n,m) = 1, the modulus must be coprime to n. For length-2* FFTs this simply means that 
m must be odd. 

C++ code for the NTT based exact convolution can be found in [FXT: |ntt/nttcnvl.cc|. The routines are 


virtually identical to their complex equivalents. For example, a routine for cyclic self-convolution can be 
given as 

void 

ntt_auto_convolution(mod *f, ulong ldn) 

// Cyclic (self-) convolution 

// Use zero padded data for linear convolution. 


: assert_two_invertible(); // so we can normalize later 
const int is = +1; 
ntt_dif4_core(f, ldn, is); // transform 
const ulong n = (1UL<<1ldn) ; 
for (ulong i=0; i<xn; ++i) f[i] += f[i]; // multiply element-wise 
ntt_dit4_core(f, ldn, -is); // inverse transform 
: multiply_val(f, n, (mod(n)).invQ ); // normalize 


The revbin permutations are avoided as explained in section [21.1.3]on page [41]| 
For further applications of the NTT see the survey article [128] and the references given there. 


[fxtbook draft of 2008-January-19] 


515 


Chapter 26 


Fast wavelet transforms 


The discrete wavelet transforms are a class of transforms that can be computed in linear time. We treat 
wavelet transforms whose basis functions have compact support. These can be derived as a generalization 
of the Haar transform. 


26.1 Wavelet filters 


We motivate the wavelet transform as a generalization of the ‘standard’ Haar transform given in sec- 
tion on page [465] We reformulate the Haar transform as a sequence of filtering steps. 


We consider only (moving average) filters F' defined by n coefficients (‘taps’) fo, fi,---,; fn—1- Let A be 
the length-N sequence ao, a1, ..., @v—1. We define F;,(A) as the weighted sum 
n-1 
F(A) a= So feet moan (26.1-1) 
j=0 


That is, F(A) is the result of applying the filter F' to the n elements ax, @p41, Gk+2, ---Ak+n—1, possibly 
wrapping around. 


Now assume that N is a power of two. Let H be the low-pass filter defined by hy = hy = +1/V/2, and G 
be the high-pass filter defined by go = +1//2, g: = —1/V2. A single filtering step of the Haar transform 
consists of 

e Computing the sums s9 = Ho(A), s2 = H2(A), 84 = H4(4), ..., sn-2 = Hn_2(A) 

e Computing the differences dg = Go(A), dz = Go(A), da = Ga(4), ..., dn—-2 = Gn_2(A) 


e Writing the sums to the left half of A, and the differences to the right half: 
A= [so, $2,54,56,---,5N-2, do, dz, da, de, seey dn—2] 


The Haar transform is obtained by applying the step to the whole sequence, then to its left half, then to its 
left quarter, ..., the left four elements, the left two elements. With the Haar transform no wrap-around 
occurs. 


A the analogous filtering step for the wavelet transform is obtained by defining two length-n filters H 
(low-pass) and G (high-pass) subject to certain conditions. Firstly, we consider only filters with an even 
number n of coefficients. 


Secondly, we define coefficients of G to be the reversed sequence of the coefficients of H with alternating 
signs: 
go = +hn-1, 91 = —hn-2, g2 = +hn-3, 94 = —hn—-3, +--+; In—3 = —ha, gn-2 = +h, Gn-1 = —ho. 


[fxtbook draft of 2008-January-19] 


516 Chapter 26: Fast wavelet transforms 


Thirdly, we require that the resulting transform is orthogonal. Let S be the matrix corresponding to one 
filtering step, ignoring the order: 


SA = [50, do, $2, do, $4, d4, 86,d6,..-, SN—2,dn_-2] (26.1-2) 


With length-6 filters and N = 16 the matrix S would be 


ho hy ho hg ha hp 0 0 0 0 0 0 0 0 0 = =0 

go 71 g 93 96 gs 9 O DO 0 D0 0 0 0 0 OD 

0 O ho hy ho hg ha hs 0 0 0 0 0 0 0 +0 

0 0 go m g gs gs go 9 0 0 0 0 0 0 OD 

Of UO 09 0: igen Tas is has Gig! ae Oo OT GeO! Ge <0 

0 0 0 0 gon g g go go 09 0 0 0 DO OD 

0 0 0 0 0 0 ho hy he hg ha hs 0 0 O O 

= 0 0 0 0 0 0 go gm ge gs gs go 0 0 0 0 : 

2 G5 cor, Os SOF Oo eb) Or Oe stig. gh te as, Sie, ie HO |e 

0 0 0 0 0 0 0 0 g gm g2 gs gs gs O OD 

Or MOs- SOF 2G, LOse Ok OR, US de. abe Fee, So aa ae, ahs 

0 0 0 0 0 0 0 0 0 0 g gH G2 93 Ga 9 

he hs O 0 0 0 0 0 0 0 0 0 ho hy ho hg 

ga og 9 0 0 0 0 0 0 0 D0 DO g Hm go gs 

hp hg ha hs 0 0 0 0 0 0 0 0 0 0 ho hy 

g 9 94 9g 9 0 0 0 0 0 0 0 0 0 gg H 

tho +h, +he hg ha hs 0 0 0 0 0 0 

he, Na Ohy. cHhe th. shee 0 0 G -. 0 

0 0 tho +h, +ho +h3 +ha +hs 0 0 O 0 
= 0 0 +hs —h4 +hz3 —ho +hy —ho 0 0 0 0 (26.1-3b) 

0 0 0 0 +ho +hy +ho +h3 +ha +hs 0 0 

0 0 0 O +hs —-ha +h3 —ho +hyi —ho O 0 

The orthogonality requires that S $7 = id, that is (setting h; =0 for j < 0 and j > n) 
yee ea (26.1-4a) 
j 
SChjhjse2 = 0 (26.1-4b) 
j 
Soha =~ 0 (26.1-4c) 
j 
In general, the following n/2 wavelet conditions are obtained: 
y= 2 (26.1-5a) 
j 
So hg hye = O where i=1,2,3,...,n/2-1 (26.1-5b) 
j 


We call a filter H satisfying these conditions a wavelet filter. 


For the wavelet transform with n = 2 filter taps there is only condition, hg + h? = 1, leading to the para- 
metric solution ho = sin(¢), hi = cos(@). Setting ¢ = 7/4 one obtains ho = hi = 1/V2, corresponding 
to the Haar transform. 


[fxtbook draft of 2008-January-19] 


26.2: Implementation 517 
26.2 Implementation 


A container class for wavelet filters is [FXT: class wavelet_filter in wavelet /waveletfilter.h): 


class wavelet_filter 


{ 

public: 
double *h_; // low-pass filter 
double *g_; // high-pass filter 
ulong n_; // number of taps 


void ctor_core() 


h_ = new double[n_]; 
g_ = new double[n_]; 
} 
wavelet_filter(const double *w, ulong n=0) 
{ 
if ( O!=n) n_=n; 
else // zero terminated array w[] 
n_ = 0; 
while ( w[n_]!=0 ) ++4n_; 
} 
ctor_core(); 
for (ulong i=0, j=n_-1; i<n_; ++i, --j) 
h_[i] = wlil; 
if ( !(i&1) ) g_[j] = -h_[i]; // even indices 
else g_[j] = +h_[i]; // odd indices 
} 
} 
[--snip--] 


The wavelet conditions can be checked via 
bool check(double eps=1e-6) const 


if ( fabs(norm_sqr(0)-1.0) > eps ) return false; 


for (ulong i=1; i<n_/2; ++i) 
if ( fabs(norm_sqr(i)) > eps ) return false; 


return true; 


} 
where norm_sqr() computes the sums in the relations |26.1-5a| and |26.1-5b 


static double norm_sqr(const double *h, ulong n, ulong s=0) 


{ 
s *= 2; // Note! 
if ( s>=n ) return 0.0; 
double v = 0; 
for (ulong k=0,j=s; j<n; ++k,++j) v += (h[k]*h[j]); 
return v; 
} 


double norm_sqr(ulong s=0) const { return norm_sqr(h_, n_, s); } 


A wavelet step can be implemented as [FXT: wavelet /wavelet.cc): 


void 
wavelet_step(double *f, ulong n, const wavelet_filter &wf, double *t) 
{ 
const ulong nh = (n>>1); 
const ulong m = n-1; // mask to compute modulo n (n is a power of two) 
for (ulong i=0,j=0; i<n; it=2,++j) // i \in [0,2,4,..,n-2]; j \in [0,1,2,..,n/2-1] 


double s = 0.0, d= 0.0; 
for (ulong k=0; k<wf.n_; ++k) 
{ 
ulong w = (itk) & n; 
s += (wf.h_[k] * flw]); 
d += (wfi.g_[k] * flw]); 


[fxtbook draft of 2008-January-19] 


518 Chapter 26: Fast wavelet transforms 


} 
t[jl = s; 
t[nh+j] = d; 


} 
copy(t, f, n); // ff] := tl 


The wavelet transform itself is 


void 
wavelet(double *f, ulong ldn, const wavelet_filter &wf, ulong minm/*=2*/) 
{ 

ulong n = (1UL<<1ldn) ; 

ALLOCA(double, t, n); 

for (ulong m=n; m>=minm; m>>=1) wavelet_step(f, m, wf, t); 


} 
The step for the inverse transform is [FXT: wavelet /invwavelet.cc): 
void 


inverse_wavelet_step (double *f, ulong n, const wavelet_filter &wf, double *t) 
{ 
const ulong nh = (n>>1); 
const ulong m = n-1; // mask to compute modulo n (n is a power of two) 
null(t, n); // t[] := [0,0,...,0] 
for (ulong i=0, j=0; i<n; i+t=2, ++j) 


const double x = f[j], y = flnht+j]; 
for (ulong k=0; k<wf.n_; ++k) 


{ 
ulong w = (itk) & m; 
tlw] += (wf.h_[k] * x); 
tlw] += (wf.g_[k] * y); 
} 


} 

copy(t, f, n); // ff] := tO 
} 
The inverse transform itself now is 


void 
inverse_wavelet(double *f, ulong ldn, const wavelet_filter &wf, ulong minm/*=2*/) 
{ 

ulong n = (1UL<<ldn) ; 

ALLOCA(double, t, n); 

for (ulong m=minm; m<=n; m<<=1) inverse_wavelet_step(f, m, wf, t); 


} 


A readable source about wavelets is [246]. 


26.3 Moment conditions 


As the wavelet conditions do not uniquely define the wavelet filters on can impose additional properties 
for the filters used. We require that, for an 2n-tap wavelet filter, the first n/2 moments vanish: 


So (-1)ihy = 0 (26.3-1a) 


So (-j)ehy = 0 where &=1,2,3,...,n/2—-1 (26.3-1b) 


One motivation for these moment conditions is that for reasonably smooth signals (for which a polynomial 
approximation is good) the transform coefficients from the high-pass filter (the d;,) will be close to zero. 
With compression schemes that simply discard transform coefficients with small values this is a desirable 
property. 


The class [FXT: class wavelet_filter in wavelet/waveletfilter.h has a method to compute the mo- 


ments of the filter: 


[fxtbook draft of 2008-January-19] 


26.3: Moment conditions 


static double moment(const double *h, ul 


{ 
if ( O==x ) 
{ 
double v = 


: : <n; kt+=2) 
<n; kt+=2) 


vt 


0 
k 
k v-= 


g k 
for (ulong ; k 
return v; 


} 

double dk; 
double ve = 
dk = 2.0; 
for (ulong k=2; 
double vo = 0; 
dk = 1.0; 

for (ulong k=1; 
return ve - vo; 


0; 


k<n; kt+=2, dk+=2.0 


k<n; k+=2, dkt+=2.0 


} 


double moment(ulong x=0) const 


ong n, ulong x=0) 


h[k]; 
h[k]; 


) ve += 


) vo += 


{ return moment(h_, n_, x); } 


(pow(dk,x) * h[k]); 


(pow(dk,x) * h[k]); 


Filter coefficients that satisfy the moment conditions are given in [FXT: wavelet /daubechies.cc): 


extern const double Daubi[] = { 
+7.071067811865475244008443621048e-01, 


+7.071067811865475244008443621048e-01 }; 


extern const double Daub2[] = { 
+4.829629131445341433748715998644e-01, 
+8. 365163037378079055752937809168e-01, 
+2.241438680420133810259727622404e-01, 
-1.294095225512603811744494188120e-01 }; 


extern const double Daub3[] = { 
+3.326705529500826159985115891390e-01, 
+8 .068915093110925764944936040887e-01, 
+4.598775021184915700951519421476e-01, 
-1.350110200102545886963899066993e-01, 
-8.544127388202666169281916918177e-02, 
+3 .522629188570953660274066471551e-02 }; 


extern const double Daub4[] = { 
+2.303778133088965008632911830440e-01, 
+7.148465705529156470899219552739e-01, 
+6 .308807679298589078817163383006e-01, 
-2.798376941685985421141374718007e-02, 
-1.870348117190930840795706727890e-01, 
+3.084138183556076362721936253495e-02, 
+3.288301166688519973540751354924e-02, 
-1.059740178506903210488320852402e-02 }; 


[--snip--] 
extern const double Daub38[] = {...} 


519 


The names reflect the number n/2 of vanishing moments. Reversing or negating the sequence of filter 
coefficients leads to trivial variants that also satisfies the moment conditions. 


For the filters of length n > 6 there are solutions that are essentially different. For n = 6 there is one 


complex solution besides Daub3[]: 
Q. 
Q. 


tbrtet 
lelelele) 

ORFPRRO 
0101000101 
ONFERNO 
COOININIO100 
OOONINICND) 
NIOCOUTOTOOND 
NWo1OlWn~ 
NWoolwn~7 
NEB BRA 
NNoOOININ 
ARCOODMN 
HC00000CO: 
HSNO000N-S 
KHHHHK 
HARAHAHGF++44 


For n = 8 there is, besides Daub4[], an additional real solution (left), and a complex one (right): 
-Q.07576571478950221 +0.02152475910155493 + Q.0184283603930*I 
-Q.02963552764600249 -Q.06571356411493559 + 0.0176790547520*1 
+0.49761866763277498 -Q.19397617446078878 - 0.1319957453155*I1 
+0 .80373875180513208 +0.24627664139071534 - Q.2801719341011*1 
+0.29785779560530605 +0.85723045931761476 - 0.0921418019654*1 
-Q.09921954357663353 +0.59199318785735184 + 0.2064584925288*I 
-Q.01260396726203130 +0 .02232773722816661 + Q.2057091868878*1 

0.03222310060405146 -0.06544948394658407 + 0.0560343868202*I 


The numbers of solutions grows exponentially with n (the minimal polynomial of any tap value has degree 


2”). The filters given in [FXT: wavelet /daubechies.cc) are the filters for the so-called Daubechies wavelets 
0]). 


(some closed form expressions for the filter coefficients are given in 


[fxtbook draft of 2008-January-19] 


O 


520 Chapter 26: Fast wavelet transforms 


Filter coefficients that satisfy the wavelet and the moment conditions can be found by a Newton iteration 


for zeros of the function F : R° > R”, F(h) := w where w; = Fi(h) = Fi(ho,hi,.-.,hs). For example, 
with n = 6, the F; are defined by 


F[i]: ho°2 + hi72 + h2*2 + h3°2 + h4°2 + h5°2 - 1 
F(2]: h2*hO + h3*h1 + h4*h2 + h5*h3 

F(3]: h4*hO + h5*h1 

F(4]: -hO + hi + -h2 + h3 + -h4 + h5 

F(5]: hi + -2*h2 + 3*h3 + -4*h4 + 5*h5 

F(6]: hi + -4*h2 + 9*h3 + -16*h4 + 25*h5 


F; 
The derivative is given by the Jacobi matriz J. It has the components J;,,. := an Its rows are 
Cc 
J{iJ= [2*hO, 2*h1, 2*h2, 2*h3, 2*h4, 2*h5] 
J(2]= [h2, h3, hO + h4, hi + h5, h2, h3] 
J(3]= [h4, h5, 0, 0, hO, hij 
J(4]= [-1, 1, -1, 1, -1, 1] 
J[5]= [0, 1, -2, 3, -4, 5] 
Jté]J= [0, 1, -4, 9, -16, 25] 


Now iterate (the equivalent to Newton’s iteration, v.41 := @, — f(xx)/f'(@r)) 
rg i= hp —J7"(Rp) F(he) (26.3-2) 


The computations have to be carried out with a rather great precision to avoid catastrophic loss of 
accuracy. 


[fxtbook draft of 2008-January-19] 


Part IV 


Fast arithmetic 


[fxtbook draft of 2008-January-19] 


521 


523 


Chapter 27 


Fast multiplication and 
exponentiation 


The usual scheme for multiplication needs proportional N? operations for the multiplication of two N- 
digit numbers. This chapter describes multiplication algorithms that are asymptotically better than this, 
the Karatsuba algorithm, the Toom-Cook algorithms, and multiplication via FFTs. In addition, the 
left-to-right and right-to-left schemes for binary exponentiation are described. 


27.1 Asymptotics of algorithms 


An important feature of an algorithm is the number of operations that must be performed for the 
completion of a task of a certain size. For high precision computations one will take N as the length 
of the numbers counted in decimal digits or bits. For computations with square matrices one may take 
for N the number of rows, or the number of entries in the matrix. An operation is typically a (machine 
word) multiplication plus an addition, one could also simply count machine instructions. 


We now consider the computational cost of a given algorithm. An algorithm is said to have some 
asymptotics f(V) if it needs proportional f(V) operations for a task of size N. We express proportionality 
with f(N) as ~ f(.N). Some examples: 


e Addition of two N-digit numbers needs ~ N operations (here: machine word additions). 
e Ordinary multiplication of two N-digit numbers needs ~ N? operations. 


e Counting elements equal to a given value in an unsorted array of length N costs ~ N operations. 
The operations are reads from memory and comparisons. 


e Deciding whether a sorted array of length N contains a given value costs ~ log(V) operations when 
binary search is used. 


e Computing the Fourier transform of a length-N sequence by definition, that is, as N sums each of 
length N, costs ~ N?. 


e The FFT algorithms compute the Fourier transform of a length-N sequence in ~ N log(N) opera- 
tions 


e Matrix multiplication (of two N x N matrices by the obvious algorithm) is ~ N? (N? sums, each 
of N products). 


e When the problem size M for matrix multiplication is taken to be the number of elements of the 
matrix (M = N2), then the cost is ‘only’ ~ M?/?, 


[fxtbook draft of 2008-January-19] 


524 Chapter 27: Fast multiplication and exponentiation 


e Deciding whether a N-digit binary number is even or odd costs 1 operation (lookup whether the 
lowest bit is zero). The cost is independent of the problem size. 


We have simplified the considerations by assuming that for a given algorithm ~ f(N) there is a constant 
C so that 
work(V) 


where work(JV) is the actual cost for problem size N. The approximate cost of an algorithm is expressed 
by the symbol = C’- f(V). The constant C is often referred to as the hidden constant. 


The algorithm with the ‘best’ asymptotics wins for some, possibly huge, problem size N. For smaller N 
another algorithm will be superior. For the exact break-even point the hidden constants are, of course, 
important. For example, let the algorithm multi take ~ 1.0- N? operations (C = 1.0), mult2 take 
= 8.0-N log,(V) operations (C = 8.0). Then for N < 64 the algorithm mult? is faster, while for N > 64 
the algorithm mul1t2 is faster. Completely different algorithms may be optimal for the same task at 
different problem sizes. The hidden constants can be so large that the asymptotically better algorithm 
is never practical for any feasible problem size. 


With many algorithms it is only possible to give lower and upper (asymptotic) bounds, especially if 
the program flow depends on the processed data. Upper bounds are usually denoted with O(f(N)), for 
example, FFT multiplication is O(N log(NV)) and computations that take a constant number of operations 
independent of the problem size are O(1). 


The space requirements in all methods given is a constant times the problem size N. In-place algorithms 
(like the FFT) use space ~ N, the remaining cases (like radix sort) typically need ~ 2.N. Note that 
it is possible to construct algorithms where the computational cost alone is not of much value: integer 
factorization (up to a certain maximal value) costs just one lookup if a precomputed table of factorizations 
is stored in an (insanely) big array. 


For a more fine-grained approach to measuring the costs of algorithms see [89]. 


27.2 Splitting schemes for multiplication 


Ordinary multiplication is ~ N?. Assuming the hidden constant equals one the computation of the 
product of two million-digit numbers would require ~ 10!? operations. On a machine that does 1 billion 
operations per second the multiplication would need 1000 seconds. The following schemes leads to 
algorithms with superior asymptotics. 


27.2.1 2-way splitting: the Karatsuba algorithm 
The following algorithm is due to A. Karatsuba and Y. Ofman, it was given 1963 in [147]. 
Split the numbers A and B (assumed to have approximately the same length) into two pieces 


A = xv Ay oly Ao (27.2-1) 
Bez @ By, Te Bo 


where « is a power of the radix (for decimal numbers the radix is 10) close to the half length of A and B. 
The usual multiplication scheme needs 4 multiplications with half precision for one multiplication with 
full precision: 


AB = Ap-Bo+2(Ao: Bi + Bo-A1) +27 A,- By (27.2-2) 


[fxtbook draft of 2008-January-19] 


27.2: Splitting schemes for multiplication 525 


Only the multiplications A; - B; need to be considered. The multiplications by x, a power of the radix, 
are only shifts. If we use the relation 


AB = (14+) Ao- Bo +2(A;— Ao) + (Bo — Bi) + (2 +2”) Ay - By (27.2-3) 
we need 3 multiplications with half precision for one multiplication with full precision. Applying the 
scheme recursively until the numbers to multiply are of machine size we obtain an algorithm whose 


asymptotic cost is ~ N!°82@) ~ 1585. An alternative form of relation |27.2-3] is 


AB = (1 — 2) Ap: Bo + 2 (A; + Ao) « (Bo + By) + (2? — x) Ay: By (27.2-4) 


For squaring use either of the following schemes 


A? = (1+2)A2—2(A; — Ao)? + (2+ 2?) A? (27.2-5a) 
A? = (1—2)AQ+2(Ai + Ao)? + (x? — x) A? (27.2-5b) 


We compute 8231? = 67749361 with the first relation (27.2-5a): 


823172 == (100*82+31)°2 

== (1+100)*3172 - 100*(82-31)72 + (100+100°2)+*8272 

== (1+100)*[961] - 100*[2601] + (100+100°2)* [6724] 

== 961 + 96100 - 260100 + 672400 + 67240000 

== 67749361 
Assume that the hidden constant equals 2 as there is more bookkeeping overhead than with the usual 
algorithm. Computing the product of two million-digit numbers would require ~ 2: (10°)!°°° ~ 6.47- 10° 
operations, taking about 6.5 seconds on our computer. 


The Karatsuba scheme for polynomial multiplication is given in section on page 


27.2.2 3-way splitting 


One can extend the above idea by splitting U and V into more than two pieces each, the resulting method 
is called Toom-Cook algorithm (the method is called Toom algorithm in [88], and Cook-Toom algorithm 


in PJ). 


27.2.2.1 Zimmermann’s 3-way multiplication 


A = a2*x72 + ail*x + a0 

B = b2*x72 + bi*x + bO 

SO = aO * bO 

S1 = (a2taita0) * (b2+b1+b0) 
S2 = (4*a2+2*alta0) * (4*b2+2*b1+b0) 
$3 = (a2-alt+a0) * (b2-b1+b0) 
S4 = a2 * b2 

Ti = 2*S3 + $2 

Ti /= 3 \\ division by 3 
Ti += SO 

Ti /= 2 

T1 -= 2*S4 

T2 = (S1 + $3)/2 

$1 -= T1 

S2 = T2 - SO - S4 

$3 = Ti - T2 


P = S4*x74 + $3*x73 + S2*x72 + Si*x + SO 
P - A*B \\ == zero 


Figure 27.2-A: Implementation of Zimmermann’s 3-way multiplication scheme in pari/gp. 


[fxtbook draft of 2008-January-19] 


526 Chapter 27: Fast multiplication and exponentiation 


The good scheme for 3-way splitting is due to Paul Zimmermann. We compute the product C= A-B 
of two numbers, A and B 


A = ag2x*+a,x2+4+ a9 (27.2-6a) 
B= bo x + by e+ bo (27.2-6b) 
C= AB= act+oeet+oaz?t+aqrteo (27.2-6c) 


by the following scheme (taken from [79]): set 


So := ao-bo (27.2-6d) 
Sy := (a2 +a, +9) - (bo + by + bo) (27.2-6e) 
Sy := (4a2+2a) +49): (4b2 +261 + bo) (27.2-6f) 
S3 i= (a2 — 41+ ao) - (b2 — bi + bo) (27.2-6g) 
S22 ae (27.2-6h) 


This costs 5 multiplications of length N/3. We already have found co = So and cy = 54. We determine 
C1, C2, and cg by the following assignments (in the given order): 


T, := 2834+ Sy (= 18c4+ 6c3 + 6c. +30¢9) (27.2-6i) 
T := T/38 (=6c4+2c3 +202 +) exact division by 3 (27.2-6)) 
T, = Ti+So (=6cat2e3 +2429) (27.2-6k) 
T, := 1/2 (= 3c4 +03 + C2 +0) (27.2-61) 
Too Ha 98, (Se, Seca) (27.2-6m) 
Tz := (S,+93)/2 (= ca + 02 +0) (27.2-6n) 
S, = §,-Ti (= c1) wrong in cited paper (27.2-60) 
So := To—-So—S4 (= c2) (27.2-6p) 
S3 := T-T. (= ¢3) (27.2-6q) 
Now we have 
C = A-B = S42°+ $3234 So27+S,2+4+ So (27.2-6r) 


The complexity of recursive multiplication based on this splitting scheme is N!°23©) ~ N1!465_ Assume 


that the hidden constant again equals 2. Then the computation of the product of two million-digit 
numbers would require ~ 2- (10°)!46° ~ 1.23-10° operations, taking about 1.2 seconds on our computer. 


Note the division by 3 in relation |27.2-6j| A division by a constant (that is not a power of two) cannot 
be avoided in n-way splitting schemes for multiplication for n > 3. There are squaring schemes that do 
not involve such divisions. 


27.2.2.2 3-way multiplication by Bodrato and Zanoni 


An alternative algorithm for 3-way splitting is suggested in [47]: setup So, Si, ..., S4 as in relations 

. .27.2-6h] then compute, in the given order, 
Sy := (Sy — S3)/3 (=5ce4+3ce3 +e2+¢1) exact division by 3 (27.2-7a) 
S3 := ($1; — S3)/2 (=c¢3 4+ ¢1) (27.2-7b) 
S; := S,—Spo (= ca +03 +02 + c1) (27.2-7c) 
Sy := ($2 —S;)/2 (= 2c4 +03) (27.2-7d) 
S; := $,—-S3;—-—S4 (= c2) (27.2-7e) 
Sp i= Sg—-294 (= c3) (27.2-7f) 
S3 := $3—S> (= c1) (27.2-7g) 


[fxtbook draft of 2008-January-19] 


27.2: Splitting schemes for multiplication 527 


A = a2*x72 + ai*x + a0 

B = b2*x72 + bi*x + bO 

SO = a0 * bO 

S1 = (a2taita0) * (b2+b1i+b0) 

S2 = (4*a2+2*alta0) * (4*b2+2*b1+b0) 
$3 = (a2-alt+a0) * (b2-b1+b0) 

S4 = a2 * b2 

S2 = (S2 - $3)/3 \\ division by 3 
$3 = (Si -_$3)/2 

S1 = $i - SO 

$2 = (S2 - $1)/2 

S1 = Si - $83 - S84 

S2 = $2 - 2*S4 

$3 = 83 - $2 


P = S4*x74+ $2*x73+ Si*x72+ S3*x + SO 
P - A*B \\ == zero 


Figure 27.2-B: Implementation of the 3-way multiplication scheme of Bodrato and Zanoni. 


Now we have (note the order of the coefficients S;) 
C = A-B = Syx*+ 52034 S,27+ S324 Sp (27.2-7h) 


e scheme requires only one multiplication wo, Zimmermann’s scheme involves two. 
The sch q ly Itiplication by two, Z ’s sch lves t 


27.2.2.3  3-way squaring 


The following scheme is taken from [79]. To compute the square C = A? of a number A 


A = agx*+a,2+a9 (27.2-8a) 
C = A? = Sya*+ S324 S.27+ 8124S (27.2-8b) 
set 

So. = ae (27.2-8c) 

6. 3S Ge heyy? (27.2-8d) 

Sy := (ag—a,+ 49)? (27.2-8e) 

S3 = 2a, * a2 (27.2-8f) 

Sy = a (27.2-8g) 

(27.2-8h) 


This costs 4 squarings and 1 multiplication of length N/3. The quantities So, S3, and S4 are already 
correct. Determine S$; and S$» via 


Ty := (S4 + So) /2 (27.2-8i) 
Sy := §,—T,— 83 (27.2-8)) 
So = T, as S4 = So (27.2-8k) 


27.2.3 4-way splitting 

27.2.3.1 4-way multiplication 

An elegant and clean scheme for 4-way splitting of a multiplication is given by Bodrato and Zanoni in [48]. 
A pari/gp implementation is shown in figure |27.2-C] The algorithm has asymptotics ~ O(n!°84(7)) = 


O(n'-493). In general, an s-way splitting scheme will be ~ O(n!°8s(?8+))), 


[fxtbook draft of 2008-January-19] 


528 Chapter 27: Fast multiplication and exponentiation 


A = a8*x73 + a2*x72 + al*¥x + ad 

B = b3*x73 + b2*x72 + b1i*x + bO 

Si = a3*b3 

$2 = (8*a3+4*a2+2*a1+a0) * (8*b3+4*b2+2*b1+b0) 
$3 = (+a3+a2t+alt+a0) *(+b3+b2+b1+b0) 
S4 = (-a3+a2-a1t+a0) * (-b3+b2-b1+b0) 
S5 = (+8*a0+4*a1+2*a2+a3) *(+8*b0+4*b1+2*b2+b3) ; 
S6 = (-8*a0+4*a1-2*a2+a3) * (-8*b0+4*b1-2*b2+b3) 
S7 = a0*b0 

$2 += S5 

$4 -= $3 

S6 -= S5 

$4 /=2 \\ 

$5 -= §1 

S5 -= (64*S7) 

$3 += S4 

S5 *= 2; S5 += S6 

$2 -= (65*S3) 

$3 -= $1 

$3 -= S7 

$4 = -S4 \\ 

sé = -S6 \\ 

$2 += (45*S3) 

S5 -= (8*S3) 

S5 /= 24 \\ division by 24 

S6 -= §2 

S2 -= (16*S4) 

S2 /= 18 \\ division by 18 

$3 -= S5 

$4 -= §2 

S6 += (30*S2) 

S6 /= 60 \\ division by 60 

S2 -= S6 


P = S$1*x76 + S2*x75 + S3*x74 + $4*x73 + S5*x72 + S6*x + S7; 
P - A*B \\ == zero 


Figure 27.2-C: Implementation of the 4-way multiplication scheme in pari/gp. 


27.2.3.2 4-way squaring 


The following scheme is taken from [79] 


A = agzx®+a.z27+a,4+ a9 (27.2-9a) 
C= A= coe® toe tarttortas*+axto (27.2-9b) 
Set 
Se = 05 (27.2-9c) 
So := 2ago-ay (27.2-9d) 
S3 := (do + a1 — a2 — ag) - (ap — a] — a2 + a3) (27.2-9e) 
Ss := (a9 +a, +42 +43)” (27.2-9f) 
Ss := 2(ao — ag) - (a1 — a3) (27.2-9g) 
Se i= 2a3-a9 (27.2-9h) 
a7. = ae (27.2-9i) 


[fxtbook draft of 2008-January-19] 


27.2: Splitting schemes for multiplication 529 


A = a8*x73 + a2*x72 + al*x + a0 


Si = a0°2 

$2 = 2 *a0 *al 

$3 = (a0 + al - a2 - a3) * (aO - al - a2 + a3) 
S4 = (a0 + al + a2 + a3 )°2 

S5 = 2*(a0 - a2)*(al - a3) 

S6 = 2*a3x*a2 

S7 = a372 

Ti = $83 + S4 

T2 = (Ti + $5)/2 

T3 = $2 + S6 

T4 = T2 - T3 

T5 = T3 - $5 

T6 = T4 - $3 

T7 = T4 - Si 

T8 = T6 - S7 

P = S7_ *x76 + S6 *x75 + T7 *x74 + T5 *x73 + T8 *x72 + S2 *x + St 
P- A°2 \\ == zero 


Figure 27.2-D: Implementation of the 4-way squaring scheme in pari/gp. 


Then set, in the given order, 


T = S3t+S% (27.2-9)) 
To := (T,+S5)/2 (27.2-9k) 
Tz := So4+S¢ (27.2-91) 
Ty := Th-T3 (27.2-9m) 
Ts := 13-5 (27.2-9n) 
Teg := Ty-—S3 (27.2-90) 
Tr := Ty- Sy (27.2-9p) 
Tg := Te —S7 (27.2-9q) 
The square then equals 
C = S7r°4+Se2°4+Tra*+T5 2° +Tgn7274+ Son4+ Sy (27.2-9r) 


27.2.4 5-way splitting 

27.2.4.1 5-way multiplication 

The scheme for 5-way splitting of a multiplication shown in figure |27.2-E] is given in [48]. As for the 
4-way multiplication scheme, no temporaries are used. 

27.2.4.2 5-way squaring 


We describe the 5-way squaring scheme given in [47]. Let 


A = agu*t+agu? +aox* +a,x+ a9 (27.2-10) 
C= A = ceet®+ee’+ege8t+ort+artt+oart+oar? tart (27.2-11) 


[fxtbook draft of 2008-January-19] 


530 Chapter 27: Fast multiplication and exponentiation 


A = a&*x74 + a8*x73 + a2*x72 + al¥x + ad 

B = b4*x74 + b3*x73 + b2*x72 + bi*x + bO 

S1 = a4*b4 

$2 = (a0-2*a1t+4*a2-8*a3+16*a4) * (b0-2*b1+4*b2-8*b3+16*b4) 
S5 = (a0+2*a1t+4*a2+8*a3+16*a4) * (b0+2*b1+4*b2+8*b3+16*b4) 
$3 = (a4+2*a3+4*a2+8*al1+16*a0) * (b4+2*b3+4*b2+8*b1+16*b0) 
S8 = (a4-2*a3+4*a2-8*a1+16*a0) * (b4-2*b3+4*b2-8*b1+16*b0) 


$4 = (a0+4*a1+16*a2+64*a3+256*a4) * (b0+4*b1+16*b2+64*b3+256*b4) 


S6 = (a0-al+ta2-a3+a4) * (b0O-b1+b2-b3+b4) 
S7 = (a0taita2+a3+a4) * (b0+b1+b2+b3+b4) 
S9 = a0*b0O 

S6 -= S7 

$2 -= $5 

$4 -= $9 

S4 -= (2°716*S1) 

88 -= 583 

S6 /= 2 \\ 

S5 *= 2; S5 += $2 

$2 = -S2 \\ 

$8 = -S8 \\ 

S7 += $6 

S6 = -S6 \\ 

§3 -= 

S5 -= (512*87) 

83 *= 2; $3 -= $8 

S7 -= 81 

S7 -= $9 

S8 += $2 

85 += $3 

S8 -= (80*S6) 

$3 -= (510*S9) 

$4 -= $2 

83 *= 3; 83 += 55 

$8 /= 180 \\ division by 180 

S5 += (378*S7) 

$2 /= 

s6 -= 52 

S5 /= (-72) \\ division by -72 
$3 /= (-360) \\ division by -360 
$2 -= $8 

87 -= §3 

S4 -= (256*S5) 

$3 -= §5 

S4 -= (4096*S3) 

S4 -= (16*S7) 

S4 += (256*S6) 

S6 += 52 

82 *= 180; S82 += S4 

$2 /= 11340 \\ division by 11340 
S4 += (720*S6) 

S4 /= (-2160) \\ division by -2160 
S6 -= $4 

88 -= $2 


P = S1*x78 + S2*x77 + S3*x76 + S4*x75 + S5*x74 + S6*x73 + S7*x72 + S8*x + SO; 
P - A*B \\ == zero 


Figure 27.2-E: Implementation of the 5-way multiplication scheme in pari/gp. 


[fxtbook draft of 2008-January-19] 


27.2: Splitting schemes for multiplication 531 


A = a&*x74+ a3*x73 + a2*x72 + al*x + ad 


S1 = a072 

S2 = a472 

$3 = (a0 + al + a2 + a3 + a4)°2 

S4 = (aO - al + a2 - a3 + a4)°2 

S5 = 2* (aQ-a2ta4) * (al-a3) 

S6 = (a0 + al - a2 - a8 + a4) * (a0 - al - a2 + a3 + a4) 
S7 = (ai + a2 - a4) * (al - a2 - a4 + 2*(a0-a3)) 

S8 = 2*aOxal 

S9 = 2*a3*a4 

ae = (§4+S3)/2 

S6 = (S6+S4)/2 

S5 = (-S5+S3)/2 

S4 = $4-S6 

$3 = $3-S5-S8 

S6 = S6-S2-S1 

S5 = $5-S9 

S7 = $7-S2-S8-S9+S6+S3 

S4 = $4-S7 

P = §$24+x78+S9*x77+S4*x76+S3*x75+S6*x74+85*x7 3+87*x724+S8*x+S1 
P- A°2 \\ == zero 


Figure 27.2-F: Implementation of the 5-way squaring scheme, 


Set 
Sis (27.2-12a) 
as (27.2-12b) 
S3 := (ao +41 + a2 + a3 + a4)” (27.2-12c) 
Ga Gea eae (27.2-12d) 
Ss := 2(ao — az + a4) - (a1 — a3) (27.2-12e) 
Se i= (do +41 — ag — a3 + 44) - (do — Gy — G2 + a3 +4) (27.2-12f) 
S7 := (a1 +a@2— a4): (a1 — ag — a4 + 2 (a0 — az)) (27.2-128) 
Sg := 2a9-a4 (27.2-12h) 
So := 2a3-a4 (27.2-12i) 


Further set, in the order given, 


S4 = (S4+S3)/2 (= co + cg +04 + 6 +68) (27.2-13a) 
Ss, = S3—Sy4 (= cr +3 + c5 +€7) (27.2-13b) 
Se = (S6+S4)/2 (= co + ca + Cg) (27.2-13c) 
Ss = (—S5+S3)/2 (= c3 + c7) (27.2-13d) 
Ss = S4—S¢6 (= co +6) (27.2-13e) 
Ss = S3—-Ss—Ss  (=cs) (27.2-13f) 
So = Se—S.-S1 (= cs) (27.2-13g) 
Ss = Ss—So (=e) (27.2-13h) 
Sy = S75 SG Gs4 Ss (Se) (27.2-13i) 
ae a ee a (27.2-133) 


Now we have (note the order of the coefficients S;) 
C = A® = Soa8+ Son" 4+ Sy0°4+ $30°+ Sertt Ss a2 + S7a*7+Sgr+ S$, (27.2-13k) 


[fxtbook draft of 2008-January-19] 


532 Chapter 27: Fast multiplication and exponentiation 


A = a&*x74+ a3*x73 + a2*x72 + al*x + ad 
Si = a0°2 

$2 = a4°2 

[ .S9, as before] 

Ti = Si + 2*S2 - S7 + 2*S8 + SY 

T2 = §3 - S84 

T3 = 2*S5 

T4 = T2 + T3 

T5 = T2 - T3 

T6 = T4/4 

T7 = T5/4 - sg 

T8 = Ti - T6 - S6 

T9 = T6 - S8 

T10 = $3 + S6 

T11 = (T10 + $4 + $6)/4 

T12 =T - - 

T13 = (T10 + $5)/2 

T14 = 7113 - Tl 

P = S2*x78 + SQO*x77 + T8*x76 + T9*x75 + T12*x74 + T7*x73 + T1i4*x°2 + S8*x + S1 
P - A°2 \\ == zero 


Figure 27.2-G: Implementation of the alternative 5-way squaring scheme in pari/gp. Definition of 


S1,..-,S9 as in figure |27.2-F 


27.2.4.3 Alternative 5-way squaring scheme 


The following scheme is taken from [79], we correct some errors in the paper. Setup S},...,S9 as given 
by relations [27.2-12a] : [27.2-123] then compute, in the given order, 

T, := $1, +2S82—-—$7+253+ So (27.2-14a) 

To := S3—S4 (27.2-14b) 

T3 := 2S5 (27.2-14c) 

Tl, := n4+T3 (27.2-14d) 

Ts := In-T3 (27.2-14e) 

To = T%/4 (27.2-14f) 

T, := Ts5/4—So (27.2-14¢) 

Tg := T,-—Te—S¢ (27.2-14h) 

Tog := Tp—Szg (27.2-14i) 

Tio := S3+ S¢ (27.2-14)) 

Ty = (Tio + S4+ S6)/4 (27.2-14k) 

Ti2 := Ty —-S,— So wrong in cited paper (27.2-14l) 

Ti3 := (Tio + Ss5)/2 (27.2-14m) 

Ti := Ty3-Ti (27.2-14n) 


We have (note that the coefficients for 2+ and x? are wrong in the cited paper): 


C = Soa8+ Son" +Tgr°+ Ton? + TMigt* t+ Tree? t+ Tae? +Sget+5;  (27.2-140) 


27.3. Fast multiplication via FFT 


Multiplication of two numbers is essentially a convolution of the sequences of their digits. The (linear) 
convolution of the two sequences ax, b4,k =0...N —1 is defined as the sequence c where 


N-1 
Ch = S> aiby | =0...2N-2 (27,3-1) 
i,j=0; it+j=k 


[fxtbook draft of 2008-January-19] 


27.3: Fast multiplication via FFT 533 


A (n-digit) number written in radix R as 


An—1 An—2 ... AQ QA, ao (27.3-2) 
denotes a quantity of 
n-1 
Soa: RE = Gna: BR’ + Gna BR"? +... +a1-R+a9 (27:3-3) 
i=0 


This means, the digits can be identified with coefficients of a polynomial in R. For example, with decimal 
numbers one has R = 10, and the number 578 equals 5-10? +7-10'+8-10°. The product of two numbers 
is almost the polynomial product 


2N—2 N-1 ; N-1 ; 
> oe” = Via) ae (27.3-4) 
k=0 i=0 j=0 


The cz, are found by comparing coefficients. One easily checks that the c, must satisfy the convolution 
equation |27.3-1| As the c, can be greater than ‘nine’ (that is, R — 1), the result has to be ‘fixed’ using 
carry operations: Go from right to left, replace cy by cj, = cy mod R and add (cx — c,,)/R to its left 
neighbor. 


An example: usually one would multiply the numbers 82 and 34 as follows: 


82 x 34 
a 92° 38 
2 *4 6 
=2. 7 «8: 8 
We have seen that the carries can be delayed to the end of the computation: 
82 x 34 
32. 8 
24 6 
24 38) «68 


=2 77 38 8 


... which is really polynomial multiplication (which in turn is a convolution of the coefficients): 


(8a +2) x (32+ 4) 
322 8 
24 x? 6x 
= 2a? +384 +8 


The value of the polynomial 24 x? + 382+ 8 for x = 10 is 2788. 


Convolution can be done efficiently using the Fast Fourier Transform (FFT): convolution is a simple 
(element-wise) multiplication in Fourier space. The FFT itself takes ~ N -log N operations. Instead of 
the direct convolution (~ N?) one proceeds as follows: 


e Compute the FFTs of both factors. 
e Multiply the transformed sequences element-wise. 
e Compute inverse transform of the product. 


To understand why this actually works note that (1) the multiplication of two polynomials can be achieved 
by the (more complicated) scheme: 


e evaluate both polynomials at sufficiently many points (at least one more point than the degree of 
the product polynomial c: deg c = deg a + deg b) 


[fxtbook draft of 2008-January-19] 


534 Chapter 27: Fast multiplication and exponentiation 


e element-wise multiply the values found 
e find the polynomial corresponding to those (product-)values 


and (2) that the FFT is an algorithm for the parallel evaluation of a given polynomial at many points, 
namely the roots of unity. (3) the inverse FFT is an algorithm to find (the coefficients of) a polynomial 
whose values are given at the roots of unity. 


You might be surprised if you always thought of the FFT as an algorithm for the ‘decomposition into 
frequencies’. There is no problem with either of these notions. 


Re-launching our example (82 - 34 = 2788), we use the fourth roots of unity +1 and +i: 


a=(8%+2) x b=(8a+4) c=ab 
+1 +10 +7 +70 
+1 +872 + 2 +37 +4 +382 — 16 
a1 6 aa 6 
—1 —81 +2 —314+4 —38i — 16 


c= (2427 + 382+ 8) 


This table has to be read as follows: first the given polynomials a and b are evaluated at the points given 
in the left column, thereby the columns below a and 0 are filled. Then the values are multiplied to fill the 
column below c, giving the values of c at the points. Finally, the actual polynomial c is found from those 
values, resulting in the lower right entry. You may find it instructive to verify that a 4-point FFT really 
evaluates a, b by transforming the sequences 0, 0, 8, 2 and 0, 0, 3, 4 by hand. The backward transform 
of 70, 382 — 16, —6, —38i — 16 should produce the final result given for c. 


The operation count is dominated by that of the FFTs (the element-wise multiplication is of course ~ N), 
so the whole fast convolution algorithm takes ~ N - log N operations. The following carry operation is 
also ~ N and can therefore be neglected when counting operations. 


Assume the hidden constant equals five. Multiplying our million-digit numbers will need about 
5-10°log,(10°) =~ 5-10°-20 = 10? = 0.1-10° 


operations, taking approximately a tenth second on our computer. 


Strictly speaking N - log N is not really the truth: it has to be N - log N - loglog N. This is because the 
sums in the convolutions have to be represented as exact integers. The biggest term C' that can possibly 
occur is approximately N R? for a number with N digits (see next section). Therefore, working with 
some fixed radix R one has to compute the FFTs with log N bits precision, leading to an operation count 
of N - log N-logN. The slightly better N - log N - loglog N can be obtained by recursive use of FFT 
multiplies. For realistic applications (where the sums in the convolution all fit into the machine type 
floating point numbers) it is safe to think of FFT multiplication being proportional N - log N. 


For a survey of multiplication methods, some mathematical background and further references see [37]. 
Several alternative multiplication algorithms are given in [155] chapter 4.3.3]. See [162] on how far the 
idea “polynomials for numbers” can be carried and where it fails. 


27.4 Radix/precision considerations with FFT multiplication 


This section describes the dependencies between the radix of the number and the achievable precision 
when using FFT multiplication. 


We use (unsigned) 16-bit words for the digits. Thereby the radix of the numbers can be in the 
range 2, 3, ..., 65536(= 2'6). When working in base ten one will actually use ‘super-digits’ of base 10,000, 
the largest power of ten that fits into a 16-bit word. These super-digits are called LIMBs in hfloat. 


[fxtbook draft of 2008-January-19] 


27.4: Radix/precision considerations with FFT multiplication 535 


With very large precision one cannot always use the greatest power of the desired base. This is due to the 
fact that the components of the convolution must be representable as integer numbers with the data type 
used for the FFTs: The cumulative sums c, have to be represented precisely enough to distinguish every 
(integer) quantity from the next bigger (or smaller) value. The highest possible value for a cz will appear 
in the middle of the product and when multiplicand and multiplier consist of ‘nines’ (that is R—1) only. 
For radix R and a precision of N LIMBs Let the maximal possible value be C, then 


C = N(R-1) (27.4-1) 


Note that with FFT based convolution the absolute value of the central term can in fact equal |C| = 
N?(R—1)?. But there is no need to distinguish that many integers. After dividing by N we are back at 
relation |27.4-1 


The number of bits to represent C' exactly is the integer greater or equal to 
logo(N(R—-1)?) = log,N +2 log,(R-1) (27.4-2) 


Due to numerical errors there must be a few more bits for safety. If computations are made using double- 
precision floating point numbers (C-type double) one typically has a mantissa of 53 bitq"] then we need 
to have 


M > log,N+2log,(R-1)+8S (27.4-3) 
where M :=mantissa-bits and S :=safety-bits. Using log,(R — 1) < log,(R): 
Ni: = QM" be (27.4-4) 


Suppose we have M = 53 mantissa-bits and require S' = 3 safety-bits. With base 2 numbers one could 
use radix R = 2'6 for precisions up to a length of Nmaz = 2°3~3-718 = 256k LIMBs. Corresponding are 
4096 kilo bits and = 1024 kilo hex digits. For greater lengths smaller radices have to be used according 
to the following table (extra horizontal line at the 16 bit limit for LIMBs): 


Radix R max # LIMBs | max # hex digits | max # bits 
210 — 1024 1048,576k 2621, 440k 10240 M 
2!1 — 2048 262,144k 720, 896 k 2816 M 
212 = 4096 65, 536 k 196, 608 & 768 M 
218 = 8192 16384 k 53, 248k 208 M 
2'4 — 16384 4096 k 14, 336k 56 M 
2)? = 32768 1024 k 3840 k 15M 
216 — 65536 256k 1024k 4M 
217 — 198k 64k 272k 1062 k 
a = 256k 16k 72k 281k 
219 — 512k 4k 19k 74k 
270 1M 1k 5k 19k 
27--9M 256 1300 5120 


For decimal numbers: 


Radix R | max # LIMBs | max # digits | max # bits 
10" 110G 220G 730G 
103 1100 M 3300 M 11G 
104 11M 44M 146 M 
10° 110k 550k 1826k 
10° 1k 6,597 22k 
10° 11 77 255 


Summarizing: 


1Of which only the 52 least significant bits are physically present, the most significant bit is implied to be always set. 


[fxtbook draft of 2008-January-19] 


536 Chapter 27: Fast multiplication and exponentiation 


e For decimal digits and precisions up to 11 million LIMBs use radix 10,000. (corresponding to more 
than 44 million decimal digits), for even greater precisions choose radix 1,000. 


e For hexadecimal digits and precisions up to 256,000 LIMBs use radix 65,536 (corresponding to more 
than 1 million hexadecimal digits), for even greater precisions choose radix 4,096. 


27.5 The sum-of-digits test 


With high-precision calculations it is mandatory to add a sanity check to the multiplication routines. That 
is, false results due to loss of accuracy should (with high probability) be detected via the sum-of-digits 
test: 


When computing the product c = a- b with radix-R numbers then compute the values (‘sums of digits’) 
Sq = amod(R-—1) and s, = b mod (R-—1) after the multiplication compute s. = cmod (R—1) and 
compare 8, tO Sm = Sa: 8, mod (R-—1). If s. 4 8, then an error has occurred in the computation of c. 


The sum-of-digits function s, can for a radix-R, length-n number a be computed as [FXT: mult /auxil.cc}: 


ulong 
sum_of_digits(const LIMB *a, ulong n, ulong nine, ulong s) 


for (ulong k=0; k<n; ++k) s += alk]; 
s Z= nine; 
return s; 


} 


where the variable nine has to be set to R—1 and s to zero. 
The computation of s;, = Sq- 5p is done in 


ulong 

mult_sum_of_digits (const LIMB *a, ulong an, 
const LIMB *b, ulong bn, 
ulong nine) 


{ 
ulong qsa = sum_of_digits(a, an, nine, 0); 
ulong qsb = sum_of_digits(b, bn, nine, 0); 
ulong qsm = (qsaxqsb) % nine; 
return qsm; 

} 


The checks in multiplication routine [FXT: mult/fxtmultiply.cc) can be outlined as: 


fxt_multiply(const LIMB *a, ulong an, 
const LIMB *b, ulong bn, 
LIMB *c, ulong cn, 


uint rx) 
{ 
const ulong nine = rx-1; 
ulong qsm=0, qsp=0; 
qsm = mult_sum_of_digits(a, an, b, bn, nine); 
// Multiply: c=a*b 
// If carrying through c gives an additional (leading) digit, 
// then set cy to that value, else set cy=0. 
qsp = sum_of_digits(g, n, nine, cy); 
if ( qsm!=qsp ) { /* FAILED */ } 
} 


If we assume that a failed multiplication produces ‘random’ digits in c then the probability that a failed 
multiplication goes unnoticed equals 1/R. 


Omitting the sum-of-digits test is not an option: the situation that some number contains mainly ‘nines’ 
in the course of a high-precision calculation is very common. Thereby insufficient precision in the FFT- 
multiplication will almost certainly result in an error. 


[fxtbook draft of 2008-January-19] 


27.6: Binary exponentiation 537 


The simplicity of the sum-of-digits test that uses the modulus R —1 can be seen from the polynomial 
identity 


Soa R® = Scan mod R-1 (27.5-1) 
k k 


One can use other moduli, like 


Soa, R® = S°(-1)¥a, = mod R41 (27.5-2) 
k 


Moduli R” — 1 for small n are especially convenient: 


Soa Re = So aet+R SD oe mod R? — 1 (27.5-3a) 
k 


k=0 mod 2 k=1 mod 2 

= > a@+R SS wath SO aw mod R?—1 — (27.5-3b) 
k=0 mod 3 k=1 mod 3 k=2 mod 3 
n-1 

= SOR ( S- «] mod R" — 1 (27.5-3c) 
U=0 k=U mod n 


One can keep the sums corresponding to the powers RU in separate variables. Note that the probability 
of an unrecognized error is reduced to approximately 1/R”. The multiplication of the residues involves 
additional work proportional to n?. 


27.6 Binary exponentiation 


The binary exponentiation (or binary powering) scheme is a method to compute the e-th power of a 
number a using about log(e) multiplications and squarings. The term ‘number’ can be replaced by 
about anything one can multiply. That includes integers, floating point numbers, polynomials, matrices, 
integer remainders modulo some modulus, polynomials modulo a polynomial and so on. In fact, the 
given algorithms work for any group: we do not need commutativity but a” -a™ = a"*™ must hold 
(power-associativity). 


27.6.1 Right-to-left powering 


The algorithm uses the binary expansion of the exponent: let e > 0, write e the base 2 as e = 
[e;, €j-1,---5,€1; eo], en € {0, 1}. Then 


: : i 6; 
Go GO ge gee Are tage (27.6-1a) 


aa | (a1)° (a?)% (a*)% ions (a?’)®% (27.6-1b) 


We initialize a variable t by one, generate the powers s; = a? by successive squarings $s; = s7_, = (a2""*)2 
and multiply t by s; if e; equals one. The following C++ code computes the e-th power of the (double 
precision) number a: 

double power_r21(double a, ulong e) 


double t = 1; 
if (e) 
{ 


double s = a; 
ghale (1) 


if (e&1) t t= 5s; 
e /= 2; 


[fxtbook draft of 2008-January-19] 


538 Chapter 27: Fast multiplication and exponentiation 


if ( 0==e ) break; 
S *= §; 


} 
} 


return t; 


A trivial optimization is to avoid the multiplication by 1 if the exponent is a power of two: 


double power_r21(double a, ulong e) 


{ 
if ( 0==e ) return 1; 
double s = a; 
while ( 0==(e&1) ) 
{ 
s *= s; 
e /= 2; 
} 
a=s; 
while ( 0!=(e/=2) ) 
s *= s; 
if (e&1) a*=s; 
a cece a; 
} 
The program [FXT: arith/power-r2l-demo.cc| shows the quantities that occur with the computation of 
p= 2°8: 
arg 1: 2 == a [number to exponentiate] default=2 
arg 2: 38 == e [exponent] default=38 
e=1..11. 
0 2 2 
1 4 2 
1 16 64 
Q 256 64 
0 65536 64 
1 4967296 274877906944 


429 
p=ax*e = 274877906944 


In the right-to-left powering scheme the exponent is scanned starting from the lowest bit. 


27.6.2 Left-to-right powering 


The left-to-right binary powering algorithm scans the exponent starting from the highest bits. We use 
the facts that a?* = (a*)? and a?**+1 = (a*)? a. Implementation is simple: 


double power_12r(double a, ulong e) 
{ 


if ( 0==e ) return 1; 
double s = a; 
ulong b = highest_bit(e) ; 
pate eae? 

b >>= 1; 

Ss *= Ss; 

if (e&b) s *= a; 


return s; 


} 


The program [FXT: arith/power-l2r-demo.cc| shows the quantities that occur with the computation of 


p = 238 when the left-to-right scan is used: 


arg 1: 2 == a [number to exponentiate] default=2 
arg 2: 38 == e [exponent] default=38 

e=i1..11. 
aL 2 
Q 4 4 
0 16 16 
1 256 512 
1 262144 524288 
0 Begag 7UOess 274877906944 
p=ax*e = 274877906944 


All multiplications apart from the squarings happen with the unchanged value of a. This is an advantage 


[fxtbook draft of 2008-January-19] 


27.6: Binary exponentiation 539 


if a is a small (integer) value so that the multiplications are cheap. As a slightly extreme example, if 
one computes 7” + +0.3759823526783 - 10695975 to full precision, then the left-to-right powering is about 
3 times faster. If a is a full-precision number (and multiplication is done via FFTs) then the FFT of a 
only need to be computed once. Thereby all multiplications except for the first count a squarings. This 
technique is called FFT caching. 


The given powering algorithms are good enough for most applications. There are schemes that improve 
further. For repeated power computations, especially for very large exponents the schemes based on the 
so-called addition chains lead to better algorithms, see [155|. The so-called ‘flexible window powering 
method’ is described and analyzed in [86]. A readable survey of exponentiation methods is given in [121]. 
An algorithm for the efficient computation of products of powers (of different numbers) is described 
in |38}. These optimized exponentiation algorithms are mainly used with cryptographic applications. 


Techniques for accelerating computations of factorials and binomial coefficients are described in [15]]. 


27.6.3 Cost of binary exponentiation of full-precision numbers 


e: | e (radix 2) | #5 | #M | #F | #C e: | e (radix 2) | #5 | #M | #F | #C 
‘oa re 1 0 0 0 21: Pa gs Le 4 2 14] 13 
2: nels 1 0 2 22: 1.41. 4 2 14] 13 
3: ..11 1 1 3) 23: 1.1114 4 3 17} 15 
4: Paves eae 2 0 4 24: eel eae 4 1 11 

5D: .1.1 2 1 7 25: etd. 21 4 2 14] 13 
6: .11. 2 1 t 26: 11.1 4 2 14} 13 
7: ..-141 2 2 10 9 27: 11.11 4 3 17 |} 15 
8: sxdiise 3 0 6 28: stit 4 2 14} 13 
9: sedeud 3 1 9 29: 111.1 4 3 17} 15 
10: ve ded 3 1 9 30: 1114 4 3 17 |} 15 
11: 1.44 3 2 12] 11 3l: 11111 4 4 20 | 17 
12: 11 3 1 9 32: i eeeaees 5) 0 10 

13: 11.1 3 2 12} 11 33: ilar neers 5 1 13 

14: 111. 3 2 12] 11 34: ier er 5 1 13 

15: 1111 3 3 15 |} 13 35: 1...41 5 2 16} 15 
16: el Aaieks 4 0 8 36: ioe eee 5 1 13 

17: phi ed 4 1 11 37: sae ee | 5) 2 16} 15 
18: othe ade 4 1 11 38: 1..41. 5) 2 16} 15 
19: -1..114 4 2 14] 13 39: 1..141 5) 3 19 | 17 
20: sill oa 4 1 11 AO: Ladies 5 1 13 


Figure 27.6-A: Cost of binary powering of full-precision numbers for small exponents e in terms of 
squarings (#8), multiplications (##M) and FFTs (#F). If the left-to-right exponentiation algorithm with 
FFT caching needs less FFTs then the number is given under (#C). 


With full-precision numbers the cost of binary powering is the same for both the left-to-right and the 
right-to-left algorithm. As an example, to raise x to the 26-th power, note that e = 26 = 110102 and we 
can write 


oe = gl gh ea? = (PPP + (2)? @) (27.6-2) 


Here we need four squarings and two multiplications. In general one needs |log, e| squarings and h(e) — 1 
multiplications were h(e) is the number of set bits in the binary expansion of e. Figure lists the 
cost of the exponentiation for small exponents e in terms of squarings and multiplications and, assuming 
a squaring costs two FFTs and multiplication three, in terms of FFTs. The table was created with the 


program [F XT: arith/power-costs-demo.cc . 


[fxtbook draft of 2008-January-19] 


540 Chapter 27: Fast multiplication and exponentiation 


[fxtbook draft of 2008-January-19] 


541 


Chapter 28 


Root extraction 


We describe methods to compute the inverse, square root, and higher roots of a given number. The 
computation of any of these costs just the equivalent of a few full-precision multiplications. 


28.1 Division, square root and cube root 


28.1.1 Inverse and division 


The ordinary division algorithm is far too expensive for numbers of extreme precision. Instead one 
replaces the division 4 by the multiplication of a with the inverse of d. The inverse of d is computed by 
finding a starting approximation x9 4 and then iterating 


Tk41 = Tt+zre (1 a dar) (28.1-1) 


until the desired precision is reached. The convergence is quadratic (second order), which means that the 
number of correct digits is doubled with each step: if x, = 4+(1 +e) then r,41 = 4 (1 _ e”). 


Moreover, each step only requires computations with twice the number of digits that were correct at its 
beginning. Still better: the multiplication x;,(...) needs only to be done with half of the current precision 
as it computes the correcting digits (which alter only the less significant half of the digits). Thus, at 
each step we have 1.5 multiplications of the current precision: one full precision multiplication for da, 
plus a half precision multiplication for x;,(...). The total work amounts to 1.5 +4+1.5/24+1.5/4+...= 
1.5- ys Se which is less than 3 full precision multiplications. The cost of a multiplication is set to 
~ N for the estimates made here, this gives a realistic picture for large N. Together with the final 
multiplication a division costs as much as 4 multiplications. 


The numerical example given in figure shows the first steps of the computation of an inverse 
starting from a two-digit initial approximation. 


The achieved precision can be determined by the absolute value of (1—da x). In hfloat, when the achieved 
precision is below a certain limit a third order correction is used to assure maximum precision at the last 
step: 


Tkht41 = t+ (1 — daz) + xp (1—da,)* (28.1-2) 
One should in general not use algebraically equivalent forms like x,41 = 22, —d 2? (for the second order 


iteration) because computationally there is a difference: cancellation can occur and the information on 
the achieved precision is not found easily. 


[fxtbook draft of 2008-January-19] 


542 Chapter 28: Root extraction 


d := 3.1415926 
to := 0.31 [initial 2-digit approximation for 1/d] 
d-xo := 3.141- 0.3100 = 0.9737 
yo := 1.000—d- ao = 0.02629 
Lo-Yo := 0.3100 - 0.02629 = 0.0081(49) 
Ly := +2: Yo = 0.3100 + 0.0081 = 0.3181 
d-x,; := 3.1415926 - 0.31810000 = 0.9993406 
y1 :=  1.0000000 — d- a = 0.0006594 
Z1°Y1 := 0.31810000 - 0.0006594 = 0.0002097(5500) 
LQ := £1+21-Y1 = 0.31810000 + 0.0002097 = 0.31830975 
d-x2 := 3.1415926 - 0.31830975 = 0.99999955 
y2 :=  1.0000000 — d- x, = 0.00000014 
L2-Yy2 := 0.31830975 - 0.00000014 = 0.000000044 
3 t= 2+ X2- y2 = 0.31830975 + 0.000000044 = 0.31830979399 


Figure 28.1-A: First steps of the computation of the inverse of 7. 


28.1.2 Inverse square root 


Computation of inverse square roots can be done using a similar scheme: find a starting approximation 
xo Fi then iterate 


(1 — da?) 


; (28.1-3) 


Lett = Lrt+Lr 


until the desired precision is reached. Convergence is again second order: if x, = wll +e) then 


; = 1 o ae 
Le+1 ( 5° 5°) (28.1-4) 


(28.1-5) 


To compute the square root first compute aa then a final multiply with d gives Vd. 


Similar considerations as above (with squaring considered as expensive as multiplicatior}) give an oper- 
ation count of 4 multiplications for computing Fi and 5 for Vd. Note that this algorithm is considerably 
better than iterating rp41 := $ (ap + #) because no long divisions are involved. 


A unified routine that implements the computation of the inverse a-th roots is given in [hfloat: 


src/hf/itiroot.cc|. The general form of the divisionless iteration for the a-th root of d is, up to third 


lIndeed it costs about 2 of a multiplication. 


[fxtbook draft of 2008-January-19] 


28.1: Division, square root and cube root 543 


order: 


1—da?)  (1+a)(1—da%)? 
; R oe k ) (28.1-6) 


Tki1l = m (1+! T 


The initial approximation is obtained using ordinary floating point numbers (type double) with special 
precautions to avoid overflow with exponents that cannot be represented with doubles. Third order 
corrections are made whenever the achieved precision falls below a certain limit. 


28.1.3 Cube root extraction 


We use the relation d!/3 = d(d?)~'/3. That is, we compute the inverse third root of d? using the iteration 


1-d? a3 
Ce. = ot nyo) (28.1-7) 
and finally multiply with d. Convergence is second order: if x, = aq(l +e) then 
1 4 1 
ee = 1 — 2e? 7 28.1- 
Let Va ( e€ 3¢ 3¢ ) (28.1-8) 


28.1.4 Improved iteration for the square root 


Actually, the ‘simple’ version of the square root iteration («p41 := § (t% + #)) can be used for practical 
purposes when rewritten as a coupled iteration for both Vd and its inverse. Using for Vd the iteration 


Z—d 
fi, Sigs (28.1-9) 
2 Xk 
2d 
= Le—- Vet cca where v2 1/ax (28.1-10) 
and for the auxiliary v ~ 1/Vd the iteration 
Uk+1 = Uk + UE (1 — Xk Uk) (28.1-11) 
where one starts with approximations 
to & Vd (28.1-12) 
vy & 1/xo (28.1-13) 


and the v-iteration step precedes that for x. When carefully implemented this method turns out to be 
significantly more efficient than the computation via the inverse root. An implementation is given in 


(hfloat: src/hf/itsqrt.cc|. The idea is due to Schénhage. 


28.1.5 A different view on the iterations 


Let p be a prime and assume you know the inverse 29 of a given number d modulo p. With (the iteration 
for the inverse, relation |28.1-1]on page |541) ®(a) := x (1+ (1—dz)) the number 2; := ®(29) is the 
inverse of d modulo p?. Modulo p? we know that 29d = (1+ kp) so we can write rp = 1/d(1+ kp), 
thereby 


®(xo) = o(5 (1+kp)) = “(1 kp’) = “mod p? (28.1-14) 


[fxtbook draft of 2008-January-19] 


544 Chapter 28: Root extraction 


The very same computation (with x1 = 1/d(1+jp?)) shows that for x2 := ®(a,) one has zz = 1/d mod 
p*. Each application of & doubles the exponent of the modulus. 


The equivalent scheme works for root extraction. An example for the inverse square root: with p = 17 and 
ro = 3 we have #2 2 = 1 (ao = 1/Vd mod p where d = 2). Now use the iteration ®(a) := 2 (1+(1—dx)/2) 
to compute 21 = ®(2x9) to obtain x; = —45/2 = 122 mod p and observe that x? d = 1 mod p?. Compute 
xq = (21) to obtain xz = —1815665 = 21797 mod p? and check that 23d = 1 mod p’. 

We will not go into the details (of the theory of p-adic numbers) but note that pari/gp can work with 
them: 


? 1/sqrt(2+0(1775)) 

3 + 7#17 + 7*1772 + 4*1773 + 11*1774 + 0(1775) 
\\ Note that 21797 = 3 + 7*17 + 7*1772 + 4*1773 + 11*1774 
\\ and 122 = 3 + 7*17 


Section on page [55] describes the case p = 2. The computation of a square root modulo p”, given a 
square root modulo p, is described in section on page 


28.2 Root extraction for rationals 
We give expression for the extraction of the a-th root of a rational quantity. 


28.2.1 Extraction of the square root 


A general formula for an k-th order (k > 2) iteration for Vd is 


k k k _\k 
(ova) (eva), (ne aval (ravi 
O(c) = va i ;=vd : 5 (28.2-1) 
(Vi) (e= va)" paves 
where x« = p/q. All Vd vanish when expanded: 
2 d 2 d 2 
ta), = a (28.2-2a) 
22 2pq 
z2+3d p p?+3dq@ 
® = = 28.2-2b 
3(z) “3a24+d q 3p? +dq? ( ) 
bei = z*+6da2? +d? = p'+6dp? q? +d? q+ (28.2-26) 
4a +4da 4p q+4dpq , 
4 1 2 d2 4 10d 2° 2 da 4 
O20). = got Oda" +5 fr r Odp* q° +5d*q (28.2-2d) 
5a4+10d22 + d? q Dp*+10dp? q + d2 q4 
[k/2] (kb) k-25 qi 
oi Jax 
®,(t) = x me b) — (28.2-2e) 
a (a) a a 
The denominators and numerators of ®; are terms of the second order recurrence 
Gr = 2vap_1— (a? _ d) Ar—2 (28.2-3) 


with initial terms ag = 1, a, = x for the denominators, and ag = 0, a; = 1 for the numerators (that is, 
®y = 0/1, ®; = a/1). There is a nice expression for the error behavior of the k-th order iteration: 


i 1+ 
®, (va-7* ) = Vic (28.2-4) 
—e l-—e 


The following composition law holds: 


®p(Pn(z)) = Omn(z) (28.2-5) 


[fxtbook draft of 2008-January-19] 


28.2: Root extraction for rationals 
28.2.2. Extraction of the a-th root 


A second order iteration for ¢/z is given by 


ae (oe lye ed 


®2(x) = “£4 = 


axe! 


A third order iteration for (/d is 


where « = p/q, a=a—land G=a+l. 


28.2.3 More iterations via Padé approximants * 


545 


(28.2-6) 


(28.2-7) 


The iterations can also be obtained using Padé-approximants. Let Pj;,;)(z) be the Padé-expansion of Vz 


around z = 1 of order [i, j]. An iteration of order i+j+1 is given by x Pjj,;)(S). 


of 2 and 7 result in alternative iterations: 


ae d 
9 Fz Py 5 (5) 
‘OF 4s xe+d 

, Qx 

2x3 
0,1 
‘ 322 —d 
x? + 3d 

1,1 —__ 

, ~ ae) +d 
ei 3a* + 6dx? — 3d? 

, 823 
0.2 8x° 


1524 — 10dx? + 3d? 


Still other forms are obtained by using 4 P,,j) (2): 


[i,j] 1 
vt+d 
1 
ee Qa 
2d? 
1 be ee 
oe < 3dx — x3 
d(d + 3a") 
1,1} b 
x (3d + x?) 
—a* + 6dx? + 3d? 
2,0 
' 8ad 
0.2 8d? 
; ke 


In section on page the Padé idea is pursued for arbitrary functions f. 


3x4 — 10dx? + 15d? 


[fxtbook draft of 2008-January-19] 


Different combinations 


(28.2-8a) 
(28.2-8b) 
(28.2-8c) 
(28.2-8d) 
(28.2-8¢) 


(28.2-8f) 


(28.2-9a) 
(28.2-9b) 
(28.2-9c) 
(28.2-9d) 
(28.2-9e) 


(28.2-9f) 


546 Chapter 28: Root extraction 


28.2.4 A product involving ©;(y) for d= 1 * 


A product expression involving the rational iterations of order 2” for d = 1 is given by 


2 1/2 4 2 1/4 2 
yeot+1 y* + 6y7 +1 1/2" y+1 
a ... (® a — ——_ 28.2-1 
v( Dy ) ( 4y3 + 4y (Box (y)) 5 (28.2-10) 


where ®,(y) = y. The relation can be deduced from the following relation (given by R.W.Gosper) by 
setting x = arccoth(y): 


exp(2z) 


coth(«) coth(2x)!/? coth(4x)!/4 ... coth(2*x)1/2" 196, ST a 
4 sinh“ (x) 


(28.2-11) 


An equivalent relation is obtained by setting y = (1 + e)/(1 —e) and using relation |28.2-4]on page 


oo 1+ gk 1/2* 1 
e 
= = 28.2-12 
11 (25) (1-.e)? ( ) 
Compare with relation |36.1-14a]on page More generally, one has 
- dak 12 
ern 1 
Ul djn0 = : (28.2-13) 
k=0 vex Ls) 


28.3 Divisionless iterations for the inverse a-th root 


There is a nice general formula that gives iterations with arbitrary order of convergence for 1/ Vd=d-Ve 
that involve no long division. 


One uses the identity 


d-V/4 = x (1—(1—2%d))*/* (28.3-1) 
= x(l—y)/¢ where y:=(1—27d) (28.3-2) 
Taylor expansion gives 
ave = 2S“ (1/a)F yk (28.3-3) 
k=0 


where z* := z(z+1)(z+2)... (z+k—1) (and 2° := 1, z* is called the rising factorial power). Written 
out: 


_ 1 y (l+a)y*? (1+a)(1+4 2a) y? 
d l/a _ 14 f 28.3-4 
” Wi-y v( a 2a? 6.a3 v eee) 
(1 + a)(1 + 2a)(1 + 3a) y4 oy CO ey ss 
pees Yo ak 
24 a4 nla” 


A n-th order iteration for d~!/¢ is obtained by truncating the above series after the (n — 1)-th term: 


®,(%4) := 2& S (1/a)* yk (28.3-5) 
k=0 
Lkt41 = On(zx) (28.3-6) 


[fxtbook draft of 2008-January-19] 


28.3: Divisionless iterations for the inverse a-th root 547 


Convergence is n-th order: 


®,(d-/*(1 + e)) = d~-/(1 + O(e”)) (28.3-7) 
For example, the second order iteration is 
1 a 
®o(4) := wt ae (28.3-8) 
Convergence is indeed quadratic: if « = wr (1+) then 
1 a 
(2) = a (a +e) l(a +e)*—(a+ 0) (28.3-9) 
1 at+l1 5 3 ) 
= 1 e~ + O(e 28.3-10 
aq (Io e+ 0%) (28.3-10) 
28.3.1 Iterations for the inverse 
Set a= 1, y=1-dz to compute the inverse of d. 
1 1 
(2) = c(l+ytytyt+yi+---+y*1) (28.3-11b) 


®2(x) = «(1+ y) is the second order iteration [28.1-1]on page [541] 
Composition is particularly simple with the iterations for the inverse: 

Pnm = Pn(®m) (28.3-12) 
There are simple closed forms for this iteration: 


1-y* | 1—y* 


® = ——=#7- . (28.3-13a) 
@, = ltate? +a tat... (28.3-13b) 
= 2(lty)(+y)(1+y*)(1+y%) ... (28.3-13c) 
= x«(ltyty)(1+yt+y)(1+y? ty")... (28.3-13d) 
The expression for the convergence of the k-th order iteration is 
1 1 
©, (5 (1 +9) a (1 — (-e)*) (28.3-14) 


The iteration converges if one has |e| < 1 for the start value zp = 4 (1+e). That is, the basin of attraction 
is the open disc of radius r = 1/d around the point 1/d, independent of the order k. For other iterations, 
the basin of attraction usually has a fractal boundary and further depends on the order. 


28.3.2 Iterations for the inverse square root 


Set a = 2, y = 1—dzx? to compute the inverse square root of d. 


1 1 
By? 5Bby> 3B yt ob) ft 
= o(14h4 af 17 4. or pag Hess (28.3-15b) 
3 2 2k\ Wk 
Opsi(t@) = “(1 5 . ey (28.3-15c) 


[fxtbook draft of 2008-January-19] 


548 Chapter 28: Root extraction 
®2(x) = «(1+ y/2) is the second order iteration |28.1-3]on page 


28.3.3 Computation of the a-th root 


? default (realprecision,55) ; 
n=5 ; d=3; 
f=x"n- d 


x75 

? phi(x)= ener x7 (nt+1)/(n*d))) 
? phi(x) 

-1/15*x"6 + 6/5*x 
y=real (polroots(f£) [1]) 

1.245730939615517325966680336640305080939309993068779811 
y*=(1.01); \\ <--= initial approximation within 17 
for (k=0,7,t=phi(y);print(k,": ",y);y=t;); 
.258188249011672499226347 140006708131748703092999467609 
-245352199888209161292281504236361352521387343922682049 
-245730594310665132338126760084832140850833621880667303 
-245730939615230180340553343162793425783500280138356272 
-245730939615517325966680138075892858940624403124874962 
-245730939615517325966680336640305080939309993068684860 
-245730939615517325966680336640305080939309993068779811 
-245730939615517325966680336640305080939309993068779811 


- 000000000000000000000000000000000000000000000000000000 


eN 


~~ 


NNOORPWNFO NV -Y 


< 
WBPRPRPRPRRRRE 


> 


Figure 28.3-A: Quantities occurring in the iterative computation of W/3. 


The following (second order) iteration computes ‘/d directly: 


G(r) = «xt - (: “ “) (28.3-16) 


Figure|28.3-A]shows the quantities occurring in the iterative computation of \/3. The iteration is involves 
no long division for small (rational) d. 


To compute the a-root of a full-precision number d one can use the iteration for the inverse root and 
invert afterwards. Another possibility is to compute the inverse a-th root of d*~! and multiply with d 
afterwards: 


-l/a 


[(d)2-*] d = q-4)/a g = qi/e (28.3-17) 


If a is small the cost is lower than with the final iteration for the inverse (which costs about 3 Multipli- 
cations or 9 FFTs). The powering-method is not more expensive than inversion if the rightmost column 
in figure [27.6-A] on page [539] for e = a— 1 is less or equal 6. In case the iteration for the inverse involves 
a loss of precision the method might be preferred also if its cost is higher. 


28.3.4 Error expressions for inverse square root iterations * 


An expression for the error behavior of the n-th order iteration similar to relation |28.2-4|on page is 


1 
Fy = (a? * + ya 1/2 (28.3-18a) 
ny i= 2n+1 n—- 
_ k=0 [e k ’) (2) 7 k=n+1 (? k )(—e)* (28 3-18b) 
(1 — e)2n-1 
Now define ¢ := ase then 
2n-—1 k 

l e 
fF, = ae where ¢ = ot Nek ° ( WC ae 

l-e a al ae 2) 


[fxtbook draft of 2008-January-19] 


28.4: Initial approximations for iterations 549 


For example, with n = 2 we obtain 


e 


1 
Fy c= bq? *) ja? (28.3-19a) 
1—-38e-3e? +e? 
= 28.3-1 
1—3e+ 3c? -e? 26e-1ab) 
= 1-6e?—16e*—30e* — 486° — 70e° (28.3-19c) 
6 4 
= 14 x4 5 (28.3-19d) 
(e—1) (e—1) 
B= $2. we eae (28.3-19¢) 
4 THe 1—3e 
The coefficients of the Taylor expansion of F;, in e are always integers. 
For n = 4: 
1 
iy ae b4(a-?*) a7? (28.3-20a) 
1—7e+21e? — 35e3 — 35 e* + 2165 —7e®& +e? 
= 28.3-20b 
1—7e+ 21 e? — 35e% + 35e* — 21e°+ 7e% —e7 ( ) 
= 1-—70e*—448e° — 1680e° — 48006" — 11550e8 —... (28.3-20c) 
70 168 140 40 
= 14 z7 TEL a4 7 (28.3-20d) 
(e—1) (e—1) (e—1) (e—1) 
l+e 4 @—7Te?+2le—35 
F. h = 28.3-20 
: T-e 8 © Ue 4212 — 358 ( = 
Two curious formulas related to the error behavior of ®2 are 
1 1 1 1 1 
®, | — ee SS eee [ee 28.3-21 
Gate) - vata Cra) oa 
1 21 1 1 21 
®, {( —le—=— = = -[e& 28.3-22 
Gale-ael) = valte (¢-38)) cae 


28.4 Initial approximations for iterations 


With the iterative schemes one alway needs an initial approximation for the root that is to be computed. 
Assume we want to compute f(d), for example, f(d) = Vd or f(d) = exp(d). One can convert the 
high precision number d to a machine floating point number and use the FPU to compute an initial 
approximation. However, when d cannot be represented with a machine float, the method fails. The 


method will also fail if the result causes an overflow, which is likely to happen with f(d) = exp(d). 


28.4.1 Inverse roots 


With f(d) = d'/ one can use the following technique. Write d in the form 


d = M-R* 


(28.4-1) 


were M is the mantissa, R the radix and X the exponent. We have 0 < M <1and X € Z. Now use 


qi/e@ 


where Z = |X/a| and Y = X-a-Z 


The algorithm computes the three quantities in relatio 
as result. A C++ implementation is given in [hfloat: 


Mile . RX/o — Mi/e . RY/e . RZ 
(so X=a-Z+Y). 


[fxtbook draft of 2008-January-19] 


(28.4-2) 


n|28.4-2|separately and finally computes the product 
2 


550 Chapter 28: Root extraction 


void 
approx_invpow(const hfloat &d, hfloat &c, long a) 
{ 


double dd; 
dt_mantissa_to_double(*(d.data()), dd); 
dd = pow(dd, 1.0/(double)a); // M*(1/a) 


long Z = d.exp() / a; //Z=X/a 
long Y = d.exp() - atZ; //Y=Xha 
double tt = pow((double)d.radix(),(double)Y/a); // R*(Y/a) 
dd *= tt; // M>(1/a) * R(Y/a) 


d2hfloat(dd, c); // c= M7(1/a) * R7(Y/a) 
c.exp( c.expQ+Z );  // c *= R7(Z) 


} 


One can also subtract a- Z from the exponent before the iteration and add Z to the exponent afterwards: 
(RX-22)1/4 = RY/o — Ree TR, In that case the initial approximation can be computed via the 
straight forward approach. 


28.4.2 Exponential function 
With f(d) = exp(d) write 
exp(d) = M-R* 


Then use X = |d/log(R)| and M = exp(d— X - log R). Note that d must fit into a machine float which 
is not a real restriction as the exp(d) will not fit into a hfloat type already with smaller values as the 
exponent of the result would overflow. 


A C++ implementation is given in [hfloat: |src/tz/itexp.cc): 


void 
approx_exp(const hfloat &d, hfloat &c) 
{ 


double dd; 
hfloat2d(d,dd) ; 


double lr = log( hfloat::radix() ); 


double X = floor( dd/lr ); 
double M = exp( dd-X*lr ); 
d2hfloat(M,c); 


c.exp( c.exp()+(long)X ); 
} 


The iteration for computation of the exponential function is given in section on page [603] 


28.5 Some applications of the matrix square root 


We give applications of the iteration for the (inverse) square root to compute re-orthogonalized matrices, 
the polar decomposition, the sign decomposition, and the pseudo-inverse of a matrix. 
28.5.1 Re-orthogonalization 


A task from graphics applications: a rotation matrix A that deviates from being orthogonal? shall be 
transformed to the closest orthogonal matrix EL. One has (see [205]): 


E = A(A™A)-? (28.5-1) 


2Typically due to cumulative errors resulting from many multiplications with rotation matrices. 


[fxtbook draft of 2008-January-19] 


28.5: Some applications of the matrix square root 551 
With the division-free iteration for the inverse square root 
1 2 3 2 2 5 2 3 
O(r) = 2 1+5(1— da") + 3 (1— de") + 7g (1 — de") +... (28.5-2) 


the given task is pretty easy: as A’ A is close to unity (the identity matrix) we can use the (second order) 
iteration with d= A7A andx=1 


1—ATA 
(ATA)“2 (1 + | (28.5-3) 
and multiply by A to get a ‘closer-to-orthogonal’ matrix A+: 
_ AT 
A, = A (1 + —s*) ~E (28.5-4) 


The step can be repeated with A, (or higher orders can be used) if necessary. Note the identical equation 
would be obtained when trying to compute the inverse square root of 1: 


1— 2 
4 = (1+ =) 54 (28.5-5) 


It is instructive to write things down in the singular value decomposition (SVD) representation 
A = uav? (28.5-6) 


where U and V are orthogonal and 2 is a diagonal matrix with non-negative entries, see |251). We 
note that the SVD is not unique, using the 1 x 1 matrix [—2] = [—1] [2] [1] = [1] [2][—1]. The SVD isa 
decomposition of the action of the matrix as: rotation — element-wise stretching — rotation. Now 


ATA = (VQUT) (UAV") =VO?VT (28.5-7) 
Thereby (using the fact that (VOV7)" = VO"V7) 


i 
2 


(A?A)-# = ((vauT) UAV") | = (Vo2VvT)"? = vor-lyT (28.5-8) 


and we have 
A(ATA)-2. = (UQV™) (VO-1VT) =UVT (28.5-9) 
that is, the ‘stretching part’ was removed. 


A numerical example: Let 


+1.0000000 +1.0000000 +0.7500000 
A =  |—0.5000000 +1.5000000 +1.0000000 (28.5-10) 
+0.7500000 +0.5000000 —1.0000000 


then 
+0.803114165 +0.291073143 +0.519888513 
E = |-—0.486897253 +0.823533541 +0.291073143 (28.5-11) 
+0.343422053 +0.486897252 —0.803114166 
and E ET = 1. 


[fxtbook draft of 2008-January-19] 


552 Chapter 28: Root extraction 


28.5.2 Polar decomposition 


The so-called polar decomposition of a matrix A is a representation of the form 
A = ER (28.5-12) 


where the matrix E is orthogonal and R = R’. It is an analogue to the representation of a complex 
number z € Cas z =e’? r (identify R~ r and E~e'®). 


The polar decomposition can be defined by 
A = ER: (4(474)-1/?) ((474)'?) (28.5-13) 


where R is the (unique, positive semidefinite) square root R = (A? A)'/? and E = A(A7A)~1/?. 


The matrix FE is computed as before: 


1—ATA LATA 
E = A-(14 2 ae zs ee (28.5-14) 
2 2 
The matrix R equals E~1A = E7 A, that is 
A = ER = E(E‘A) (28.5-15) 
UV? (VQV") (28.5-16) 
Compute the polar decomposition as 
Ey = A (28.5-17a) 
L=2F se 
Y%, = (: = ee (28.5-17b) 
Exsi = E,pY, rE (28.5-17c) 
Regi = Ep A OR (28.5-17d) 
Epi Rygi — A (28.5-17e) 


Higher orders can be added in the computation of Y,. If you prefer z = re’? over e'? r then iterate as 
above but set R’ = AE” so that 


A RE = (AE")E (28.5-18) 


= (OU ay (28.5-19) 


I 


Numerical example: Let 


+1.00000 +1.00000 +0.75000 
A = |-—0.50000 +1.50000 +1.00000 (28.5-20) 
+0.75000 +0.50000 —1.00000 


then 
A = ER (28.5-21a) 
+0.80311 +0.29107 +4+0.51988] |+1.30412 +0.24447 —0.22798 
= |-—0.48689 +0.82353 +0.29107| |+0.24447 +1.76982 +0.55494 (28.5-21b) 
+0.34342 +0.48689 —0.80311] |—0.22798 +0.55494 +1.48410 
A = RE (28.5-21c) 
+1.48410 +0.55494 +0.22798] |+0.80311 +0.29107 +0.51988 
= |40.55494 +1.76982 —0.24447| |—0.48689 +0.82353 +0.29107 (28.5-21d) 
+0.22798 —0.24447 +1.30412] |+0.34342 +0.48689 —0.80311 


[fxtbook draft of 2008-January-19] 


28.5: Some applications of the matrix square root 553 


28.5.3 Sign decomposition 


The sign decomposition can be defined as 
As BY = (4(42)-?) ((4?)?) (28.5-22) 


where N = (A?)~!/? and § = A(A?)~1/?. The square root has to be chosen such that all its eigenvalues 
have positive real parts. The sign decomposition is undefined if A has eigenvalues on the imaginary axis. 
The matrix S is its own inverse (its eigenvalues are +1). The matrices A, S and N commute pairwise: 
SN=NS, AN =NA and AS = SA. 


Use 
So = A (28.5-23a) 
Y, = (1+ 15%) (28.5-23b) 
Skat = SeYr —S (28.5-23c) 
Newt = SrA ON (28.5-23d) 


Numerical example: Let 


+1.00000 +1.00000 +0.75000 
A = |-—0.50000 +1.50000 +1.00000 (28.5-24) 
+0.75000 +0.50000 —1.00000 


then 
A = SN (28.5-25a) 
+0.90071 —0.01706 +0.29453] |+1.13014 +1.02237 +0.36392 
= |-0.24065 +0.95862 +0.71389] |—0.18454 +1.55423 +0.06423 (28.5-25b) 
+0.62679 +0.10775 —0.85933] |—0.07158 +0.35875 +1.43718 


where SS = 1. See and also [134]. 


28.5.4 Pseudo-inverse 


While we are at it: define a matrix At as 
AY 3S AA OA Sa(VOPr Vv) Vou =v (28.5-26) 
This looks suspiciously like the inverse of A. In fact, this is the pseudo-inverse of A: 
ATA = (VQ-1UT) (UQV™) =1 but wait (28.5-27) 
A* has the nice property to exist even if A~! does not. If A~! exists, it is identical to At. If not, 
At A#1 but A® will give the best possible (in a least-square sense) solution 2t = ATb of the equation 
Az = b (see [89] p.770]). To find (A A7)~! use the iteration for the inverse: 
®(z) =x (1+ (1—dz)+(1-—dz)? +...) (28.5-28) 
with d= AA? and the start value x9 = 2—n(AA7)/ ||A A7|| * where n is the dimension of A. 


A pari/gp implementation of the pseudo-inverse using the SVD: 


[fxtbook draft of 2008-January-19] 


504 


Chapter 28: Root extraction 


7 A 


NN 


[+1.00 +1.00 
[-0.50 +1.50 
[+0.75 +0.50 


t=matSVD(A) ; 


[+0.644401153492 +0 
[-0.695372132379 +0 
[-0.318126941467 -0 


+0.75 
+1.00 
-1.00 


+ 
+ 


d 

L+0.95641003 0 0] 
[0 +5.09161169 0] 
[0 0 +1.74234618] 


V 

[+0 .787833655771 
[-0.583139548860 
[+0 . 110889336609 
[+0 . 164225309908 


Ax=matpseudoinv (A) 

[+0 .744034618880 -0 
[-0.093004327360 +0 
[+0.095446097914 -0 
[+0 .138692567521 -0 


-0 
+0 
+0 
+0 


2.00] 
3.00] 
3.00] 


. 067332385426 
. 227598489665 
. 313647647860 
. 919396775264 


-497415792829 
.562176974103 
.041347314730 
.016875347613 


62 
24 
74 


+0 
+0 
-0 


=0:. 


+0 
+0 
-0 
-0 


U=t [1]; d=t[2]; V=t(3]; 


-438818890 +0. 
676976586 +0. 
590881276 +0. 


62468643] 
11644651] 
13869203] 


.60935354299] 
. 77980313700] 
.01752654388] 
14243646797] 


. 005046325813] 
.499369209273] 
.080741213017] 
. 221929812661] 


A*Ax 

[+1 .0000000000000 
[+2.52435489 E-29 
[-2.52435489 E-29 


+3 
+1 
-2 


. 78653234 E-29 
. 0000000000000 
.52435489 E-29 


-4.41762106 E-29] 
-2.52435489 E-29] 
+1.0000000000000] 


Ax*A 

[+0.9965272596551 
[+0 .0004340925431 
[+0.0555638455173 
[-0.0193171181681 


+0 
+0 
-0 
+0 


.0004340925431 
. 9999457384321 
.0069454806896 
.0024146397710 


+0. 
-0. 
+0. 
+0. 


0555638455173 
0069454806896 
1109784717229 
3090738906900 


-0.0193171181681] 
+0.0024146397710] 
+0.3090738906900] 
+0.8925485301897] 


Figure 28.5-A: Numerical example for the pseudo-inverse computed by the SVD. We use a 3 x 4 matrix 
which is definitely not invertible. A working precision of 25 decimal digits was used, so A At = 1 to 
within that precision. On the other hand, At A is not close to the unit matrix. 


matpseudoinv(A)= 
\\ Return pseudo-inverse of A 
{ 
local(t, x, U, d, V); 
t = matSVD(A); 
v= tlt]; d=tl2]; Vv = t[3l; 
for (k=1, matsize(d) [1], 
x=d[k,k]; if (x>1e-15, d[k,k]=1/x, d[k,k]=0); 


return( V+d+*U~ ); 
} 


Where the SVD is computed with the help of a routine (qfjacobi()) that returns the eigenvectors of a 
real symmetric matrix: 


matSVDcore(A)= 

\\ Singular value decomposition: 

\\ Return [U, d, V] so that U*d*V~==A 

\\ d is a diagonal matrix 

\\ U, V are orthogonal 

£ 
local(U, d, V); 
local(t, R, di); 


\\ returned quantities 


R = conj(A~)*A;  \\ R==V¥d"2*V~ 

t = qfjacobi( R ); \\ fails with eigenvalues==zero 

v = +¢([2]; 

d = real(sqrt(t[1])); 

di =d; 

for (k=1, length(d1), t=dil[k]; if (abs(t)>1e-16, t=1/t, t=0); di[k]=t ); 
d1 = matdiagonal(d1): 


[fxtbook draft of 2008-January-19] 


28.6: Goldschmidt’s algorithm 555 


d = matdiagonal (d) ; 
U = (A*V¥d1) ; 
return( [U, d, V] ); 


The core routine is always called with a matrix A whose number of rows is greater or equal to its number 
of rows. Thereby we make sure that when the main routine with argument A computes U, d, V so that 
A=UdV*" then with argument A’ we obtain X, d, Y where AT = XdY™, X =V, and Y =U. 
aac 
local(tq, t, U, d, V); 
t = matsize(A); 
tq=0; if ( t[1]<t[2], tq=1; A=A~; ); 
t = matSVDcore(A) ; 
d = t([2]; 
u=t([3]; V=t[1]; 
ff 
u=t[i]; V=t{[3]; 


‘ return( [U, d, V] ); 


For a numerical example see figure |28.5-A} The connection between the SVD of a matrix a and the 
eigenvectors of A? A is described in [145]. 


28.6 Goldschmidt’s algorithm 


A framework for the so-called Goldschmidt algorithm can be stated as follows. Initialize 


to = dA, Ey = da? (28.6-1a) 
then iterate 
Pryr = 1+ 1 *s (28.6-1b) 
Lk+1 = uy PT a (28.6-1c) 
Exyr = ExPe 1 (28.6-1d) 


The algorithm converges quadratically. The updates for x and EF (last two relations) can be computed 
independently. The iteration is not self-correcting, so the computations have to be carried out with full 
precision in all steps. 


An invariant of the algorithm is given by «¢/E?: 


= kr =k 28.6-2 
Be (Ex, . Peye EP ( a) 
Using 
x5 oe Aa—Bb 
and, as EF’ converges to 1, we find that 
xe, _ xO 
That is, 
a\ l/a A 
_~ (%)\° _ % _ @  _ ja-Boja ‘ 
Loo = @) = pele = pala d (28.6-2d) 


One can now look for interesting special cases, b is set to one in what follows. 


[fxtbook draft of 2008-January-19] 


556 Chapter 28: Root extraction 


28.6.1 Algorithm for the a-th root 


Solving A— B/a =1/a gives B= Aa—1 and especially A= 0, B=1. That is, set 


% = d, Eo = a 
then iterate 
1-E 
Py := 1+ : 1 
a 
Lk41 i= Lp: Pr 
Exy: := Ex: Pe 1 


until x close enough to t4 = da 


Computation of the square root 


For a = 2 one obtains an algorithm for the computation of the square root: 


i Fe 
vd = d 


where Ey = d, Exyi := Ex (352e)2, 


28.6.2 Algorithm for the inverse a-th root 
Solving A — B/a = —1/a gives B= Aa+1 and especially A= 1, B=a-—1. That is, set 
TQ = 1, Eo =d 


then iterate as in formulas |28.6-3b}|28.6-3d] until « close enough to %) = doa, 


Computation of the inverse 


Setting a = 1 one obtains an algorithm for the inverse (P, = 1+ (1 — Ex) =2— Ex): 


where Eo = d, FEe4i = Ex (2 = Ex). 


Computation of the inverse square root 


(28.6-3a) 


(28.6-3b) 


(28.6-3c) 
(28.6-3d) 


(28.6-4) 


(28.6-5) 


(28.6-6) 


For a = 2 one obtains an algorithm for the inverse square root (P, = 1+ (1 — E,)/2 = (8 — Ex)/2): 


1 = Bp 
vi ~ Ws 


k=0 


where Ey = d, Exyi := Ex (35Be)2, 


[fxtbook draft of 2008-January-19] 


(28.6-7) 


28.6: Goldschmidt’s algorithm 557 


28.6.3. Higher order algorithms for the inverse a-th root 


Higher order iterations are obtained by appending higher terms to the expression (1 + 1—Ex) in the 
definitions of Pyi1 as suggested by equation |28.3-4]on page and the identification y = 1 — E: 


FEy4i = Ex Pe where (28.6-8) 
1-£ 
Py = 1+—— [second order] (28.6-9) 
a 
(1+) (1— E,)? ; : 
Sa [third order] 
4 a _7,)3 
4 et ee) [fourth order] 
6a3 
+ see 
(1+ a) (1+ 2a)...(1+(n—1)a)(1— Ex) ier Gey] 


ni! a” 


wo = 1 

Ep = 2.0 

Py = 0.90625 
by = 0.0 

x1 = 0.90625 


Ey = 1.8490314483642578125 
P, = 0.9317769741506936043151654303073883056640625 
by = 1.5185 
£2 = 0.844422882824066078910618671216070652008056640625 
Ez = 1.01688061936626457410433320872039209492188542219092968 
Pz = 0.99582436942565084187883 15054034553239996718905629355821 
bo = 5.8884 
x3 = 0.8408968848168658520212846605006387710597528718627830956 
£3 = 1.0000022336332328355958387 70249210075 74068879685671957 
P3 = 0.9999994415924713406977321191709309975809003013470607162 
bg = 18.772 
t4 = 0.840896415253714544129268311997311863784908048573 1336497 
E4 = 1.000000000000000005223677094319714797043731882484224637 
P4 = 0.9999999999999999986940807264200713050026299021477654907 
ba = 57.409 
5 = 0.8408964152537145430311254762332148950400342623567845249 
Es, = 1.000000000000000000000000000000000000000000000000000067 
Ps = 0.9999999999999999999999999999999999999999999999999999833 
bs = 173.32 

1/W72 = 0.8408964152537145430311254762332148950400342623567845108. .. 


Figure 28.6-A: Numerical quantities occurring in the computation of 1/ V2 using a third order Gold- 
schmidt algorithm. 


As an example, the inverse fourth root of d = 2 can be obtained via the third order algorithm 


a = 1 (28.6-10a) 
Ey = d=2 (28.6-10b) 
45 — 18 E, +5 B2\* 

Eus. = E, Pi = Ex ( — t) (28.6-10c) 
Lk+1 = KP (28.6-10d) 


[fxtbook draft of 2008-January-19] 


558 Chapter 28: Root extraction 


Figure |28.6-A]shows the numerical values of x,, FE, and P, up to step k = 6. The approximate precision 
in bits of a, is computed as b, = —log(|1 — E,|)/log(2). 


28.7 Products for the a-th root 


Rewrite the well-known product form 


= (lt+y(1+y’?)4+y*) (1 4+y%) ... (28.7-1) 


= [[@+%) where We=y, You = ¥e (28.7-2) 
k>0 


We give product forms for a-th roots and their inverses that generalize the relations above. 
28.7.1 Second order products 
Products for the square root and its inverse 


For the inverse square root use 1/,/1 — y = (1+ y/2)-1/,/1 — y?/4(3+y), thereby 


1 3 
a II (1+Y,) where Y, := 2 Via c= 7 (5 + %) (28.7-3) 
I-y k>0 2 2 
For the square root use /1 — y = (1 — y/2)- 1 — (y/(y — 2))?, so 
l-y = II (1+ Y,) where Yj := a Yeo. c= Yi_\" (28.7-4) 
Y= k 1: 2? k+1 t= 2\14% . 
k>0 
Products for the a-th root and its inverse 
The relation for the inverse a-th root is 
ul -1/a 
A = (i-y)“* = [J G+%) where (28.7-5a) 
~Y k>0 
1 
Y, = . Yeti = = (1-(1—aY¥i) (Ye +1") (28.7-5b) 
Alternatively, 
1 —l/a 
— = zx(1-y) =« |[@+%) (28.7-6) 
Vd B50 
with y:=1—d<«* and the definitions |28.7-5b|for Y;. | For the a-th root we obtain 
VYi-y = (1-y)/* = T][G+Y¥) where (28.7-7a) 
k>0 
Yy 1 (l+a¥Y,)-(1+Y¥;,)% 
y= 4, y, = 28.7-7b 
1 a k+1 (1 + Yp)@ ( ) 


[fxtbook draft of 2008-January-19] 


28.7: Products for the a-th root 559 


28.7.2 Products of arbitrary order 


We want to obtain an n-th order product for the inverse a-th root 


1 
VI —y 


= [[@+T(%;)) where W=y, Yeu = N(%) (28.7-8) 
k>0 


The functions JT and N have to be determined. Set 
[t=ye = +74) (+7 
=: (1+7(%)) [1 - Ya] 


)e(—y)-4 (28.7-9a) 
(28.7-9b) 


BR 


ale 


where 1+ T(Yj) is the Taylor expansion 


hai (1+ ka) 


nia” 


a re & 4s (l+a)y? | (1+ a)(1+2a) y? 
# 7 ea 2a? 6a3 
up to order n—1. The Taylor expansion of Y2 starts with a term ~ y”. Using Y;11 = N(Y;) as suggested 


by the relation between Y2 and Yj gives a product with n-th order convergence. For example, for a third 
order product for 1/,/1 — y, set 


y+... (28.7-10) 


1 
T(Y) := a¥+ey? (28.7-11) 


Now solve (1 + T(Y¥,))? (1 — y) = (1 — Yo) for Y2 to obtain 


Sy? 1y*  9y? 
= + + =: N 28.7-12 
Ya 8 64 64 (y) Cece) 


Then, finally, (Y; := y and) 


= |[G@+7(%;)) where (28.7-13a) 
I-y k>0 
i ws 
PY) t= ova (28.7-13b) 
A 2 
Yer = N(%) = of (40 +15 ¥;, +9 2) (28.7-13c) 


Replace relation |28.7-13c|by Y;,41 = 1—(1+ T(Y;))* (1—Y;,) to obtain the general formula for the inverse 
a-th root. 


The second order products lead to expressions that are especially nice: 


— = J[G+7(%)) where T(y) := +2 and (28.7-14a) 
k>0 

Yeu = N(¥) = 1- (14 a (1—y) (28.7-14b) 

aa = J[@+7(%,)) where T(y) := = and (28.7-15a) 
k>0 

Ya = VY) = a-#)" (ge 4 (28.7-15b) 

V/i-y = JJ Q@+T(%)) where T(y) := = and (28.7-16a) 
k>0 

Yue = NG = aos Oe Yu)a* _ aoe (28.7-16b) 


[fxtbook draft of 2008-January-19] 


560 Chapter 28: Root extraction 


vity = J[Q+7%)) where Ty) = +2 and (28.7-17a) 
k>0 
(1+ ¥,)a* — (a+ Y;,)*% (1+ ¥;,) a* 
k+l (Yx) (a+ ¥%)* (at ¥)* (28.7-17b) 
The third order product for WS is 
1 anol 
= J[@+T(%,)) where Ty) = +244 (L+@) and ——_(28.7-18a) 
fT — a 2a? 
y k>0 
y  y(ta)\* 
Yeu = N(¥%) = 1-(1+7 +3, (1—y) (28.7-18b) 
= 1-(1+T(y))*(-y) (28.7-18c) 


28.7.3. Third order product for the a-th root 


default (realprecision, 55) ; 

a=3;d=2;al=a-1;be=at1; 

F (x) =(al*x*atbe*d) /(be*x*atal*d) \\ == (x73 + 4)/(2*x73 + 2) 
p=99.0; \\ very bad approximation to the root 

for (k=0,25,p*=F(p);print(" ",p);); 

49 .50015304544986086777285375657013294857260641038853963 
24 .75068869632253579329539807676065903819005885296493460 
12. Bene hota ree oar eeee ot ae cc ents oy an cecanee 
. 198681729467973308980394893535983190191783732016583057 
13899 GodEas on 77 ei eueeT1 361271 7551 369860309 193768721700 
.716643430397499239455514329236039539565820802853452486 
.283323514322784332830377116401015264599592858280490032 
.259926284571153279491359924753865826868163920866767105 
.259921049894873225007750979366564220753732750396518986 
.259921049894873164767210607278228350570251464701599790 
.259921049894873164767210607278228350570251464701507980 
.259921049894873164767210607278228350570251464701507980 


NNN VN NY 


FREER WO) 


Figure 28.7-A: Computation of \/2 with a very bad initial approximation. 


The third order iteration given as relation |28.2-7|on page [545] gives a simple product for Wd. Let 
kz (28.7-19a) 


where Yo is sufficiently near to V/d and Y;, = F(P,—1) where 


F(e) i= Farag — anes (28.7-19b) 


with a = a—1 and 8 =a+1. Then P,, = Va. Figure [28.7-A] shows the numerical quantities with 
the computation of ¥/2 with a starting value Yo = 99 that is not at all close to the root. We have 
F(a) = a which is = $ for large values of x. Therefore the big initial values are repeatedly halved 
before the third order convergence begins. 


28.8 Divisionless iterations for polynomial roots 


Let f(a) be a polynomial in x with simple roots only, then 
®(z) := x—p(x) f(x) where p(x) := f’(x)~* mod f(z) (28.8-1) 


[fxtbook draft of 2008-January-19] 


28.8: Divisionless iterations for polynomial roots 561 


is a second order iteration for the roots of f(x). The iteration involves no long division if all coefficients 
are small rationals. Instead of dividing by f’(a) a multiplication by the modular inverse p(x) is used. As 
deg(p) < deg(f) we have deg(®) < 2 deg(f) — 1. 


For example, for f(z) = ax? + bx +c we obtain 


2ax+b 
ee elec 


P(x) = A 


f(x) where A=b? —4ac (28.8-2) 
The general expressions for polynomials of orders > 2 get complicated. However, for fixed polynomial 
coefficients the iteration is more manageable. For example, with f(x) = 2° + 5a +1 we obtain 


_ (2) 


= 2 mal 28.8- 
P(x) a+ oe (30 2* — 9x + 100) (28.8-3) 


For the polynomial «” — d we have p = a/(nd) and the iteration is (relation |28.3-16]on page|548): 


D(z) = x- oF (2"—d) = x+ . (« = 7) (28.8-4) 


The construction is given in [136] where a method to construct divisionless iterations of arbitrary order 
is given: let pf’ +qf =1, and 


% := r-pf, pi=p (28.8-5a) 
Pr 2= PPp1—(r—l)aqpr-1 (28.8-5b) 
©, = ®,_1 + (-1)” Pr f'/r! (28.8-5c) 


then ®,. is an iteration of order r+ 1. 


[fxtbook draft of 2008-January-19] 


562 Chapter 28: Root extraction 


[fxtbook draft of 2008-January-19] 


563 


Chapter 29 


Iterations for the inversion of a 
function 


In this chapter we study some general expressions for iterations for the zero of a function. Two schemes 
that give (arbitrary order, one-point) iterations, Householder’s formula and Schréder’s formula, are given. 
Several methods to construct alternative iterations are described. Moreover, iterations that also converge 
for multiple roots and a technique to turn a linear iteration into a super-linear one are presented. 


29.1 Iterations and their rate of convergence 


An iteration for a zero r (or root, f(r) = 0) of a function f(x) are themselves functions ®(x) that, when 
used like 


k+l = ®(x) (29.1-1) 


will make x; converge towards the root: t» = 7r. Convergence is subject to the condition that xo was 
chosen close enough to r. The function ®(x) must (and can) be constructed so that it has an attracting 
fixed point where f(x) has a zero: 


O(r) = r (fixed point) (29.1-2) 
| < 1 (attracting) (29.1-3) 


This type of iteration is called a one-point iteration. There are also multi-point iterations, these are of 
the form v.41 = ®(@p, Ue-1,---,Uk—j),j > 1. An example is the two-point iteration known as the secant 
method 


Uk+1 = ®(XpE, Lp-1) = Xk f (xr) (29.1-4) 


We are mainly concerned with one-point iterations in what follows. 


The order of convergence (or simply order) of a given iteration can be defined as follows: let 2 = r-(1+e) 
with je| < 1 and ®(x) = r- (1 +ae” + O(e"*')), then the iteration © is called linear (or first order) if 
n = 1 (and ja| < 1). A linear iteration improves the result by (roughly) adding a constant amount of 
correct digits with every step. 


A super-linear iteration does better than that: The number of correct digits grows exponentially (to the 
base n) at each step. Super-linear convergence of order n should better be called exponential of order n. 


[fxtbook draft of 2008-January-19] 


564 Chapter 29: Iterations for the inversion of a function 


Iterations of second order (n = 2) are often called quadratic (or quadratically convergent), those of third 
order cubic iterations. Fourth, fifth and sixth order iterations are called quartic, quintic and sextic and 
so on. We note that the two-point iteration relation|29.1-4}has order (/5+1)/2 ~ 1.618, see [137] p.152]. 


It is conceivable to find iterations that do converge better than linear but less than exponential to any base: 
imagine an iteration that produces proportional k? digits at step k (this is not quadratical convergence 
which produces proportional 2* correct digits at step k). That case is not covered by the ‘order-n’ notion 
just introduced. However, those (super-linear but sub-exponential) iterations are not usually encountered 
and we actually won’t meet one. In fact, the constructions used in this chapter cannot produce such an 
iteration. For a more fine-grained definition of the concept of order see p.21]. 


For n > 2 the iteration function ® has a super-attracting fixed point at r: ®’(r) = 0. For an iteration of 
order n one has 


®'(r)=0, O"(r)=0, ..., @”YV(r)=0 (29.1-5) 
There is no standard term for emphasizing the number of derivatives vanishing at the fixed point: super- 
attracting of order n might be appropriate. 


To any iteration of order n for a function f one can add a term f(x)” - p(x) (where v(x) is an arbitrary 
function that is analytic in a neighborhood of the root) without changing the order of convergence. That 
term is assumed to be zero in what follows. The statement can easily be checked by verifying that the 
first n — 1 derivatives of ®,,(x) + f(x)” - p(x), evaluated at the root r, equal zero. 


Any two one-point iterations of the same order n differ by a term f(x)” - y(a). 


Any two iterations of the same order n differ by a term (a —r)”" v(x) where v(x) is a function that is 
finite at r [37] p.174, ex.3]. 


Any one-point iteration of order n must explicitly evaluate f, f’,..., f%—~) p.98]. For methods to 
find zeros and extrema without evaluating derivatives see [59]. 


29.2 Schroder’s formula 


For n > 2 then the expression 


S,(e) = 24 ST 1)! fe) (a =) - a (29.2-1) 


t=1 


gives a n-th order iteration for a (simple) root r of f [210] p.13]. That is, 


f fo " de "” eit 
S = Soolt)= 2% ae — ape — ape BI FF) (29.2-2) 
4 
iG : (157 _ i ae ie ad 4 for") 
5 
“aa : (105,f”4 _ 1057" 7" 7” a 10777" ae 1 alae de ld _ ie ea _ 


The second order iteration is the well-known Newton iteration. The third order iteration, obtained upon 
truncation after the third term on the right hand side, and written as 


S3 = o-£ (+25) (29.2-3) 


[fxtbook draft of 2008-January-19] 


29.2: Schréder’s formula 565 


is sometimes referred to as Householder’s method. Approximating the second term on the right hand side 
gives Halley’s formula: 


n\ —1 
i= Be Z (1 = i) (29.2-4) 
Write 
_ f i ie ci 
S = 2 U; if’ U2 oy ig U3 31 5 wae Un nl fmt (29.2-5) 
then U; = 1, U2 = f”, U3 = 3f’? — ff’, and we have the recursion 
ie = n= 3) P43 = FU g (29.2-6) 


An alternative recursion is given in [229] p.83], write 


S =a v (4) % (4) v (4) ee ¥. (4) ee (29.2-7) 


Y, = ; (26 NE Ya ¥1) (29.2-8) 


then Y; = 1 and 


Relation |29.2-1}on the preceding page with f(x) = 1/a% — d gives the ‘division-free’ iteration |28.3-5|on 


page for arbitrary order. For f(#) = log(x) — d one obtains the iteration |31.2-9a|on page 
For f(x) = 2? —d one obtains 


a2—d  (a2—-d)*  (a?-d)*  5(a?-d)" 
S(z) = « ( of ee pe ee (29.2-9a) 
= g—2e-(Y+Y¥?+2Y°+5Y*+14¥°+42Y°+...) where Yi= Dae (29.2-9b) 


The coefficients of the powers of Y are the Catalan numbers, see section on page [306] 


A simple derivation of Schréder’s formula * 
The starting point is the Taylor series of a function f around x9: 
1 
f(z) = x at (ao) (z — 2)* (29.2-10a) 


= flo) + (© = 0) + 5S" 0) (© — 0)? + EF" (to) (© = 20)? + --. (29.2-10b) 


Now let f(2o) = yo and r be the zero of f (that is, f(r) = 0). We expand the inverse g = f~! around 
Yo: 


g(0) = Sa ) (0 = yo)* (29.2-11a) 
k=0 


ayo) + 9! (yo) (O— yo) + 5"(uo) (0 ~ 40)? + 54(yo) (0 — yo)? +... (29.2-110) 


[fxtbook draft of 2008-January-19] 


566 Chapter 29: Iterations for the inversion of a function 
Using xo = g(yo) and g(0) = r we obtain 
1 1 
r = 29 -9'(yo) f(t) + 59 (yo) f(x0)* — 69 (yo) F (xo)? +... (29.2-12) 


Remains to express the derivatives of the inverse g in terms of (derivatives of) f. Set 


fog = id, that is: f(g(x)) = x (29.2-13) 


and derive the equation (chain rule) to obtain g/(f(x)) f’(z) = 1, so g’(y) = Fay Derive f(g(x)) — x 
multiple times to obtain (arguments y of g and x of f are omitted for readability): 


1 = f'g’ (29.2-14a) 
0 = gf fl + fg" (29.2-14b) 
0 = g Sie ea f"g a EP g m (29. 2. 14c) 
0 = g 7 ah, Af'g a 4 3f"'"g uae 6f f"g m + fg mn (29. 2. 14d) 
This system of linear equations in the derivatives of g can be solved successively for g’, g”, g!”, ...: 
r 1 
g = 7 (29.2-15a) 
fi 
g = 48 (29.2-15b) 
J” = a (af -_ ‘ae (29.2-15c) 
yg? = 7 (10/" fps py?" _ a”) (29.2-15d) 
mn 1 na ,o 1 ¢i2 pit 12 p11 prt 12 p12 
= Z5 (105, — 105," fF" +15 ff" fe" +10 fF? F ) (29.2-15e) 
Thereby equation |29.2-12|/can be written as 
I f 1 f" 2 1 2 rel 3 
r= aft > ( DI) P-% r vs (3 ff ) pt... (29.2-16) 
f £? fi 
= Sapo ape FP gpe BF FP) 


which is Schréder’s iteration, equation |29.2-2]on page 


29.3. Householder’s formula 


The following expression gives for n > 2 a n-th order iteration for a (simple) root r of f [137] p.169]: 


» \(n2) 
iA d= oa) (xe) (29.3-1) 


s) (n-1) 


[fxtbook draft of 2008-January-19] 


29.3: Householder’s formula 567 


We have 
en eel 
2 = £= 7 (29.3-2a) 
af f' 
A; = «- aF2 — FF" (29.3-2b) 
3f(ff" —2f7) 
Ay 6f ff” —6f® — f2fl” (29.3-2c) 
Af (6 = of ff! + py") 
fe 3 4 12 en 2 fr gm 2 pu (29.3-2d) 
Pep 2A a sO E LE gh SBE eT — OFey 
The second order variant is Newton’s formula, the third order iteration is Halley’s formula. 
Kalantari and Gerlach define the iteration 
Dm-— 
Bm =2«—f 5 (29.3-3a) 
m—-1 
where m > 2, Do = 1, Di = f’, and 
" (m=) (m) 
i or mee — on 
(m=1) 
if ia 
Dy = det OD: s9 ae : (29.3-3b) 
: fr 
2! 
0 0 -. f f' 


The iteration turns out to be identical to the one of Householder (B,, = H,,). A recursive definition for 
Dy, is given by 


ee 1 is ”D Dens (29.3-4) 


i=1 


The derivation of Halley’s formula by applying Newton’s formula to f/,/f’ can be generalized to produce 
m-order iterations as follows: Let F, = f and for m > 2 let 


Fn 
fy Sa (29.3-5a) 
V : ae 
Fn-1 
Ayn = - 29.3-5b 
sere ais 
That this recursion indeed gives the Householder iteration is shown in [144]. 
An alternative recursive formulation (also given in [144], ascribed to Ford/Pennline) is 
Oe Sd (29.3-6a) 
1 
Qm = f Qm-1 _ m—2 PQ (29.3-6b) 
- Qm 
Hm = «—f (29.3-6c) 
Qm-1 


The Taylor series of the k-th order Householder iteration around f = 0 up to order k — 1 gives the k-th 
order Schréder iteration. 


[fxtbook draft of 2008-January-19] 


568 Chapter 29: Iterations for the inversion of a function 
29.4 Dealing with multiple roots 


The iterations given so far will not converge at the stated order if f has a multiple root at r. As an 
example consider the function 


f(z) = (2?-—d)™ where meN (29.4-1) 
The iteration ®(z) = a — f/f" is 
x? —d 
O(4) = “- =r (29.4-2) 


Its convergence is only linear for m > 1: ®(Vd(1 + e)) = Vd(1 + ™="e + O(e?)) 


m 


Householder [137] p.161, ex.6] gives a second order iteration for a root of known multiplicity m as 


ee 
ye 


Note that with the example above we obtain a quadratic iteration. 


®2(4) =x—m (29.4-3) 


For roots of unknown multiplicity use the general expressions for iterations with F := f/f’ instead of f. 

Both F' and f have the same set of roots, but all roots of F are simple. To illustrate this consider a 
function f that has a root of multiplicity m at r: f(x) := (a —r)"” h(x) with h(r) 40. Then 

fi(e) = m(x—r)™' h(x) +(e—1)”h'(z) (29.4-4a) 

ee a (m h(a) + (x — 1) N'(2)) (29.4-4b) 


and 

h(x) 
mh(a) + (a —r) h'(x) 
The fraction on the right hand side does not vanish at the root r. 


Plugging F = f/f’ into Householder’s formula (relation |29.3-1) we get the following iterations denoted 
by H i the iterations H; are given for comparison: 


F(a) = f(a)/f'(e) = («-r) (29.4-5) 


i = #= fi (29.4-6a) 
= aff 
Az = L— of — ff" (29.4-6c) 
2 12 
HY = « 2p f= 2h (29.4-6d) 


ee ies ein 

Hy = += 75 ont z > Fa (29.4-6e) 
3 Zp gF2z¢r fi 

= amopiep—arre apr 

He = 8+ sepa ap PP APT OPP oer 


The terms in the numerators and denominators of H. Mg and H;,+1 are identical up to the integral constants. 
A alternative form for H ‘a is given by 


1) Hos(f))*? 
(log(f))” 


[fxtbook draft of 2008-January-19] 


HP = x4+(k (29.4-7) 


29.5: More iterations 569 


Schréder’s formula (relation |29.2-1), when inserting f/f’, becomes: 
if ff Grr _ DF fe + fz") 


oe (fe = ii") 2(ff" — f2)° (29.4-8) 
PPP aie BP Py POP Sef 
0k ieee ie Da ff" — FP?" 
PP led 


ACF" — faye 


Checking convergence with the example function (relation |29.4-1) we began with: the second order 
iteration is 
d— x? 2dx 


03° (z) So = Hy = £4 tre — ae (29.4-9) 


Convergence is indeed second order, as 
Le 1—e? 
of (Vd- = vd. 29.4-10 
gWasi) = Va (29.4-10) 


which holds independent of m. The expression is similar to relation |28.2-4]on page In general, with 
A - one obtains for the square root: 


%(/d l-—e YF 1— ek 


Using Schréder’s third order formula for f/f’ with f as in |29.4-1| we obtain a beautiful fourth order 
iteration for Vd: 


d— x? (d— 27)? 
% = 

S3(2) = #+2 ae +ad (d+ 2) (29.4-12a) 

l—e 1 + 3e? — 3e* — e® 

= d 29.4-12 
Ss(Vd Vd ata eet ee ) 
1- 243 

= vd-— where c=e! — - (29.4-12c) 


In general, the (1+ ak)-th order Schréder iteration for 1//d obtained through f/f’ has an order of 
convergence that exceeds the expected order by one. The third order Schroder iteration for f(a) = 1—dx? 
is 

1 — dx? (1 — dx”)? 


S3(@) = Ce ae” a dee 


(29.4-13) 


1 ine 
Vd 1+e 


The iteration also has 4th order convergence and the error expression 9% ( ) is the same (replacing 


Vd by 1/Vd) as in relation |29.4-12b 


29.5 More iterations 


Rational iterations from Padé approximants 


The [i, j-th Padé approximant of ©, in f gives an iteration of order p=i+j+1 (ifn > p). Write Pi; 
for an iteration (of order «+ 7 +1) that is obtained using the Padé approximant [i,j]. For the second 
order (where the Newton iteration is Pj o)(%) = « — 4) this method gives one alternative form, namely 


f’ x f xf ( 


= @ = £ = 2 


2 
Po,1(2) e f+af' fte«f' (ef) 


f -1 
ie 5) (29.5-1) 


[fxtbook draft of 2008-January-19] 


570 Chapter 29: Iterations for the inversion of a function 


For the third order we find Pi,o)(%) = $3(x), Pij1j(©) = H3(x), and 


rAd i 

Pro,2\(2) 2f2f' 4 Qn ff’? + ao f2 fl 4 2x2 f/ (29.5-2a) 

xf (arr er” + 2x’) 
= 2£ (2f2f + Qe f fi? + wf2f" + 2a? f’) (29.5-2b) 

2 2en\ 1 
= = (1 5 an oo) (29.5-2c) 

-1 

= f Pie fe) ; f? 

= 2 (: (a f") Xa fe oo) (29.5-2d) 


Alternatively one can use the Padé approximant Aj;,;; of (®(a)—«)/f in f where ®() is a given iteration 


of order >i+7+2. Then BF a := 2+ f+ Aj,s) is an iteration which has order n =1+ 7 + 2. 


aff" 


B51 (2) i af? — ff" = H3(z) (29.5-3a) 
frseF)) 
Bi gz) = «x oe = $3(z) (29.5-3b) 
The iterations 6+ of order n are expressions in 2, f, f’,..., f(~)). Fourth order iterations are 


f (6 f° De ie f! _ f? f' i +3 f? if) 


OF ai (7) = 2 6 fF (29.5-4a) 
ti i ” ce "" pil 
= tape tl — GF (37°? — ff") = Sa(z) (29.5-4b) 
ee ye ae sles iy, 
=. ig 72 \ 7 + afi + 678 (29.5-4c) 
- f Cag rig _ ne ia ae a7 - — 
[1,1] (x) f (2f f fit — 6f fl? 4 6 f”? fF) ( 4 ) 
12 ff" 
i,2) (2) ”— Top ep PPP 4a P PRY 3 PP) (29.5-4e) 
; i 3 2 Q fl fu 
= 2 f ul : ( : os (29.5-4f) 


fo 2f 17% 


The iteration 6+ 


[n 
forms of iterations using the approximants [0,n — 2], [1,n —3], ..., [n — 3,1]. 


0] always coincides with Schréder’s iteration. In general one obtains n — 1 additional 


Neglecting terms that contain the third derivative in relation |29.5-4d|we obtain the third order iteration 


a far? — 18") (29.5-5) 
ie f QP? 77/7") es 


[fxtbook draft of 2008-January-19] 


29.6: Improvements by the delta squared process 571 


An iteration involving radicals 
By directly solving the truncated Taylor expansion 
1 
f(r) = F(a) + F'@)(r—2) + 5 f"@) (2) (29.5-6) 


of f(r) =0 around « one obtains the following third order iteration: 


@; = - ge (te Vi—oMF) =2-§ (14 1-2ff | (29.5-7) 


For f(x) = ax? +ba+c it gives the two solutions of the quadratic equation f(a) = 0; for other functions 
one obtains an iterated square root expression for the roots. 


The following form, given in [229] p.94], avoids possible cancellation: 


2u ! op 3 
® = 2 TEEN eee er where u=f/f’ and A= f"/(2f) (29.5-8) 


It can be obtained by observing that 


—b+ Vb? — 4ac _ —2c (29.5-9) 
2a b+ /8? — dac , 


Iterations from iterations 


Alternative rational forms can also be obtained in a way that generalizes the method used for multiple 
roots: if we emphasize the so far notationally omitted dependency from the function f as ®{f}. The 
iteration ®{f} has fixed points where f has a root r, so z — ®{f} again has a root at r. Hence we can 
build more iterations that will converge to those roots as ® {x — ®{ f}}. For dealing with multiple roots 
we used ® {x — ®o{ f}}, = ®{f/f’}. An iteration ®, {x — ®,{f}} can only be expected to have a k-th 
order convergence. 


29.6 Improvements by the delta squared process 


Given a sequence of partial sums xz the so-called delta squared process computes a new sequence x; of 
extrapolated sums: 


2 
(Lp+2 = Le41) 
Ce+2—2Cp414+ Lr 


Be ate (29.6-1) 


The method is due to Aitken. The name delta squared is due to the fact that the formula can be written 
symbolically as 


‘ (Ax)? 
=2- 29.6-2 
v=2 (A2=) ( ) 
where A is the difference operator. 
Note that the mathematically equivalent form 
Lk Lk4+2 — a ig 
Ls = 5 (29.6-3) 
Uk+2 — 4Uk4+1 1 Lk 


[fxtbook draft of 2008-January-19] 


572 Chapter 29: Iterations for the inversion of a function 


sometimes given should be avoided with numerical computations due to possible cancellation. 


If c, = ys a; and the ratio of consecutive summands a; is approximately constant (that is, a is close to 
a geometric series) then 2* converges significantly faster to 7. than x. Let us partly rewrite the formula 
using 2, — Lp—-1 = Ar: 


2 
ve = wry - (asa) (29.6-4) 
Qk+2 — Ak41 


Then for a geometric series with ax41/azn = ¢ 


2 k+2\2 
Le = Ley2- a = LK42 = (cog = = (29.6-5a) 
= il — taggtt?- ast en = = (1 — gt ¥3 + gt+3) (29.6-5b) 
= ~ ; (29.6-5c) 
which is the exact sum. Now consider the sequence 
Lo, %1= (x0), w= O(x1) = P(G(x)), ... (29.6-6) 


of successively better approximations to some root r of a function f. Think of the x, as partial sums of 
a series whose sum is the root r. Apply the idea to define an improved iteration ®* from a given one ®: 
2 
[®(®(x)) — &(2)| 
®(®(xr)) —20(xr) +2 


®*(x) = &(P(2)) (29.6-7) 
The good news is that ®* will give quadratic convergence even if ® only has linear convergence. As 
an example, take f(x) = (a? — d)?, forget that its root Vd is a double root and happily define ®(2) = 
x — f(x)/f' (x) =a — (a? — d)/(4x). Convergence is only linear: 


&(Vd-(1+e)) = Vva- (1 + : + 2 + ote) (29.6-8) 
Then try 
b*(2) = eee (29.6-9) 


and find that it has quadratic convergence 


®(Vd-(1+e)) = vd- (1 = . + . + ote')) (29.6-10) 


In general, if ®,, has convergence of order n > 1 then ®* will be of order 2n — 1, but linear convergence 
(n = 1) is turned into second order, see [137] p.165]. 


[fxtbook draft of 2008-January-19] 


573 


Chapter 30 


The arithmetic-geometric mean 
(AGM) 


The arithmetic-geometric mean (AGM) is the basis for fast algorithms for the computation of 7 to high 
precision. We give AGM based algorithms for the computation of certain hypergeometric functions. 
AGM-based algorithms for the computation of the logarithm are given in section B1.1-l]on page[597| and 
for the exponential function in section [B1.2.T]on page [603] 


30.1 The AGM 


The arithmetic-geometric mean (AGM) plays a central role in the high precision computation of loga- 
rithms and 7. The AGM(a, 6) is defined as the limit of the iteration 


J+) 
Oks = — (30.1-1a) 


V ak br (30.1-1b) 


starting with a9 = a and bo = b. Both of the values converge quadratically to a common limit. The 
related quantity c, used in many AGM based computations is defined as 


be+1 


Ge = af —bf = (ae-1 — ox) (30. 1-2) 


An alternative way for the computation for the AGM iteration is 


ap — br 


an = (30.1-3a) 
“s: 

dem, ae : (30.1-3b) 

esr = 4/021, — Gay (30.1-3c) 


Schénhage gives the most economic variant of the AGM, which, apart from the square root, only needs 


[fxtbook draft of 2008-January-19] 


574 Chapter 30: The arithmetic-geometric mean (AGM) 


one squaring per step: 


Ag =. a (30.1-4a) 
Bo = b (30.1-4b) 
to = 1- (Ao — Bo) (30.1-4c) 
An +B 
S. = aes k (30.1-4d) 
b, = VBr [square root] (30.1-4e) 
b 
Ont = ae : (30.1-4f) 
Arti = a4, [squaring] (30.1-4g) 
oy 2 
A, t+VB Apt+Bye VA,B 
(es) ee (30.1-4h) 
a 4 2 
Brat = 2(Arii— Se) = bear (30.1-4i) 
Cha = Apyi— Bey = Gna — bey (30.1-4j) 
bp? Spe Gag (30.1-4k) 


Starting with a9 = Ao = 1, Bo = 1/2 one has 7 & (2.a?)/t,. The importance of the AGM is related to 
the fact that it can be used to compute certain hypergeometric functions fast. Indeed, one has 


4 4 b? a 1 
F( 1 1-5) ~ “AGM(a,b) — AGM(I,b/a) ee) 


The relation is usually written as 


il 
= Gab ~ AGM VIS ee) 
corresponding to AGM(1,k), that is 
ag = 1, bo =k, and co= V1-k? (30.1-7) 
The quantity 
Ri(k) = 1- ; yon (30.1-8) 
together with the AGM leads to a fast algorithm for the function F (“4 2 k), see section 30.2 
Combining two steps of the AGM iteration leads to the fourth order AGM iteration: 
ao = ao (30.1-9a) 
Bo = vVbo (30.1-9b) 
O41 = = z Br (30.1-9c) 
Peo = (cece +) a (30.1-94) 
% = %-OE =e (30.1-9e) 


[fxtbook draft of 2008-January-19] 


30.2: The elliptic functions K and E 575 


We have ag = \/G2x, Ge = Vb2x. An alternative formulation of the iteration is: 


kt. = ant (30.1-10a) 
Ga <= ante (30.1-10b) 
1/4 
Bear = (o8,,—7841)” (30.1-10c) 
2) 
On +21 = U1 — (OK — Yk) (30.1-10d) 


Compute R’ via 


Ri(k) = 1- - 4” (ss a (= a ty) (30.1-11) 


n=0 


30.2 The elliptic functions K and E 


The elliptic functions K(k) and E(k) can be computed via the AGM which gives super-linear convergence. 
The logarithmic singularity of K(k) at the point & = 1 (relation see also relation [31.1-1a] on 
page]597) is the key to the fast computation of the logarithm. The exponential function could be computed 
by inverting the logarithm but also as described in section [31.2.1] on page [603] For computations with 
very high precision the algorithms based on the elliptic functions are the fastest known today for the 
logarithm, the number 7, and the exponential function. 


30.2.1 Elliptic K 


The function K can be defined as 


mi dv A dt 
K(k) - | aa [ aopacs (30.2-1) 


One has 
2 fed 
K(k) = rr (7? |W) (30.2-2a) 
. 2 

TO (2i —1)!! 55 T () 24 

= pe X iJ ) 42 30.2-2b 
5 (Sa) =F (302-2) 

i=0 i=0 

T i 1.35" isgah\* 

= —f14+{—) k —_“ \ A ko +... 30.2-2 
2 (5) +54) +(e) * nee 

122 

2 apa ee ee... (30.2-2d) 

2 4 64 256 16384 65536 


See section }35.2.7|on page [677] for transformations in terms of hypergeometric functions. Special values 


are K(0) = § and lim,_.;—- K(k) = +oo. 
2) = 1/AGM(1, V1 — z) (see section on page 573): 
7 7 


K(k) = SKGM(Le) = 3 AGM(1, V1 — k2) —— 


One defines k’ = V1 — k? and K’(k) as K(k’): 


K'(k) = K(V/1—k?) = mane (30.2-3b) 


The computational interesting form is F’ (3 


[fxtbook draft of 2008-January-19] 


576 Chapter 30: The arithmetic-geometric mean (AGM) 


A C++ implementation of the AGM based computation is given in [hfloat: src/tz/elliptic-k.cc). 


For k close to 1 we have 


4 
K(k) ®& lo 30.2-4 
The following estimate is given in [52] p.11]: 
4 
Kw — log _ < 4k*(8+logk) where 0<k<1 (30.2-5) 


Product forms for K and K’ that are also candidates for fast computations are, for 0 < ko < 1, 


2 , = 7 2 = 7 / ‘ a 2 Vin = 

= K'(ko) = Wink = [1+ where knjr = PEGs hoe = 1 (80.2-6a) 
Ds) I 1 L+kpy a 

os K (ko) = i Jia where kn+t = Jk, Koa =1 (30.2-6b) 


The second form is computationally especially attractive since, apart from the multiplication with the 
main product, only a inverse square root needs to be computed per step. The product formulas follow 


directly from relation |30.2-3b}] (and AGM(a, b) = a AGM(1,b/a) = b AGM(a/b, 1)): 


1 1+k aa 
AGMILA = [Ac (> 5 vi) (30.2-7a) 
= |14* sem (1,2%* (first form) (30.2-7b) 
1+k 
-1 
= vi AGM (—. i)| (second form) (30.2-7c) 
Similarly, for 0 < ky <1, 
7.2 _ 1—k!, 
-K(ko) = [J es [[ 14%, where knyi := rie king = 0 (30.2-8) 
n=0 n n=1 n 


Certain values of the gamma function can be expressed in K (taken from [233] p.12]): 


= 1/3 
1 que V3-1 

T( = = K .2- 
(3) 31/12 (4 (30.2-9a) 
1 1 1/2 

T(-) = w/42K( — -s 
G . (a) a 

/4 

1 -_ 1/8 5917/8 1\' _ ue 

r(5) = ANSQ8 K ( K (v2 1) (30.2-9c) 


30.2.2 Elliptic E 


The function & can be defined as 


V1 242 
-{" V1—k? sin? 0d0 -[% FE —> dt (30.2-10) 


[fxtbook draft of 2008-January-19] 


30.2: The elliptic functions K and E 577 


One has 


7 at 2d 
EMR) = ( ale (30.2-11a) 
7 
ein?) /@)\ 
( 9% j! %—-1] 2 Ai i-1 (30.2-11b) 
2 2 2 
1¢3\~ kt 15905" HE 
ke 211 
) (53) 3 (G+) 5 (30 c) 


5 ye 175 5 441-10 
64° 256 16384" 65536 


(30.2-11d) 


Special values are £(0) = 5 and E(1) = 1. The latter leads to a (slowly converging) series for 2/7: 


9 il 
- = F(23)1 O19 
: eu) (30.2-12) 
Similarly as for kK’, one defines E’ as 
E’(k) := E(k’) = E(\/1-k?) (30.2-13) 
The key to fast computation of EF is the relation 
E Laon 2 
=~ = 1-= 2h .2-14 
ri 5 dX a (30.2-14) 


The terms c’ in the sum occur naturally during the computation of the AGM, see relation |30.1-2] on 
page One defines 


FE’ 


E / 
p— I ea SS 2-1 
R ra R a (30.2-15) 
Then FE can be computed via 
T eae 
Ly = RRR) = -{1 ed 30.2-16 
(kt) = RQ)K() es ( S : (30.2-16) 
Legendre’s relation between K and E is (arguments omitted for readability, choose your favorite form): 
E Ff T 
K + Ki 1 = IKK (30.2-17a) 
EK’+E'K—KK' . (30.2-17b) 
Equivalently, 
E/K R 
AGM(1,k) = = 30.2-18 
For k = wa =: s we have k = k’, thereby K = K' and E = E’, so 
K 2E K 1 
T T T 27 


As expressions |30.2-3a]and|30.2-16]provide a fast AGM based computation of x and z the above formula 


can be used to compute 7. 


[fxtbook draft of 2008-January-19] 


578 Chapter 30: The arithmetic-geometric mean (AGM) 


Using E-K = kk’ ue —k? K one can express the derivative of K in terms of E and K and thereby 
compute that quantity fast: 


dK B-k? kK 
a 7 ee) 
For the derivative of E we have 
dE E-K 
a = i (30.2-21) 


We note the following generalization of Legendre’s relation in terms of hypergeometric functions (see 
section on page (663): 
Ti+a+b)T1+c+)) 


P(2+a+b+erG+s) (30.2-22) 


+5-a, +4+¢ 
F 2 2 1— 

er a 

1 1 1 a 
se ee lg gi ee ed 
fsa ad l+e+b 
1 1 
Je 


This equation is given in p.138]. For a = b = c=0 one obtains Legendre’s relation. 


1 


30.3. AGM-type algorithms for hypergeometric functions 


We give AGM based algorithms for ame a z) where s € {0, 1/6, 1/4, 1/3}, and 


F Gaae weak z) where t € {1/12, 1/6}. These are taken from and [117], both papers are rec- 


ommended for further studies. See also [175], [54], [75], and [74]. The limit of a three-term iteration as 
a generalized hypergeometric function is determined in . A four-term iteration is considered in : 


The following transformations can be applied to the functions, these are special cases of relations|35.2-31la 
and |35.2-31b]on page 
lis lis 
= paras 2 
ake 


1 1 
5+5,5—-8 
F{ 2 72 
( 1 


u tt Ot, £ — 2H) 1 
F t +t, 4 |) = fF t t, 2 | 1) (30.3-1b) 


1 
A4z(1 — :)) where |z| < 5 (30.3-1a) 


1 2 


Algorithms for F' Gece 2) [1/2 + 0] 


The following is relation |30.2-3a]on page the classical AGM algorithm which has quadratic conver- 
gence: 


ey) = 1/M(1,VI—2) where (30.3-2a) 
M(a,b) = |(a+6)/2, Vab| (30.3-2b) 


We write the AGM as M := [f(a,6), g(a, b)] in the obvious way. 


[fxtbook draft of 2008-January-19] 


30.3: AGM-type algorithms for hypergeometric functions 579 


A fourth order algorithm obtained by combining two steps of the classical AGM: 


1/2, 1/2 
F ( / if / | :) = 1/M(1,¥1—2) where (30.3-3a) 
M(a,b) := [(a + b)/2, /ab(a? + B) 72] (30.3-3b) 
For comparison, we give the quadratic transform for the hypergeometric function 
il 11 
ea :) = a+ar(?? 2) (30.3-4a) 
where 
1 (1 = gl? 
= SS 30.3-4b 
14+ (1-2')1/2 ( ) 
j eee 
Zz = 1l- (30.3-4c) 
1+z 


It is the special case a = 1/2 and b = 1/2 of the transformation 
a,b} 4z a, b Las" a,a—b+5 
p(® — = ji- = (142)*F[’ a : 30.3-5 
& ca) & G3)) ae ( b+i |” ae 


z) [1/2 + 1/6] 


Algorithms for F Coe 


A third order algorithm: 


pe) = 1/M(¥1—2,1) = vimana) where (30.3-6a) 


M(a,b) := [(a + 20)/3, */b (@ + ab +P) /3| (30.3-6b) 
One further has 
FCM) = 1/M (1, Y1—2) (30.3-7) 
A quadratic algorithm: 
F Gea :) = 1/M(1, /1—z) where (30.3-8a) 
M(a,b) := E (4/2p— 03 + V2m — a3) ; (Y/p+ yi)| and —(30.3-8b) 
p := +44, m := B-t, t:= V/b6—a3b3 (30.3-8c) 
And again (see relation [30.3-6a): 
FCB) = 1/M(¥1-z,1) = vizer (2) (30.3-9) 


We note the following hypergeometric transformation due to Ramanujan: 


1 2 
Fi{ 3’? 3 
1 


[fxtbook draft of 2008-January-19] 


1 2 
:) = a+22)F(*5|2) (30.3-10a) 


580 Chapter 30: The arithmetic-geometric mean (AGM) 


where 


1-(1-2'/)¥/8 
1+2(1-7)1/8 


3 
ge zs Ae 1l-—z 
1+ 2z 


PA = 


The general form is given in [86]: 


c,e+ 5 tay \" 36 c, c+ 3 
r( Bgl b-(3)) = era Set5 


(30.3-10b) 


(30.3-10c) 


| °) (30.3-11) 


For c = 1/3 one obtains relation }30.3-10a]|_ A computer algebra proof that relation |30.3-11] is the only 
30.3-10c 


possible generalization of relation |30.3-10clis given in [158]. 


An alternative quadratic algorithm is 


F | :) = 1/M(1,W) where 
M(a,b) := [a +)/2, (3, Vb (0 + 2a)/3 - 5) /2| 
Wo: a Rix Woi+ul 


It is given in the form 


(30.3-12a) 


and (30.3-12b) 


u:= 1-22 (30.3-12c) 


1/3, 2 ‘ 
F ( - 3) (1—2) (1+ 2/2)? = 1/M(1, 2) (30.3-13) 
A product form can be derived from Theorem 6.1]: Let 
_ 2(34+2) 
a(z) 2a42)8 (30.3-14a) 
2 1/3 
p(z) := les tha where 7 := [22 +2V227-2z- 1 (30.3-14b) 
r 
then, with to := 1— z and ty41 := a(p(ts)), 
=a 
1/3,,2/8 ry it p(tr) 
F ( : | :) = TI ee (30.3-14c) 


Convergence is quadratic. The function p(z) is the real solution of p(3(z)) = z where 3(z) := (z?(3+2))/4. 


Algorithms for F Gag 


2) [1/2 + 1/4] 
A quadratic algorithm: 


Queena = 1/M(1,VI—2)"” where 


M(a,b) := l(a + 3b)/4, /b(a +b) 72] 


One further has (note the swapped arguments in the mean) 


(30.3-15a) 


(30.3-15b) 


F Gua = ij G/i—2, 1)" = Vi—2P Gag :) (30.3-16) 


[fxtbook draft of 2008-January-19] 


30.3: AGM-type algorithms for hypergeometric functions 581 


Now set Ay := v/ (az + b,)/2 and By := Vbx, then 


1 
Agi = 3 (Ax + Br) (30.3-17a) 
Bez = VA Be (30.3-17b) 


This is the iteration of the classical AGM. Thereby 


M(a,b)'/? = scar ( val (30.3-18) 


and one can employ the AGM scheme of Schonhage (relations |30.1-4a} . . |30.1-4k]on page |574). Equiv- 


alently, 


F Gana :) = aj sew | 4a a =e iee (30.3-19) 
We also have 
F crag :) = aye |g et" — 1 (30.3-20) 


For comparison, we give the hypergeometric transformation 


1 3 1 3 
a ‘| = vivser (#3 2) (30.3-21a) 
where 
1 (1 _ gyt/2 
es ares (a2 (30.3-21b) 
) eee 
z = 1- ace (30.3-21c) 
is the special case d = 1/4 of the transformation 
d,d+ Z d,d+ i 
F ( see z :) = (1432) F ( abe : a) (30.3-22) 
3 6 


This is taken from [118] where various such transformations and their generalizations are given. 


Algorithm for F Gea z) [1/41/12 


A quadratic algorithm is 


F Gene | :) = 1/M(1,W)/? where (30.3-23a) 
M(a,b) := l(a + 3b)/4, (Vab + b) /2| and (30.3-23b) 
W ocx eons re [V2 ies z| a (30.3-23c) 
It is given p.515] as 
E | 27 4? (1 — )/4)| = 1/M(1,2) (30.3-24) 


One can solve for the argument of F to obtain the explicit form. 


[fxtbook draft of 2008-January-19] 


582 Chapter 30: The arithmetic-geometric mean (AGM) 


Algorithm for F (/,°/” 


z) [1/4 + 1/6] 


The following algorithm has quadratic convergence, W is defined by relation |30.3-23c 


1/12, 5/12 
F( / A :) = 1/M(1,W)/* where (30.3-25a) 
M(a,b) := [(a + 15b)/16, (vi(a + 3b) /4 + b) /2| (30.3-25b) 
The next relation is the special case a = 1/6 of relation |35.2-40e| on page [669] 
é é 1/6 iz) ia|_—42 
F(® = (1—z)-V6 p( | 30.3-26 
a) eae ea (009.25) 
The following relations are given in [175] p.17]: 
11 1/12 1 5 
aca] |) | wpaciess ro eee eee -2 
F( 1 =) Fe las 6)| ( 1 |@+163 (oO ea) 
ia 1 Ue ee 1728 z 
Fed cae _* _ a 3(y49 pl 21 3-2 
( 1 =) E ere 0] ( 1 |@+38(@+ =) eee) 
11. Y 1 of 2 Sy IB 2 (e+ 16) 
p(p2}_2) _ 24 162416) Be ie? Ta) 2 ee 3007 
( 1 a) Fr Me wee 6)| ( 1 | (2 4162+ ar) ¢ q 


30.4 Computation of 7 


We give various iterations for computing 7 with super-linear convergence. The number of full precision 
multiplications (FPM) is an indication of the efficiency of the algorithm. The approximate number of 
FPMs that were counted with a computation of 7 to 4 million decimal digits (using radix 10,000 and 
1 million LIMBs) is indicated like this: #FPM=123.4. The number is computed as three times the 
FFT-work in terms of full precision real valued FFTs. 


30.4.1 Super-linear iterations for 7 


AGM implemented in [hfloat: |src/pi/piagm.cc), #FPM=98.4: 


1 
ag = 1, bo = Va (30.4-1a) 
+b 
ia “howe (30.4-1b) 
beat = Vak bp (30.4-1c) 
2 ant (30.4-1d) 
Pron = 7 Tv ‘ 
ce ae ee ch 
29gnt+4 —7Qnrtt 
2 eo (30.4-1e) 


AGM? (ao, bo) 


Convergence is second order. Computing 7 based on the fourth order AGM (relations|30.1-9aJ . . |30.1-9e 
on page |574) is possible by setting the second argument of the routine (#FPM=149.3 for the quartic 


variant). Schénhage’s variant of the AGM computation (relations |30.1-4a} .. |30.1-4k] on page |574) is 
implemented in [hfloat: |src/pi/piagmsch.cc) (##FPM=78.424). 


[fxtbook draft of 2008-January-19] 


30.4: Computation of 583 


The AGM method goes back to Gauss, a facsimile of the entry in his 1809 handbook 6 is given in [17 
p.l01]. The entry states that 


AGM(1,k) AGM(A, k’ 
a te = ) (30.4-2) 
1= ye” (et ee) 


where k’ = bo/ag and k = \/1 — b2/a2 = co/ao. For k = k! = 1/2 one obtains relation |30.4-1d] The 
formula appeared also 1924 in [150| p.39]. The algorithm was rediscovered 1976 independently by Brent 
60} (reprinted in [34] p.424]) and Salamin [204] (reprinted in [34] p.418]). 


AGM variant given in [50], [hfloat: src/pi/piagm3.cc|, #FPM=99.5 (#FPM=155.3 for the quartic vari- 


ant): 


6+ V2 
a = 1, b= _s (30.4-3a) 
OOF ag 
Pr = = ——— a (30.4-3b) 
/3 (1 — seep 2* 2?) -—1 
3 2 gn+4 —V3r2"tt 
1 —Dn vee ila (30.4-3c) 


AGM? (ao, bo) 


AGM variant given in [50), [hfloat: src/pi/piagm3.cc,, #FPM=108.2 (#FPM=169.5 for the quartic 


variant): 
6-— V2 
a = 1, w= = (30.4-4a) 
6az44 
Pn = = a 7 30.4-4b 
V3 (1 — peg 2 2) 4.1 ( ) 
= nont4e Vi nant 
3 
T—DPn < 30.4-4c 
AGM(ao, bo)? eo 
Second order iteration from p.170], [hfloat: src/pi/pi2nd.cc), #FPM=255.7: 
1 1 
= —S a = = 30.4-5a 
Yo V2 0 5) ( ) 
la(lagy* 
= 0 30.4-5b 
me = Tape 8 een 
(l—yg) 7? -1 
= SS 30.4-5 
(= yg)? +1 es) 
1 
G@gay = Og (Lap)? -— 2! yp = (30.4-5d) 
gag? << jee (30.4-5e) 


Relation |30.4-5c|shows how to save 1 multiplication per step (see section on page|541). 


Borwein’s quartic (fourth order) iteration from [52) p.170], variant r = 4, implemented in [hfloat: 


[fxtbook draft of 2008-January-19] 


584 Chapter 30: The arithmetic-geometric mean (AGM) 


src/pi/pi4th.cc|, ##F PM=170.5: 


yo = vV2-1, a = 6-4V2 (30.4-6a) 
L(y) 

= 04 30.4-6b 

Yk+1 1+(1-y))'/4 : ( ) 


(1—yp)7/4-1 


= oe 30.4-6 
Gy) +1 nes) 
1 
Qg41 = a (14+ Ye+1)" i a Veer (1 Yea Wei) ae (30.4-6d) 
= ag ((1 + yegi)®)? — 27773 yeaa (1 + yes)? — yeti) (30.4-6e) 
0 < ag—mw'<16-4"2e°* 7" (30.4-6f) 


Identities |30.4-6c] and |30.4-6e]show how to save operations. 


Borwein’s quartic (fourth order) iteration, variant r = 16, implemented in [hfloat: src/pi/pi4th.cc’, 
#FPM=164.4: 


1-2-1" 8//2—2 
w = Tyee 8% = Gagne (30.4-7a) 
daa 1 
= 0 30.4-7b 
Yk+1 (l—y)-4 41 i ( ) 
1 
Oke. = ae (1+ yesi)* — 2744 ype (1+ yeti t yes) (30.4-7c) 
0 < g,—7 *<16-4"4e-4"** (30.4-7d) 


The operation count is unchanged, but this variant gives approximately twice as much precision after the 


same number of steps. The general form of the quartic iterations (relations |30.4-6a] .. and |30.4-7al ..) is 
given in pp.170ff]: 


Yo = A*(r), ap = a(r) (30.4-8a) 
egy 
41. = 04 30.4-8b 
Yk+1 (1—y4)-4 +1 ‘ ( ) 
1 
Ory = Oe (Lt yegr)* — 2784? Vr ye (1+ yeti teu) 2 (30.4-8c) 
O << ten = ied fre" (30.4-8d) 


Derived AGM iteration (second order, from {52| pp.46ff]), implemented in [hfloat: src/pi/pideriv.cc., 
#FPM=276.2: 


to = V2, py = 2+V2, yw = 24 (30.4-9a) 
1 1 
tet = 5 (var+ =) G20) 414 (30.4-9b) 
1 
Vinh 
Ye = ae ve (k>1) 14 (30.4-9c) 
Yr+1 ~ 
+ 
Pett = Dk = ; (21) a04+ (30.4-9d) 
a 


gkt+1 


Pr—-mw < 107 (30.4-9e) 


[fxtbook draft of 2008-January-19] 


30.4: Computation of 585 


Cubic AGM iteration (third order) from [56], implemented in [hfloat: src/pi/picubagm.cc) , #FPM=182.7: 


Sot 
a = 1, b= _ (30.4-10a) 
2b 
io aoe (30.4-10b) 
2 b2 
bnti = = (ar ae Pn + Oo) (30.4-10c) 
3a? 
Pn = wt 7 (30.4-10d) 
1— Yi p-0 3* (az — az 41) 
Quintic (5th order) iteration from [52] p.310], [hfloat: src/pi/pi5th.cc), #FPM=353.2: 
1 
89 = 5(V¥5—-2), ap = ; (30.4-11a) 
Os Pa 2d (30.4-11b) 
Sn 
y = (z-1)?+7 -16 (30.4-11c) 
1/5 
— (5 (y+ Vy —40)) 2 (30.4-11d) 
25 
ntl = 1 30.4-11 
a Sn(z+a/z+1)? ( e) 
s2 —5 1 
Ont. = 820, —5" (85 + /sy, (82 — 28, + 5) ae (30.4-11f) 
TT 
i i 
Qn—-— < 16-5%e77® (30.4-11g) 
Tv 


Cubic (third order) iteration from [25], implemented in [hfloat: src/pi/pi3rd.cc|, #FPM=200.3: 


a = , 80 = == (30.4-12a) 
a tS TR Says (30.4-12b) 
Skt = "ert (30.4-12c) 
Akt. = Tey On — 3° (r2Z4, —1) ++ (30.4-12d) 


[fxtbook draft of 2008-January-19] 


586 Chapter 30: The arithmetic-geometric mean (AGM) 


Nonic (9th order) iteration from [25], implemented in [hfloat: |src/pi/pi9th.cc , #FPM=273.7: 


1 e—41 
a = 3 T= — , 689 = (1—-r8)¥8 (30.4-13a) 
t = 142, (30.4-13b) 
u = (9re(1+re+72))" (30.4-13c) 
v = P+tut+e (30.4-13d) 
2 
i = EE) (30.4-13e) 
U 
; 1 
Gey = ma,pt3?2*"(1-—-m) 3 (30.4-13f) 
TT 
(1 —r,)3 
a = 30.4-13 
Sk+1 Gp oue ( g) 
Tra = (1—s%)¥3 (30.4-13h) 


30.4.2 Measured timings and operation counts 


#FPM - order - routine in hfloat - time 
78.424 - 2 - pi_agm_sch() = 76 sec 
98.424 - 2 - pi_agm() - 93 sec 
99.510 - 2 - pi_agm3(fast variant) - 94 sec 

108.241 - 2 - pi_agm3(slow variant) - 103 sec 
149.324 - 4 - pi_agm(quartic) - 139 sec 
155.265 - 4 - pi_agm3(quartic, fast variant) - 145 sec 
164.359 - 4 - pi_4th_order(r=16 variant) - 154 sec 
169.544 - 4 - pi_agm3(quartic, slow variant) - 159 sec 
170.519 - 4 - pi_4th_order(r=4 variant) - 160 sec 
182.710 - 3 - pi_cubic_agm() - 173 sec 
200.261 - 3 - pi_3rd_order() - 189 sec 
255.699 - 2 - pi_2nd_order() - 240 sec 
273.763 - 9 - pi_9th_order() - 256 sec 
276.221 - 2 - pi_derived_agm() - 259 sec 
353.202 - 5 - pi_5th_order() - 329 sec 


Figure 30.4-A: Measured operations counts and timings for various iterations for the computation of 7 
to 4 million decimal digits. 


The operation counts and timings for the algorithms given so far when computing 7 to 4 million decimal 
digits (using 1 million LIMBs and radix 10,000) are shown in figure In view of these figures it 
seems surprising that the quartic algorithms pi_4th_order() and the quartic AGM pi_agm(quartic) 
are usually considered close competitors to the second order AGM schemes. 


Apart from the operation count the number of variables used has to be taken into account. The algorithms 
using more variables (like pi_5th_order()) cannot be used to compute as many digits as those using 
only a few (notably the AGM-schemes) given a fixed amount of RAM. Higher order algorithms tend to 
require more variables. 


A further disadvantage of the algorithms of higher order is the more discontinuous growth of the work: 
if just a few more digits are to be computed than are available after step k then an additional step is 
required. Consider an extreme case where an algorithm JT of order 1,000 would compute 1 million digits 
after the second step, at a slightly lower cost than the most effective competitor. Then algorithm T would 
likely be the ‘best’ one only for small ranges in the number of digits around the values 10°, 10°, 10°, .... 


Finally, it is much easier to find special arithmetical optimizations for the ‘simple’ (low order) algorithms, 
Schénhage’s AGM variant being the prime example. 


[fxtbook draft of 2008-January-19] 


30.4: Computation of 
30.4.3. More iterations for 7 


The following iterations are not implemented in hfloat. 


Third order algorithm from : 


e: = Oe. en ed (a = 31/2) g-1/2 4 3v4) 
w = 1, a = 1, Bo = 0 
1/2 
thi = va {8 + [4v2.(1 — v8)] = + Un—1 
7 208 + unga (3024102 -— 1 
lala 2u3 4) — Un (3u2,,02 -1) ” 
cay 
An4+1 = +1 An 
Un 
Qv3 U2 11 Qn 
Bn41 = ( rs 1) Bn + (6Wn+1Un — 2Un41Wn) a 
Un Un 
8. 91/8 
Tn Fat 3 


a = 1/3, mo = 2 
4 
Mnt1l = 
14+ /(4— mp) (2+ mn) 
he 1 
An+1 = My An + ll ta) mes 
3 T 
Implicit second order algorithm from (also in p.700]): 
a = 1/3, ss. = 1/3 
(Sn)? + (sn)? = 
(14+38n41)(14+387) = 4 
AQn41 = (14+38n41) Qn —-2"Sn41 


1 


587 


(30.4-14a) 
(30.4-14b) 


(30.4-14c) 
(30.4-14d) 
(30.4-14e) 
(30.4-14f) 


(30.4-14g) 


(30.4-15a) 
(30.4-15b) 


(30.4-15c) 


(30.4-16a) 
(30.4-16b) 
(30.4-16c) 
) 


(30.4-16d 


It is trivial to turn this algorithm into an explicit form as with the next algorithm. However, there exist 


iterations that cannot be turned into explicit forms. 


Implicit fourth order algorithm from [57] (also in p.700]): 


a = 1/3 s, = V2-1 
(Sn)*+(s,)) = 1 
(14+35n41)(1+3s5%) = 2 
4 qrtrl 
An4+1 = (1 + Bri) An + 


(14 S41)" 


3 


[1 


=> 


30.4-17a 
30.4-17b 
30.4-17¢ 


ey ae 


Former 
Sa Ww a wH 


30.4-17d 


— 


Combining two steps of the fourth order iteration leads to an algorithm of order 16. The following form 


[fxtbook draft of 2008-January-19] 


588 


is given in [57] p.111): 


Sn41 


Chapter 30: The arithmetic-geometric mean (AGM) 


1/3, ss = V2-1 
(co 
ijd+sy 


xe(las,) 
4g2n-1 


16 Yn An-1 + (1 


3 
1+s* 
>\ 11/4 
[ssi (1+s% )| 
(1 = az)? 
(¢ + u)? (1? + u?) 


12a%,—4yn] 7 


Quadratic iteration by Christian Hoffmann, given in p.5]: 


_ V2, bo _ 0, 


po = 2+V2 


= 5 (WViet lim) 1+ 


(30.4-18¢ 


(30.4-18h) 


(30.4-19a) 
(30.4-19b) 


(30.4-19c) 


(30.4-19d) 


Note that relation |30.4-19b} deviates from the one given in the cited paper which seems to be incorrect. 


This is a variant of the iteration given as relations [80.4-9al [30.4-9e] on page [584] The values p, are 
identical in both iterations. 


Cubic iteration given in [5I| p.125]: 


The cited paper actually gives a more general form, here we take N = 1 for simplicity. 


50 


Mn 


An+1 


An+1 


= /34+2¥V3, 
3/8n 


Cubic iteration given in p.1506, it-1.2]: 


if, = (v3-1) /2 


Note the corrected denominator in relation |30.4-21b| (exponent of s,_1 is wrongly given as 2). 


(4906) .) 

ie a eee 
n—-1 

(1—s3_,) 7? +2 


ag = 1/2 


[(s2 - 1) 42] fn 


= m2 an —3" (m2, +2m, — 3) /2 


ys 
Tv 


ae? 4g (a 1 28)? 1) 


[fxtbook draft of 2008-January-19] 


TT 


(30.4-20a) 
(30.4-20b) 


(30.4-20c) 


(30.4-20d) 


(30.4-21a) 


(30.4-21b) 


(30.4-21c) 


(30.4-21d) 


30.4: Computation of 7 


Quadratic iteration given in [75] p.1507, it-1.3]: 
ko = 0, so = 1/V2 


1—,/1—s2_, 
Sn = 
1+ ,/1—s2_, 
2 n 1 
kn = (14 Sn)*kp-1 +2" (1 — Sn) 5) > = 
T 
Cubic iteration given in p.1507, it-1.4]: 
ko = 0, so = 1/72 
1— s/1— al 
Ss; = 
1423/1-33_, 
kn = (14+28n)* kn_1+8-+3"?V38 ae 
Quadratic iteration given in p.1508, it-1.5): 
ko = 0, Yo = 8/9 
, 9 8Yn—1 — 5 Ym—1 + VYn-1(4 = Yn-1) 
" 9y?_4 ~ 6 Yn—1 + 1 
Yn-1 (1 = Yn—1) 
ky = 2°73 4 — 3 Yn—1) kn- 
v3 /4—39n_1 aR ( ¥y 1) 1 
Quadratic iteration given in p.1508, it-1.6]: 
ko = 0, Yo = 4/5 
2y2_4 —Yn-17T 4/ 4Yn—1 — 3y2_4 
= 1+ Yn-4 
Qn = Vun-1 a 1) (4 ca 3 Yn—1) (y2_4 —3Yn-1+ 4) 
2” Yyn—1 (1 — Yn 
kin = : : ( a 1) Qn + (2 — yn—1)” Kin 1 


V7 2— Yn-1 


Quadratic iteration (as product, two forms) given in [53) p.324]: 


ty = * (vé+2), Y= 5 (vé+4) 


2 (Vtn + tn) 
ce 14+ 32, 
24m + Yn/VEn + VEn 
on 1+ 3yn 
— oT (3a) 
8 11 (1+3yn)/4 
se 5+2v6 fy (1+ t/ven)” 
3 tL 14+3y, 


The definitive source for iterations to compute 7 and the underlying mathematics is [52]. 


[fxtbook draft of 2008-January-19] 


Be 


= 


= 


=i 


589 


(30.4-22a) 


(30.4-22b) 


(30.4-22c) 


(30.4-23a) 


(30.4-23b) 


(30.4-23c) 


(30.4-24a) 


(30.4-24b) 


(30.4-24c) 


(30.4-25a) 
(30.4-25b) 


(30.4-25c) 


(30.4-25d) 


(30.4-26a) 
(30.4-26b) 


(30.4-26c) 


(30.4-26d) 


(30.4-26e) 


590 Chapter 30: The arithmetic-geometric mean (AGM) 


30.5 Arctangent relations for z * 
This section is about relations of the form 
1 1 1 1 
k— = my arctan — + mg arctan — +...+m,y arctan — (30.5-1) 
4 Ly x2 Ln 
where k, mj ,...,Mn, ©1,---,%n € Z (in fact, & = 1 almost always). This is an n-term relation. For 


example, a 4-term relation, found 1896 by Stormer [222], is 


5 = +444 arctan = +7 arctan = — 12 arctan a + 24 arctan —_ (30.5-2) 
We use the following compact notation 
mi[xi] +m2[x2] + ... +mm[xn] == k * Pi/4 
for relation For example, Stgrmer’s relation [30.5-2] would be written as 
+44[57] +7[239] -12[682] +24[12943] == 1 * Pi/4 


We write the relations so that the arguments x; are strictly increasing. Further, n-term relations are 
sorted so that the first arguments 2 are in decreasing order (if x1...#,; coincide with two relations then 
the arguments x;+41 are used for sorting). For example, a few 6-term relations are 


+322[577] +76[682] +139[1393] +156[12943] +132[32807] +44[1049433] == 1 * Pi/4 
+122[319] +61[378] +115[557] +29 [1068] +22 [3458] +44 [27493] == 1 * Pi/4 
+100[319] +127 [378] +71[557] -15 [1068] +66[2943] +44[478707] == 1 * Pi/4 
+337 [307] -193[463] +151[4193] +305[4246] -122[39307] -83[390112] == 1 * Pi/4 
+183[268] +32[682] +95[1568] +44[4662] -166[12943] -51 [32807] == 1 * Pi/4 


Note that the second and third relation are sorted according to their fifth arguments (3458 and 2943). 
Among all n-term relations we consider a relation better than another if it precedes it. The first one is 
the best relation. Our goal is to find the best n-term relation for n small. For example, the relation 


+322[577] +76[682] +139[1393] +156[12943] +132[32807] +44[1049433] == 1 * Pi/4 
is the best (known!) 6-term relation. The best n-term relations for 2 <n < 12 currently known are 
shown in figure Note that k = —1 in the 10-term relation, and k = 2 in the 12-term relation. The 
best relations for 13 < n < 21 (shortened to save space) are shown in figure |30.5-B] Figure |30.5-C] gives 
just the first argument (x1) of the best relations for 2 <n < 27. 


+4[5] -1[239] == 1 * Pi/4 

+12[18] +8[57] -5[239] == 1 * Pi/4 

+44[57] +7[239] -12[682] +24[12943] == 1 * Pi/4 

+88[192] +39[239] +100[515] -32[1068] -56[173932] == 1 * Pi/4 

+322[577] +76[682] +139[1393] +156[12943] +132[32807] +44[1049433] == 1 * Pi/4 


+1587 [2852] +295[4193] +593[4246] +359[39307] 
+481[55603] +625[211050] -708[390112] == 1 * Pi/4 


+2192[5357] +2097[5507] -227[9466] +832[12943] 
+537 [34522] -2287[39307] -171[106007] -708[1115618] == 1 * Pi/4 


+3286 [34208] +9852[39307] +5280[41688] +7794[44179] 
+7608[60443] +4357[275807] -1484[390112] -1882[619858] +776[976283] == 1 * Pi/4 


+1106[54193] -30569[78629] -28687[88733] -13882[173932] 
+9127[390112] -9852[478707] -24840[1131527] +4357 [3014557] 
+21852[5982670] +23407 [201229582] == -1 * Pi/4 


+36462[390112] +135908[485298] +274509[683982] -39581[1984933] 
+178477 [2478328] -114569[3449051] -146571[18975991] +61914[22709274] 
-69044 [24208144] -89431[201229582] -43938[2189376182] == 1 * Pi/4 


+893758 [1049433] +655711[1264557] +310971[1706203] +503625 [1984933] 
-192064[2478328] -229138[3449051] -875929[18975991] -616556 [21638297] 
-187143[22709274] -171857[24208144] -251786[201229582] -432616[2189376182] == 2 * Pi/4 


Figure 30.5-A: Best n-term arctan relations currently known for 2 <n < 12. 


[fxtbook draft of 2008-January-19] 


30.5: Arctangent relations for 7 * 591 


+1126917 [3449051] +1337518[4417548] ... -216308[2189376182] == 1 * Pi/4 

+446879 [6826318] +5624457 [8082212] ... +483341[17249711432] == 1 * Pi/4 

+5034126 [20942043] +1546003[22709274] ... +1337518[250645741818] == 1 * Pi/4 

+14215326 [53141564] +6973645[54610269] ... +8735690[34840696582] == 1 * Pi/4 

+12872838 [201229582] +27205340[203420807] ... +35839320[134520516108] == 1 * Pi/4 
+2859494[299252491] -41068896[321390012] ... -89623108[18004873694818] == -1 * Pi/4 
+270619381 [778401733] -138919506 [1012047353] ... +146407224[30038155625330] == 1 * Pi/4 
+807092487 [2674664693] +479094776[2701984943] ... +214188292[564340076432] == 1 * Pi/4 
+598245178[5513160193] -115804626[7622130953] ... -1521437626[38057255532937] == 1 * Pi/4 


Figure 30.5-B: The best n-term arctan relations (shortened) currently known for 13 <n < 21. 


n-terms min-arg 
2 5 Machin (1706) +4[5] -1[239] == 1 * Pi/4 
3 18 Gauss (YY?) +12[18] +8[57] -5[239] == 1 * Pi/4 
4 57 Stormer (1896) 
5 192 JJ (1993), prev: Stormer (1896) 172 
6 577 JJ (1993) 
7 2,852 JJ (1993) 
8 5,357 JJ (2006), prev: JJ (1993) 4,246 
9 34,208 JJ (2006), prev: JJ (1993) 12,943, prev: Gauss (Y?) 5,257 
10 54,193 JJ (2006), prev: JJ (1993) 51,387 
il 390,112 JJ (1993) 
12 1,049,433 JJ (2006), prev: JJ (1993) 683,982 
13 3,449,051 JJ (2006), prev: JJ (1993) 1,984,933 
14 6,826,318 JJ (2006) 
15 20,942,043 HCL (1997), prev: MRW (1997) 18.975,991 
16 53,141,564 JJ (2006) 
17 201,229,582 JJ (2006) 
18 299,252,491 JJ (2006) 
19 778,401,733 JJ (2006) 


20 2,674,664,693 JJ (2006) 
21 5,513,160,193 JJ (2006) 
22 17,249,711,432 JJ (2006), prev: 16,077,395,443 MRW (27-Jan-2003) 
23 + 58,482,499,557 JJ (2006) 
24 102,416,588,812 JJ (2006) 
25 160,422,360,532 JJ (2006) 
26 392,943,720,343 JJ (2006) 
27 970,522,492,753 JJ (2006) 


MRW := Michael Roby Wetherfield 
HCL := Hwang Chien-Lih 
JJ := Joerg Arndt 


Figure 30.5-C: First arguments of the best n-term arctan relation known today, for 2 <n < 27. The 
4-term entry corresponds to relation |30.5-2|on the facing page. 


[fxtbook draft of 2008-January-19] 


592 Chapter 30: The arithmetic-geometric mean (AGM) 


30.5.1 How to find one relation 


In the 5-term relation 
+88[192] +39[239] +100[515] -32[1068] -56[173932] == 1 * Pi/4 


factor 2; + 1 for all (inverse) arguments «;: 


en idl 


NR 
+ 


5 13 73 101 101 


Note that all odd prime factors are the four primes 5,13,73,101. The coefficients m; can be computed 
as follows. Write (for all arguments z;) 


w+ 1 = 2°09) gett) 1306.2) 7geG.8) 191e6.4) (30.5-3) 


Now define a matrix M using the exponents e(j, u) (ignoring the prime 2): 


M7, := +e(j,i) (30.5-4) 


ji 


The sign of M;,; is minus if (x; mod p;) < p;/2. With our example we obtain 


transpose(M) := 
[-5, -1, +1, -2] // 173932°2+1 == 5°75 *1371 *7371 *10172 
[+6, 0, +1, 0] // 1068°2+1 == 576 *7371 
[0, +1, 0, -2] // 515°2+1 == 1371 *101°2 (#2) 
[0, -4, 0, 0] // 239°2+1 == 13°4 (*2) 
[-1, 0, +1, +1] // 192°2+1 == 571 *73°1 *10171 


// 5, 13, 73, 101 <--= primes 


For the signs of the upper left 3 x 2 sub-matrix, note that (173932 mod 5) = 2 < 5/2, (173932 mod 13) = 
5 < 13/2, (1068 mod 5) = 3 > 5/2, and (515 mod 13) = 8 > 13/2. The nullspace of M consists of one 
vector: 


[-56, “32 « 100, 39, 88] 
This tells us that 
+88[192] +39[239] +100[515] -32[1068] -56[173932] == k * Pi/4 


We determine that k = 1 by a floating point computation of the left hand side. Quite often one finds a 
relation where k = 0, which we are not interested in. For example, the candidates 12943, 1068, 682, 538, 
239 all factor into (2 and) the odd primes 5, 13, 61, 73. The matrix M is 


transpose(M) = 
[+4, +3, -1, 0] // 12943°2+1 == 5°74 *13°3 *6171 (#2) 
[+6, 0, 0, +1] // 106872+1 == 576 #7371 
[-3, 0, -2, 0] // 68272+1 == 53 *6172 
(+1, -1, +1, -1] // 538°2+1 == 571 *1371 *6171 *7371 


[ 0, -4, 0, 0] // 239°2+1 == 1374 (#2) 
// 5, 13, 61, 73 <--= primes 


The nullspace of M is 
[15 445. =25 $15.4] 
and the relation is 
+1[239] -1[538] -1[682] -1[1068] +1[12943] — 0 


30.5.2 Searching for sets of candidate arguments 


A set of candidate arguments x, will give a relation only if a + 1 factor into a common set of primes. 
Apart from the factor 2, all prime factors are of the form 47+ 1. One can choose a subset of those primes 
S := {pi,---,Pu} and test which of the products P = 2° - pj! ---p& are of the form P = x? +1. The 
test is to determine whether P — 1 is a perfect square. The pari/gp function issquare() does this in an 
efficient way (as described in [83]). A recursive implementation of the search is 


[fxtbook draft of 2008-January-19] 


30.5: Arctangent relations for 7 * 593 


\\ global variables: 

ct=0; \\ count solutions 

av=vector(1000); \\ vector containing solutions 

\\ pv = E...]; \\ vector of primes of the form 4*it+1 
m=10720; \\ search max := sqrt(m) 


check(t)= 
local (a); 
if ( issquare(t-1, &a), ctt+; av[ct] =a; ); 
if ( issquare(t+t-1, &a), ctt++; av[ct] = a; ); 
} 
gen_rec(d, p)= 
{ 


local(g, gg, t); 
if ( d>length(pv), return() ); 


if ( t>m, return() ); 
if ( gg!=1, check(t) ); 
gen_rec(dt1, t); 

) gE *= 3 


? 
return(); 


We do the search using the four primes 5, 13, 61, and 73: 


pv=[5, 13, 61, 73]; \\ vector of primes 
gen_rec(1, 1); \\ do the search 


The candidates found are 
12943, 1068, 682,538: 239, 57,27, 18y 11, 84 7, &, 3; 2 


The following relations are found: 
+1[239] -1[538] -1[682] -1[1068] +1[12943] = NULL 
+44[57] +7[538] -5[682] +7[1068] +17[12943] == 1 * Pi/4 (5-term) 
+1[27] +42[57] +6[538] -5[682] +7[1068] +16[12943] == 1 * Pi/4 (6-term) 
+1[18] +41[57] +6[538] -5[682] +6[1068] +16[12943] == 1* Pi/4 (6-term) 
+1[11] ee +6[538] -5[682] +6[1068] +15[12943] == 1 * Pi/4 (6-term) 

[--snip-- 

+1[3] +26[57] +4[538] -3[682] +4[1068] +10[12943] == 1 * Pi/4 (6-term) 
+1[2] +18[(57] +3[538] -2[682] +3[1068] +7[12943] == 1 * Pi/4 (6-term) 


The search is reasonably fast for up to about 12 primes. The drawback of this method is 
that one has to guess which prime set may lead to a good arctan relation. The prime set 
{5, 13,17, 29, 37, 53,61, 89,97, 101} lead (April-1993) to 


+36462[390112] +135908[485298] +274509[683982] -39581[1984933] 
+178477 [2478328] -114569[3449051] -146571[18975991] +61914[22709274] 
-69044 [24208144] -89431[201229582] -43938[2189376182] == 1 * Pi/4 


which is still the best 11-term relation known today. 


The April-2006 computations were done with a more exhaustive search described in the next section. 


30.5.3. Exhaustive search for sets of candidate arguments 


We want to find all x where x? + 1 factors into (2 and) the first 64 primes of the form 4i+1 (S = 
{5,13,17,29,...,761}). Call the resulting set of candidates A. We will later try (for small n) all (n — 1)- 
subsets of S and test whether the corresponding subset of A leads to an arctan relation. 


The most simple approach is to factor (for x up to a practical maximum) all 2? + 1 and add z to the set 
A if all odd prime factors of x? +1 are in S. The method, however, is rather slow: about 11,000 CPU 
cycles are needed for each test. 


[fxtbook draft of 2008-January-19] 


594 Chapter 30: The arithmetic-geometric mean (AGM) 


A much faster approach is the following sieving method. We can determine exactly when a prime p 
divides x? + 1 by solving x? = —1 (mod p) as shown in section [37.9] on page [751] We can further solve 
x? = —1 (mod p") for all h as shown in the cited section. Initialize an array with the value 1 for even 
indices, else with 2 (x? + 1 is even exactly if x is odd). For each prime p € S do, for all powers p”, as 
follows: multiply the array entries with indices s,s + p",s+2p",s+3p",... where s? = —1 (mod p”) 
by p. Finally find the entries with index x that are equal to x? + 1, these are the candidates. 


There are three useful improvements. Firstly, we can use the logarithm of a prime and add it instead of 
multiplying by the prime. The final test is then whether entry x is (approximately) equal to log(x? +1). 
Secondly, the array can be avoided altogether by using priority queues (see section on page[148). An 
event of the priority queue will be to add log(p) (initially at index 2 = s where s? = —1 (mod p")). 
The event must then be rescheduled to 2 + p”. Thirdly, almost all computations of the logarithm can 
be avoided by observing that both +? +1 and the logarithm are strictly increasing functions. We call a 
number z so that x? +1 has all odd prime factors in $ is a candidate. The sum of logarithms (of primes) 
for candidates x are equal to log(x? + 1). If a was the last candidate then for the next candidate b the 
sum of logarithms must be strictly greater than that for a. Thereby we only need to compute log(x? + 1) 
if a new sum of logarithms is greater than the one for the candidate found most recently. It turns out 
that a logarithm is computed exactly whenever a new candidate is found. 


The search costs about 250 cycles per test, which is a good improvement over the first attempt. Analysis 
of the machine code shows that most of the time is spent in the reschedule operations. 


The final improvement comes from the separation of the frequent event (small prime powers) from the 
rare events (big prime powers). One has to use an array again (but only a small one that fits into level-1 
cache and a segmented search should be used). Now the optimum value has to be found from which 
on an event is considered rare. Very surprisingly, it turns out that the search is fastest if all events are 
considered frequent! This means we can forget about the priority queues. A better suited algorithm (and 
implementation) for a priority queue might give different results. 


The resulting routine is remarkably fast, it uses just slightly more than 11 cycles per test. It was used 
to determine all candidates x < 10!4. The search took about 8 days. The last entries in the list of 
candidates are 


9920543180219672+1 
9923810860454872+1 
9931131403564372+1 
9939576752888172+1 
9950123975669372+1 
9962737846177272+1 
9975982068808272+1 
9984975515991772+1 
9995058352530772+1 
9995522346415372+1 


[13.29.37.53.89.157.241.257.337.373.401°2.761] 
[5.29.37.61°2.101.349.397°2.433.557°2.661] 
[2.5°2.13.29.73.113.233.241.269.281.293.317.349.461] 
[2.13.29.37.53.149.173.181.193.313.353.373.401.449] 
[2.5°4.13.29.37°2.61.233.277.313°3.317.401] 
[5.13°2.37.41.73°2.137.277.281.521.557.617.761] 
[5°2.17.29.37.109.181.257.269.337.389.409.457.653] 
[2.5.89.101.181.233.257.293.389.457.521.557.677] 
[2.5°3.13.173.181.193.241°3.257.457°2.677] 
[2.5.13.61°2.101°2.109.373.421.433.509.709.757] 


The search produced 43,936 candidates (including 0 and 1). Exactly that many logarithms were com- 
puted. This means that on average one logarithm was computed for one in 10!4/43,936 > 2-10° values 
tested. 


One can further extend the list by testing (for each element x) whether the right hand side formula 
[x] == [x+d] + [x+(x*2+1)/d] where d divides x*2+1 


leads to new candidate x +d and x + (x? + 1)/d. Additionally one can try the arguments on the right 
hand side of relations like 

[x] == 2[2*x] - [4*x73+3*x] 

[x] == [2*x-1] + [2*x+1] - [2*x73+x] 

[x] == 3[3*x] - [(9*x73+7*x)/2] - [(27*x73+9*x) /2] 


Michael Roby Wetherfield has developed a more sophisticated approach for extending the list and sent 
me a big set of candidates beyond 1014. His methods are described in [243] (see also [244], [227], [33], 
and ). We note that a single value, x = 276,914, 859, 479, 857, 813, 947 where 


x°2+1 = [2.5.13.17.29°3.41.53°2.73°2.101.157.181.229.241.313.397.401.509.577] 
was discarded because it is bigger than 2°* = 18, 446, 744, 073, 709, 551, 616. 


[fxtbook draft of 2008-January-19] 


30.5: Arctangent relations for 7 * 595 


We note the curious relation 


[ka] = [(k+1)a]+[(k4+1) ka] — [(k*4+2k9 +h?) 034 (k?+h41)a] (30.5-5) 


Set f(a,k) := (k*+ 2k? + k?) a3 + (k? +k +1)a, then 


f(a,ky?+1 = ((x a)? + 1) ((( aia? + 1) ((& 41)ka)® + 1) (30.5-6) 


30.5.4 Searching for all n-term relations 


To find all n-term relations whose arguments are a subset of our just determined list of candidates, we 
have to test all subsets of (n —1) (out of 64) odd primes, select the corresponding values x, and compute 
the nullspace as described. Let A; be the j-th candidate. An array M of 64-bit auxiliary values is used. 
Its j-th entry M; is a bit-mask corresponding to the odd primes in the factorization of Aj +1: bit i of 
M; is set if the i-th odd prime divides Aj +1. 


To find n-term relations, we must try all aes subsets of size n — 1 out of the 64 odd primes in our 
scope. The bit-combination routine from section [1.25] on page [61] was used for this task. The selection 
of the entries that factor completely in the subset of n — 1 primes under consideration can be done with 
a single bit-AND and a branch. The candidates with more than n — 1 odd primes in their factorization 
should be discarded before the search. 


While the search is very fast for small n, it does not finish in reasonable time for n > 8. A considerable 
speedup can be achieved by splitting our N = 64 odd primes into a group of the 20 smallest and 
b = 64 — 20 = 44 ‘big’ primes. Write (¢ =n — 1 and) 


ea ee (30.5-7a) 


E03) ae 


J 


This means, we first select the 7 = 0, 1, 2, ...-subsets of the big primes. We copy the corresponding 
candidates whose big prime factors are in the current subset into a new array B. The size of B will be 
significantly smaller than the size of A. From this array we select the arguments according to subsets 
of the small primes (leaving the subset of big primes fixed). This results in a much improved memory 
locality and accelerates the search by a factor of about 25. 


Still, the limit for n so that an exhaustive search can be done has only been moved a little. But if we 
look at the prime sets that lead to the best relations, we observe that small primes are much ‘preferred’: 


n prime set of best relation 

2 {13} 

3 {5, 13} 

4 {5, 13, 61} 

5 {5, 13, 73, 101} 

6 {5, 13, 61, 89, 197} 

7 {5, 13, 17, 29, 97, 433} 

8 {5, 13, 29, 37, 61, 97, 337} 

9 {5, 13, 17, 29, 41, 53, 97, 269} 

10 {5, 13, 17, 41, 53, 73, 97, 101, 157} 

11 {5, 13, 17, 29, 37, 53, 61, 89, 97, 101} 

12 {5, 13, 17, 29, 37, 53, 61, 89, 97, 101, 197} 

13 {5, 13, 17, 29, 37, 53, 61, 89, 97, 101, 181, 281} 

14 {5, 13, 17, 29, 37, 53, 61, 89, 97, 101, 181, 269, 457} 
15 {5, 13, 17, 29, 37, 41, 53, 61, 89, 97, 101, 181, 337, 389} 


The data suggests that the best possible relation is found long before the search space is exhausted. 
Therefore we will stop after the number of big primes in the subset is greater than, say, 4. In practice 
both parameters, the number b of primes considered big and the maximum number of primes taken from 
that set should be chosen depending on n. 


[fxtbook draft of 2008-January-19] 


596 Chapter 30: The arithmetic-geometric mean (AGM) 


Another important improvement is to discard small candidates before the search. One thereby avoids the 
huge amount of uninteresting relations with small first arguments 71. Obviously, the amount of nullspace 
computation is also reduced significantly. 


The results of the searches can be found in [18]. While the searches for the n-term relations with n > 11 
did not even exhaust the table of candidates (which in turn is incomplete!) one can be reasonably sure 
that the best relations within our scope (of the first 64 odd primes 44+ 1) have been found. Indeed I do 
not expect to see a better relation for any n < 15. 


To improve on the results, one should use the first 128 odd primes 47 + 1, sieve up to 10!° (distributed 
on 100 machines), and use a 3-phase subset selection instead of the described 2-phase selection. The 
selection (an nullspace computation) stage should also be done in a distributed fashion to reasonably 
exhaust the table of candidates. Such a computation would likely improve on some of the relations with 
more than 17 terms and produce up to 35-term relations that are in the vicinity of the best possible. 


A method for the simultaneous computation of logarithms of small primes that uses a similar method to 
the one given here is described in section on page [608| 


[fxtbook draft of 2008-January-19] 


597 


Chapter 31 


Logarithm and exponential function 


We describe algorithms for the computation of the exponential (and hyperbolic cosine) function, and the 
logarithm (and inverse tangent). Constructions of superlinear iterations the compute the functions from 
their inverses are given. 


We give argument reduction schemes and methods for the fast computation of the exponential and 
logarithm of power series. 


31.1 Logarithm 


31.1.1 AGM-based computation 


The (natural) logarithm can be computed using the relation (see p.221]) 


2 nm 
—  192(r-1) 
R'(10-") — R'(10-" d) (31.1-1b) 


|log(d) — R’(10-") + R'(10~” d)| (31.1-1a) 


log(d) 


2 


which holds for n > 3 and d €]3,1[. Note that the first term on the right hand side is constant and can 
be saved for subsequent log-computations. One uses the relation 


log(M R*) = log(M) +X log(R) (31.1-2) 
where M is the mantissa, R the radix, and X the exponent of the floating point representation. The 


value log() is computed only once. If M is not in the interval [1/2, 3/2] an argument reduction is made 
via 


log(M) = log(Ms/) — f log(s) (ai 23) 
Where 0 < M < 1 for the mantissa M, s = V2, and f € Zso that Ms! € [1/2, 3/2]. The quantity 


log(s) = log(/2) can be precomputed directly via the AGM. A C++ implementation is given in [hfloat: 


src/tz/log.cc': 


[fxtbook draft of 2008-January-19] 


598 Chapter 31: Logarithm and exponential function 


There is a nice way to compute the value of log() if the value of 7 has been precomputed. One defines 


= 2 
@2(q) = >, gintt/2) = 9 (av + 9/4 4 q25/4 4 g8t/4 4 gi2t/4 4 ~ 
= 2q/4 (1+ ¢7?+qot+qtq%+...) 
O3(q) = So g™ = 142 (qtqtt+P+qe+q%+...) 
oe 2 
O4(q) = S- (-1)"q" = 14+2(-q+q@-@t+qe-@et... 


Then (with K the elliptic function, see section |30.2.1/on page |575) 


] — —logg = = 
7 = —leq= re 
thereby g = exp(—7 K’/K), and 
T 1 AGM(1, k) 
log(t/a) ~ ~Tog(qy ~ “OM (8: 2) = Rex) 


Computing 03(q) is easy if g=1/R: 
@3(q) = 1425 5g" = 201+ 50 q")-1 
n=1 n=1 
However, the computation of @2(q) suggests to choose g = 1/R* =: b?: 


©2(q) 


I 


n=0 n=0 


= 2b yg - 2614 Sogn) 
n=0 n=1 


0+2 s- gint1/2) -~9 » pan? +4nt1 where g= 54 


(31.1-4a) 


(31.1-4b) 


(31.1-4c) 


(31.1-4d) 


(31.1-5) 


(31.1-6) 


(31.1-7) 


(31.1-8a) 


(31.1-8b) 


Functions that compute @2(b*), @3(b*) and 7/log(b) where b is the inverse fourth power of the used 


radix R are given in [hfloat: src/tz/pilogq.cc]. 


We list a few relations involving the theta functions (see, for example [245]): 


@3(q) = ©3(q) + O4(q) 

Q3(q) = @3(q*)+©2(q*) — @4(g) = O3(q*) — O2(q") 
og = "=*  6xq = 2X xq = *** 
_ 03(q) , _ 83(q) 

* = 3a) = @xq) 

1 = AGM (93(q),©%(q)) 

q Il (1 = gir = ed k? b8 K12 


A discussion of the AGM-based computation of logarithms can be found in [39]. 


[fxtbook draft of 2008-January-19] 


(31.1-9) 


(31.1-10) 


(31.1-11) 


(31.1-12) 


(31.1-13) 


(31.1-14) 


31.1: Logarithm 599 


31.1.2 Computation by inverting the exponential function 


With an efficient algorithm for the exponential function one can compute the logarithm using 


y i= 1-de* (31.1-15) 
log(d) = a«+log(1—y) (31.1-16) 
= x+log(1—(1—de“)) = x+log(e *d) = x+(—a + log(d)) (31.1-17) 
Thereby, 
FoF oF 

log(d) = a+log(l-y) =a (u+ 5 3 + 7 +.) (31.1-18) 

Truncation of the series before the n-th power of y gives an iteration of order n: 
Le+1 = ©&,(x~) where (31.1-19a) 

2 3 n-1 
Yy y y 
@,(2) := b+ 4 1 

(x) x (u a = :) (31.1-19b) 


31.1.2.1 Padé approximants for the logarithm 


Padé approximants Pj; ;)(z) of log (1 — z) at z = 0 produce iterations of order i+ j +1. Compared to the 
power series based iteration one needs one additional long division but saves half of the exponentiations. 
This can be a substantial saving for high order iterations. 


The approximants can be computed via the continued fraction expansion of log(1 + z): 


Cy z 


log1+z) = O+ (31.1-20) 
C22 
1+ 
Zz 
io 
C4 Z 
1 
ieee 
where c; = 1 and 
k k-—1 
——— ifk = — els -1- 
Ck Wk) if k even, Ck z else (31.1-21) 


Using recurrence relations |35.3-7a] and |35.3-7b]on page with ap = 0, ag = 1 and by = cy: 2 we obtain 


(fractions in lowest terms): 


tet Big =< (31.1-22a) 
24 Puy = oo (31.1-22b) 
3 4 Poa = coe (31.1-22c) 
4 Pog = fetes (31.1-22d) 
ree eal annie we Cee 
ot FRA Se (stte22h) 
Toe Fag, = sean a ae pare) 
6 ee P= 420 z + 630 z? + 260 z3 + 25 24 (31.1-22h) 


420 + 840 z + 540 z? + 120 23 + 6 z4 


[fxtbook draft of 2008-January-19] 


600 Chapter 31: Logarithm and exponential function 


The expressions are Padé approximants correct up to order k. For even k these are the diagonal approx- 
imants [k/2,k/2] which satisfy the functional equation log(1/z) = —log(z): P(1/z —1) = —P(z- 1). 
Further information like the error term of the diagonal approximants is given in [173]. 


The diagonal Padé approximants can be computed by setting Py = 0, Qo = 1, Po = z, Q@2 = 1+ 2/2, and 
computing, for k = 4, 6, ..., 2n, 


Pr = Ap Pro + Br Pr—a (31.1-23a) 
Qe = Ak Qr-2+ BeQn—a (31.1-23b) 
(these are relations [35.3-14al and [35.3-14b] on page [685). The A; and Br are defined as 
Ay = 14+2/2 (31.1-23c) 
Be = 7 A (31.1-23d) 


Then P2,,/Q2n is the Padé approximant [n,n] of log(1+ z) which is correct up to order 2n. The following 
pari/gp function implements the algorithm: 


log_pade(n, z=’z)= 
{ /* Return Pade approximant [n,n] of log(1itz) */ 
local (P0,Q0,P2,Q2,tp,tq, t); 
if ( n<i, return(0) ); 
PO=0; QO=1; 
P2=z; Q2=1+z/2; 
forstep (k=4, 2*n, 2, 
Ak = 1+2/2; \\ == +z*C(k-1)+z*C(k)+1; 


t = (k-2)°2; 

Bk = z°2/16*t/(1-t); \\ == -z72*C(k-1)*C(k-2) ; 
tp = Ak*P2 + Bk*PO; 

tq = Ak*Q2 + Bk*QO; 

PO=P2; P2=tp; 

QO=Q2; Q2=tq; 


DG 
return( P2/Q2 ); 


31.1.2.2 Padé approximants for arctan * 


A continued fraction for arctan is (given in p.569]) 


1 
z?/(1-3) 

277 //(3 5) 
3227/(5-7) 


(31.1-24) 


arctan(z) = z 
1+ 


1+ 


Padé approximants P;/Q x for the inverse tangent can be obtained by setting Po = 0, Pi = z, Qo = 1, 
Q, = 1, and the recurrences 


Pray = Pet Pee —— 1.1-2 
k+1 k k-1 po] (3 5a) 
k? 2? 
41 = Pr > 1.1-2 
Qr+1 Qe + Pea Fa —F (31.1-25b) 


[fxtbook draft of 2008-January-19] 


31.1: Logarithm 601 


The first few approximants are 
32 


2 Paks = 1.1-2 
Ke 1,2 34 2 (3 6a) 
Iba+4a3 
3 Piet ees 31.1-26b 
ee 15 +92? ( ) 
1 3 
cea (31.1-26c) 


105 + 90 x7? + 924 


945 x + 735 x3 + 642° 

5 Psa = 31.1-26d 
™ *154] ~ 945 + 1050 22 + 225 24 ( ) 
1155 a +11902? + 23125 

Pre = eae 

OS Ale 1155 + 1575 2? + 525 a4 + 25 26 (3 te) 


;,j) = arctan(z) + O(2?**1) (31.1-26f) 


31.1.3. Argument reduction for the logarithm 


When the logarithm shall be computed for high but not extreme precision (up to several hundred decimal 
digits or so), the following scheme can beat the AGM algorithm. Use the functional equation for the 
logarithm 


log(z*) = a log(z) (31.1-27) 


to reduce the argument by setting a = 1/N. Now with N big enough z!/% will be close to one: r := 
zi/N — 1 +e where e is small. Then a few terms of the Taylor series of log(1 + e) = e—e?/2+e3/3+... 
suffice to compute the logarithm. Compute the logarithm of z as follows 


1. set r= 2z/N ande=r-1 
2. compute | := log(1 + e) to the desired precision using the Taylor series 


3. return L:= N1 


One can also use a Padé approximant in step 2. With argument z = 2.0, N = 2°, and four terms of the 
Taylor series we obtain: 


? z=2.0; \\ argument for log() 

? n=32; N=27n; 

? r=z°(1/N) \\ compute by 32 sqrt extractions 

x 1. i re 

? e=r- 
1.613859042096597612039766311019850327446120165053265785 E-10 

? 1l=e-1/2*e"2+1/3*e°3-1/4*e"4 \\ approx log(ite 
1.613859041966370561665930136708022486594054133693140550 E-10 

? L=N*1 \\ final result 
0.6931471805599453094172321214581765680754060932265650365 

? log(z) \\ check with builtin log 
0.6931471805599453094172321214581765680755001343602552541 


One may also use the following reduction for L(z) := log(1 + z), which avoids loss of precision for small 
values of z: 


L(z) = 21 (+) (31.1-28) 


31.1.4 Argument reduction for arctan 
We use the equation 


arctan(z) = 2 arctan ( (31.1-29) 


z 
ace 


Compute the inverse tangent of z as follows 


[fxtbook draft of 2008-January-19] 


602 Chapter 31: Logarithm and exponential function 


1. set r:=z 
2. repeat n times: r=r/(1+ V¥1+ 1?) (for n big enough) 
3. compute a := arctan(r) to the desired precision using the Taylor series 
4. return A := 2"a 
We compute arctan(1.0) using n = 16 and four terms of the Taylor series: 
? z=1.0; 
? n=16; 


? Lr=Z; for (k= 1,n,r=r/(1+sqrt(1+r72)))5r 

0. 00001 198422490593030347851 1634794650661319585 12874402526189 
? a=r-1/3*r73+1/5*r75-1/7*r77 

Q. pees 1984224905356572107 17255929290581849745567656967660263 


A=27"n 

= 736388165397 4483096156608458198757210492552196703256299 
? an(z) \\ check with builtin at 

3. 785398163397 4483096 156608458198757210492923498437764552 


? 


All divisions in the reduction phase can be saved by using 


1 
arctan(1/z) = 2 arctan (=) (31.1-30) 
The inverse sine and cosine can be computed as 
z 
arcsin(z) = arctan (a (31.1-31a) 
V1l— 2? ) 
Jl 2 
arccos(z) = arctan (=) (31.1-31b) 
31.1.5 A curious series for the logarithm * 
We finally note two relations resembling the well-known series 
1 1l+2 1 1 1 
l = a re, aia 1.1-32 
5 log (7) tar tee + Veg? + (31.1-32) 
The first is 
1 1+ 3x +32? a 3° 3 3° 
l = : T+ gl BO TE eit 31.1-33 
6 og (ae a a es Ti ( -) 


= Se ees ae Se abe te BPRT? cag aia 
= — —_ _ : —————— : 31.1-33b 
est 12k+5 kt?” ' ikei” ) ( ) 


The second, given in [26], is 


1 lt+2+2? x gt oS goktl gy Sk+2 
1 = cally ae 1.1-34 
5 log (742 * =) Pe ig: ge oD tseai taeaa) GbE 
Relation |31.1-33a]can be brought in a similar form, namely 
1 1 is 5 7 11 13 
Sif es a a (31.1-35a) 
2/3 1—-V3242? 5. FT ib.” 
co 12k+1 12k+5 12k+7 12k+11 
-»> (+ a = 7 i ) (31.1-35b) 
CoM" 2k+ 1 12k+5 1Wk+T" k+11 


[fxtbook draft of 2008-January-19] 


31.2: Exponential function 603 


31.2 Exponential function 


31.2.1 AGM-based computation of the exponential function 


We use the following relation (see pp.35-36]): 


K' 
_ __&K' et 
q exp ( TT x) (3 ) 
Now write 
K'  AGM(1,k’) | AGM(L, bo) (31.2-2) 
K ~ AGM(G,&) ~ AGMG,¥) . 


where k! = bo and k = b = \/1 — b? and use ({150] p.38], note the missing ‘4’ there) 


T AGM(1, bo) : 4an 
a a a 1.2- 
2 AGM(1, bo) wean eee oie) 
thereby 
1 Aan 1 4dn 
q = exp(—2 lim log — = lim exp | -—— log = 31.2-4a 
& 
noo 2n Cn n—0o gn-1 Cn 
4 -1/2"-1 hig —1/(2"77) 
= lim (exp log on) = lim ( = ) (31.2-4b) 
n—oco Cn N—- Co Cn 
This gives 
é 1/(2"~*) 
q = lm ( ~) (31.2-5) 
n— oo an 


One obtains an algorithm for exp(—«) by first solving for k,k’ so that « = 7 K'/K (precomputed 7) and 
applying the last relation that implies the computation of a 2”~!-th root. Note that the quantity c should 


2 
Cn 


be computed via ¢n41 = throughout the AGM computation in order to preserve its accuracy. 


4an4+i 


For k = 1//2 =: s one has k = k’ and so q = exp(—7m). Thus the calculation of exp(—z) = 
0.0432139182637... can directly be done via a single AGM computation as (c,/(4a,))% where N = 
1/2-1). The quantity i‘ = exp(—/2) = 0.2078795763507... can be obtained using N = 1/2”. 


31.2.2 Computation by inverting the logarithm 


The exponential function can be computed using the iteration that is obtained as follows: 


exp(d) = w exp(d-—log(z)) (31.2-6) 
= «exp(y) where y := d-—log(x) (31.2-7) 
ee 


The corresponding n-th oder iteration is 
Le+1 = (xp) where (31.2-9a) 


y? y? | 
= : — + = +...+ —— 1.2- 


As the computation of logarithms is expensive one should use an iteration of high order. The C++ 
implementation given in [hfloat: |src/tz/itexp.cc) uses the iteration of order 20. 


[fxtbook draft of 2008-January-19] 


604 Chapter 31: Logarithm and exponential function 


31.2.2.1 Padé approximants for exp 


Padé series P,;,;|(z) of exp (z) around z = 0 give iterations of order i+ j +1. For i = j we obtain 


2 

Fa) = ze (31.2-10a) 

, 2-2 

12+6z+4+ 2? 

Pay = 1 Gea oe (31.2-10b) 
120 + 60z + 1227 + 23 

‘| =3 1.2-1 

120 — 602 + 1222 — 3 (31.2-10c) 

1 4Oz + 18022 + 2023 + 24 

Pigg, 2 680 + 840z + 18024 + 202° + z (31.2-10a) 


1680 — 840z + 1802? — 20z3 + 24 


Note that the functional equation exp(—z) = holds for the (diagonal) Padé approximants. 


1 
exp(z) 


A closed form for the [i, j]-th Padé approximant of exp(z) is 


Pag) = {3 S ahty i | (31.2-11) 


k=0 k=0 


The numerator for 7 = j, multiplied by (27)!/c! in order to avoid rational coefficients, equals 


24)! << (*) zk 
x MOE y (i) 2 (31.2-12) 
The coefficients of the numerator and denominator in the diagonal approximant 


Pia = Leno Ce (31.0213) 
Dk=o Ck (—2)* 


can be computed using c; = 1 (the coefficient of the highest power of z) and the recurrence 


Ch = oy SEE (31.2-14) 


It is usually preferable to generate the coefficients in the other direction. To do so compute the constant co 


co = II 4w—2 = 2,12, 120, 1680, 30240, ... (31.2-15) 
w=1 
and use the recurrence 
i-k 
Ce = ek 1 (31.2-16) 


(2i — k) (k+ 1) 


We generate the coefficients for 1 <2 < 8: 


? cO(i)=prod(w=1,1,4*w-2) 
? qq(i,k)=(i-k) /((2*i-k) *(k+1)) 
? for (i=1, 8, c=cO(i); printiC("["i,",",i,"]: "); \ 
? for (k=0, i, printi(" ", c); c#=qq(i,k)); print(;) 
(1,1]: 2 1 
[2,2]: 12 6 1 
[3,3]: 120 60 12 1 
[4,4]: 1680 840 i180 20 1 
[5,5]: 30240 15120 3360 420 30 1 
[6,6]: 665280 332640 75600 10080 840 42 1 
[7,7]: 17297280 8648640 1995840 277200 25200 1512 56 1 
[8,8]: 518918400 259459200 60540480 8648640 831600 55440 2520 72 1 


[fxtbook draft of 2008-January-19] 


31.2: Exponential function 605 


Finally, the Padé approximant P;;,;) can be expressed as ratio of hypergeometric functions: 


:) /F e7 i :) (31.2-17) 


This is relation |35.2-51/on page with a = —7 and b= —j where 7 and j are positive integers. 


4 
Pig = *F 
[t,J] (_. -j 


31.2.3. Argument reduction for the exponential function 


As for the logarithm an argument reduction technique can be useful with moderate precisions. We do 
not use the functional equation for the exponential functional (exp(2z) = exp(z)?) because the loss of 
precision when adding up the Taylor series (one plus a tiny quantity). Instead we use the functional 
equation for E(z) := exp(z) — 1: 


E(2z) = 2E(z)+ E(z) (31.2-18) 


Compute the exponential function of z as follows 
1. set r = z/2” (for n big enough) 
2. compute F := exp(r) — 1 to the desired precision using the Taylor series 
3. repeat n times: E = 2E + E? 
4. return E+ 1 
We compute exp(1.0) using n = 16 and eight terms of the Taylor series: 


? z=1.0; 

? n=16; 

? r=z/27n 
0.00001525878906250000000000000000000000000000000000000 

? E=r*(1+r/2* (14+r/3* (14+1r/4* (1+r/5* (1+r/6* (1+r/7* (1+r/8) )) 
0.00001525890547841394814004262248066173018701234845511 

? for (k=1,n,E=2*E+E*2) ;E=E+1 
2.718281828459045235360287471352662497757247071686614582 

? exp(1.0) \\ check with builtin exp 
2.718281828459045235360287471352662497757247093699959575 


00 


0000 
)))) 
622583 


One can also compute the exponential function via the hyperbolic cosine using 


exp(z) = cosh(z)+sinh(z) = cosh(z) + \/cosh?(z) — 1 (31.2-19a) 
Alternatively, compute hyperbolic sine and use 
exp(z) = sinh(z)+./1+sinh(z)? (31.2-19b) 


The advantage is that half of the coefficients of the Taylor series are zero. Again we do not use the 
function equation for the cosine (cosh(2z) = 2 cosh?(z) — 1) but that for C(z) := cosh(z) — 1: 


C(2z) = 2(C(z) +1)? -2 (31.2-20) 
Compute the hyperbolic cosine as follows 
1. set r = z/2” (for n big enough) 
2. compute C := cosh(r) — 1 to the desired precision using the Taylor series 
3. repeat n times: C = 2[C — 1]? —2 
A. 


return C+ 1 


We compute cosh(1.5) using n = 16 and four terms of the Taylor series: 


[fxtbook draft of 2008-January-19] 


606 Chapter 31: Logarithm and exponential function 


z=1.50; 

n=16; 

r=z/27n 

C=1/2*r*24+1/24*r~44+1/720*r~6+1/403204r78 
0.0000000002619344741220382773076639849940582903433100542426455923 
? for (k=1,n,C=2*(C+1) 72-2) ;C 
1.352409615243247325767667965441644170173960682574839216 


C+ 
2.352409615243247325767667965441644170173960682574839216 
? cosh(z) \\ check with builtin cosh 
2.352409615243247325767667965441644170173960748865373192 


NON NN 


When the Taylor series for cos(z) — 1 is used then the cosine can be obtained by the identical algorithm: 


? z=1.50; 
? n=16; 
? r=z/27n 
0 .00002288818359375000000000000000000000000000000000000000000 
? C=-1/2*r72+1/24*r*4-1/720*r~6+1/40320*r78 
-0.0000000002619344740991683877317978758392098468831796333435288181 
? for (k=1,n,C=2*(C+1)*2-2) ;C 
-—0 , 9292627983322970899118101485657312909149089413817931623 


C+1 

ee ee eee 
? cos(z) \\ check with builtin c 

0. 0707373016677029 1008818985 143426870908509102756334686942 


? 


Compute the sine as sin(z) = \/1 — cos?(z), and the tangent as tan(z) = sin(z) /cos(z). 


31.3 Logarithm and exponential function of power series 


The computation of the logarithm, the exponential function, and the inverse trigonometric functions 
turns out to be surprisingly simple with power series. 


31.3.1 Logarithm 


Let f(a) be a power series in x and g(x) = log(f(a)). Then we have 42% = f ah. Thereby, symbolically, 


dx f 
x) 
g(x) = log(f “. (31.3-1) 
(x) 

A few lines of pari/gp to demonstrate this: 

? sp=8;default (seriesprecision,spt1) ; 

? f=taylor((1)/(1-x-x*2),x) /* shifted Fibonacci (with constant term) */ 

1 + x + 2kx72 + 3x73 + 5*x74 + 84x75 + 13*x76 + 21*x77 + 34*x78 + O(x79) 

? d=deriv(f,x) 

1 + 4*x + Q#x72 + 20*x°3 + 40*x74 + 78*x75 + 147*x76 + 272*x*7 + O(x*8) 

? qg=d/f /* the only nontrivial computation */ 

1 + 3x + A4kx72 + 7*x73 + 11*x74 + 18x75 + 29%x76 + 47*x°7 + O(x78) 
? 1f=intformal (q) 

x + 3/2*x72 + 4/3*x73 + 7/4*x74 + 11/5*x75 + 3x76 + 29/7*x°7 + 47/8*x78 + O(x79) 
? f-exp(1f) /* check with builtin exp() */ 
O0(x79) 
31.3.2 Inverse trigonometric functions 
Now let a(x) = arctan(f(«)). Then, symbolically, 
f(a) 
a(z) = a ara oe (31.3-2) 


Verification for the trivial case f(x) = a: 


[fxtbook draft of 2008-January-19] 


31.3: Logarithm and exponential function of power series 607 


? sp=13;default (seriesprecision,spt1) ; 

? f=taylor(x,x) 

x + 0(x714) 

? d=deriv(f,x) 

1 + 0(x713) 

? q=d/(1+£72) 

1 - x72 + x74 - x76 + x78 - x710 + x712 + O(x713) 
? af=intformal (q,x) 

x — 1/3*x73 + 1/5*x75 - 1/7*x*7 + 1/9*x79 - 1/11*x711 + 1/13*x713 + 0(x714) 
? f-tan(af) /* check with builtin tan() */ 
O(x714) 


For s(x) = arcsin(f(a)) use 


s(x) = [254 (31.3-3) 


31.3.3. Exponential function 


With e(x) = exp(f(a)) we can use a scheme similar to those shown in section on page [558] We 
express a function g(y) as 


gy) = [J a+r] (31.3-4) 


where Y; = y, Yrzi = N(Yz) and 1+ T(y) is the truncated Taylor series of g. A second order product is 
obtained by taking 1+ 7T(y) = 1+ y (the series of exp(y) truncated before the second term) and 


N(y) = ft (4) (31.3-5) 


For g(y) = exp(y) one obtains N(y) = y — log(1 + y) and 


exp(y) = [1+y]-[L+y—log(l+y)]-[1+y—log(1 + y) — log(1 + y — log(1+ y))]--+ (81.3-6a) 
a II (1+ Y;] (31.3-6b) 
k=1 


where Y; = y = f(x) and Yp41 = Yr —log(1+ Y;). The product aan is correct up to order y?—, The 
computation involves N — 2 logarithms and N — 1 multiplications. Implementation in pari/gp: 


texp(y, N=5)= 
a 


local(Y, e, t); 
Y=y; e=1+/Y; 
for (k=2, N, 
t = deriv(1+Y,x)/(1+Y); 


t = intformal(t); \\ here: t = log(1+Y); 
: ye (ity) ; 
pee, e ); 
} 
Check: 


? f=taylor((x)/(1-x-x*2) ,x) 
X + X72 + 2ex73 + 3*x74 + 5*x75 + 8*X76 + 13*K77 + 21¥*x7B +... 
? e=exp(f) /* builtin exp() */ 
1+ x + 3/2*x72 + 19/6*x73 + 145/24*x*4 + 467/40*x75 + 16051/720*x76 + ... 
? t=texp(f,4); 
% te 
-1/32768*x"16 - 35/98304*x717 - ... 


[fxtbook draft of 2008-January-19] 


608 Chapter 31: Logarithm and exponential function 
31.4 Simultaneous computation of logarithms of small primes 


We describe a method to compute the logarithms of a given set of (small) primes simultaneously. We use 
a method similarly to the one for finding arctan-relations for 7 given in section on page [590] We 
define 


- 1 
L(z) = 2 arccoth(z) = 2 ; (Qk +1) 21 (31.4-1) 
k=0 
and note that (relation |35.2-83d|on page |675) 
1 
log(z) = 2 arccoth a (31.4-2) 
a 


We will determine a set of relations that express the logarithm of a prime as linear combination of terms 
L(X;) where the X; are large integers so that the series for L converges fast. 


S = { 51744295, 170918749, 265326335, 287080366, 362074049, 587270881, 
617831551, 740512499, 831409151, 1752438401, 2151548801, 2470954914, 3222617399 } 


2: [ -1595639, -17569128, -8662593, -31112926, -13108464, -11209640, 

-12907342, +9745611, -1705229, -12058985, +4580610, +4775383, -12972664 ] 
3: [ -2529028, -27846409, -13729885, -49312821, -20776424, -17766859, 

-20457653, +15446428, -2702724, -19113039, +7260095, +7568803, -20561186 ] 
5: [ -3704959, -40794252, -20113918, -72241977, -30436911, -26027978, 

-29969920, +22628608, -3959419, -28000096, +10635847, +11088096, -30121593 ] 
7: [ -4479525, -49322778, -24318973, -87345026, -36800111, -31469438, 


-36235490, +27359389, -4787183, -33853851, +12859398, +13406195, -36418872 ] 


11: [| -5520004, -60779197, -29967648, -107633040, -45347835, -38778983, 

-44652067, +33714275, -5899123, -41717234, +15846307, +16520111, -44878044 ] 
13: [ -5904566, -65013499, -32055403, -115131507, -48507081, -41480597, 

-47762841, +36063046, -6310097, -44623547, +16950271, +17671017, -48004561 ] 
17: [ -6522115, -71813158, -35408027, -127172929, -53580360, -45818987, 


-52758281, +39834823, -6970060, -49290653, +18723073, +19519201, -53025282 ] 


19: [| -6778159, -74632382, -36798067, -132165454, -55683805, -47617738, 

-54829453, +41398649, -7243689, -51225694, +19458099, +20285481, -55106936 ] 
23: [ -7217972, -79475039, -39185776, -140741248, -59296949, -50707501, 

-58387161, +44084875, -7713709, -54549566, +20720673, +21601741, -58682649 ] 
29: [ -7751584, -85350490, -42082712, -151146003, -63680669, -54456218, 


-62703622, +47343993, -8283970, -58582320, +22252516, +23198720, -63020955 ] 


31: [ -7905109, -87040909, -42916186, -154139543, -64941904, -55534757, 

-63945506, +48281670, -8448039, -59742579, +22693241, +23658185, -64269124 ] 
37: [ -8312407, -91525553, -45127374, -162081337, -68287932, -58396097, 

-67240196, +50769306, -8883311, -62820720, +23862474, +24877135, -67580488 ] 
41: [ -8548719, -94127517, -46410292, -166689119, -70229278, -60056229, 


-69151756, +52212618, -9135853, -64606639, +24540856, +25584363, -69501722 ] 


Figure 31.4-A: Relations for the fast computation of the logarithms of the primes up to 41. 


Compute log(p;) for the primes p; in a predefined set P of n primes as follows: 
1. Find a set S of numbers X € Z so that X? — 1 factor completely into the primes in P. 
2. Select a subset S of n (large) numbers X; so that all L(X;,) are linearly independent. 


3. Try to find, for each prime p;, a relation log(p;) = ee m, L(X,). If this fails return to step 2. 


For example, with the first 13 primes (P = {2, 3, 5, 7, 11, ..., 41}) one can find 
Oe I ie ee (31.4-3) 
{51744295, 170918749, 265326335, 287080366, 362074049, 587270881, 
617831551, 740512499, 831409151, 1752438401, 2151548801, 2470954914, 3222617399} 


[fxtbook draft of 2008-January-19] 


31.4: Simultaneous computation of logarithms of small primes 609 


We use the short form p: [m1, m2, m3, ..., m13] to denote a relation 
13 
log(p) = > mj; L(X;) (31.4-4) 
j=l 


Now we have the relations given in figure |31.4-A| the first one is 


log(2) = -—1595639 D(51, 744, 295) — 17569128 L(170, 918, 749) +... — 12972664 L(3, 222, 617, 399) 


Note that the series with slowest convergence already gives more than 15 digits per term 
(logo (51, 744, 2952) ~ 15.4), and the last series gives 19 digits per term. 


2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41 


51744295: [ -2, +2, 0, +3, 0, O, +2, -3, -1, +1, 0, O, -1 ] 
170918749: [ +1, +4, -5, +1, +1, +1, +1, 0, -1, -1, +1, 0, -1 ] 
265326335: [-7, -2, 0, +1, -1, +1, 0, -2, 0, -1, +2, +1, +1 ] 
287080366: [ 0, +1, +1, -5, +2, +1, 0, -1, +3, -1, -1, 0, O] 
362074049: [ +5, -4, -2, +1, 0, -2, 0, 0, -2, +2, +2, 0, O] 
587270881: [ +4, +2, +1, +3, -1, 0, -1, 0, 0, +41, -1, -3, +1 ] 
617831551: [ -6, +4, +2, +1, 0, -6, 0, +1, 0, O, +1, +1, O] 
740512499: [-1, -1, -5, -2, +7, -1, 0, +1, 0, O, -1, 0, O] 
831409151: [ -9, -1, +2, -1, +3, +1, 0, 0, -1, 0, +2, 0, -2 ] 

1752438401: [ +6, -4, +2, 0, -2, -2, 0, +2, -2, 0, 0, +1, +1 ] 
2151548801: [ +6, -2, +2, 0, 0, -2, 0, O, +2, -4, +1, 0, +1 ] 
2470954914: [ 0, 0, -1, +1, -3, -5, +2, 0, O, 0, +3, O, +1 ] 
3222617399: [ -2, -6, -2, +4, +1, +2, 0, +2, -1, 0, -2, 0, O] 


Figure 31.4-B: Values L(x) as linear combinations of logarithms of small primes. 


Figure|31.4-B|shows the linear combinations of logarithms of small primes that give the values L(x). The 
first row gives the relation 


L(51, 744,295) = —2 log(2) +2 log(3) +3 log(7) +... —1 log(41) (31.4-5) 


The shown values, as a matrix, are the inverse the values in figure |31.4-A 


Precomputed logarithms of small primes can be used for the computation of the logarithms of integers 
k if one can determine a smooth number near k. For example, the logarithm of 65537 (a prime) can be 
computed as 


65536 65537 
l = | -——_ } = ] —_—___ l 1.4- 
og (65537) og (ss31 = og (Fem | + log (65536) (31.4-6a) 
1 
= | 1+ — 16 log(2 1.4 
og ( + sais + 16 log(2) (31.4-6b) 


The series of the first logarithm converges fast and log(2) is precomputed. This idea has been given by 
Jim White [priv.comm.]. If k is not near a smooth number but u-k is smooth where wu factors into the 
chosen prime set, one can use the relation 


log(k) = log(uk) — log(w) (31.4-7) 


Here log(u) is the sum of precomputed logarithms and with log(wk) one can proceed as above. 


[fxtbook draft of 2008-January-19] 


610 Chapter 31: Logarithm and exponential function 


[fxtbook draft of 2008-January-19] 


611 


Chapter 32 


Numerical evaluation of power series 


We give algorithms for the numerical evaluation of power series. When the series coefficients are rational 
the binary splitting (binsplit) algorithm can be applied for rational arguments, and the rectangular 
schemes with real (full-precision) arguments. As a special case of the binary splitting algorithm, a 
method for fast radix conversion is described. Finally we describe a technique for the summation of series 
with alternating coefficients. 


32.1 The binary splitting algorithm for rational series 


The straightforward computation of a series for which each term adds a constant amount of precision (for 
example, the arc-cotangent series with arguments > 1) to a precision of N digits involves the summation 
of proportional N terms. To get N bits of precision one has to add proportional N terms of the sum, each 
term involves one (length-N) short division (and one addition). Therefore the total work is proportional 
N?, which makes it impossible to compute billions of digits from linearly convergent series even if they 
are as ‘good’ as Chudnovsky’s famous series for 7 (given in [77]): 


1 6541681608  / 13591409 (6k)! = (-1F eer 
7™ — —— \/@q0330° << \ 545140134 | (k!)3 (3k)! 6403203" 
12 = . (6k)! 13591409 + 545140134 - k 
= Paes : a (32.1-1b) 
640320 {x0 (kil)? (3k)! (640320) 


Binary splitting scheme for products 


We motivate the binsplit algorithm by giving the analogue for the fast computation of the factorial. 
Define finn = mM: (m+1)-(m+2)---(n—1)-n, then n! = fi,,. We compute n! by recursively using 
the relation finn = fm. * fet+in Where x = |(m+n)/2]: 


indent (i)=for(k=1,8*i,printi(" ")); \\ aux: print 8*i spaces 
F(m, n, i=0)= 
{ /* Factorial, self documenting */ 
local(x, ret); 
indent(i); print( "F(", m, ", ", n, ")"); 
if ( m==n, /* then: */ 
ret =m; \\ == F(m,m) 


x = floor( (mtn)/2 ); 
ret = F(m, x, iti) * F(xt1, n, it+1); 


[fxtbook draft of 2008-January-19] 


612 Chapter 32: Numerical evaluation of power series 


F(1, 8) 
F(1, 4) 
F(1, 2) 
F(1, 1) 
F(2, 2) 
-s= 2 _ 
F(3, 4) 
F(3, 3) 
F(4, 4) 
—_ “== 120 
F(5, 8) 
F(5, 6) 
(5, 5) 
“a= 5 
F(6, 6) 
_ “== 6 
F(7, 8) 
F(7, 7) 
F(8, 8) 
“== 8 
“ 56 
== 1680 
“== 40320 
Figure 32.1-A: Quantities with the computation of 8!. 
indent(i); print( "“== ", ret); 


return( ret ); 


The function prints the intermediate values occurring in the computation. The additional parameter i 
keeps track of the calling depth, used with the auxiliary function indent(). Figure shows the 
output with the computation of 8! =F(1,8). A fragment like 


F(5, 6) 


says “F(5,6) called F(5,5) [which returned 5], then called F(6,6) [which returned 6]. Then F(5,6) 
returned 30.” For the computation of other products modify the line ret=m; as indicated in the code. 


Binary splitting scheme for sums 


For the evaluation of a sum eee a, we use the ratios r, of consecutive terms: 
a 
Th I= a (32.1-2) 


Ak-1 


Set a_; :=1 to avoid a special case for k = 0. One has 


7 a, =: To (L4+ri treo (1+r3 (1+...(1+rn-1)..-)))) (32.1-3) 
k=0 
Now define 
Tron t= Trltrmu (.-(1+rn)...)) where m<n (32. 1-4a) 
Cems = in (32.1-4b) 
then 
mn = : 3 ak (32.1-5) 
Am—1 k=m 


[fxtbook draft of 2008-January-19] 


32.1: The binary splitting algorithm for rational series 


and especially 


k=0 
We have 
Tmn = Tmrlm*Tm4+1 +Tm* Tm+1°Tm+2 es 
Tmt Te Etim Vet epp beet tH leqi ce 
x 
= Tmax + Il Tk *Vaet+1,n 
k=m 
The product telescopes, one gets (for m < a < n) 
ag 
Tmn = Tmax a *Tae+iyn 
Am—-1 


32.1.1 Implementation using rationals 


613 


(32.1-6) 


(32.1-7a) 


Tr | 


(32.1-7b) 


(32.1-8) 


R(O, 6) 
R(O, 3) 
(O, 1) 
R(O, 0) 
c== 1/2 
R(1, 1) 
c== 1/2 
R(2, 3) 
R(2, 2) 
c== 1/2 
R(3, 3) 
c== 1/2 
“a= 3/ 
“== 15/16 
R(4, 6) 
R(4, 5) 
4, 4) 
c== 1/2 
R(5, 5) 
c== 1/2 
c== 3/4 
R(6, 6) 
c== 1/2 
“== 127/128 


Figure 32.1-B: Quantities with the binsplit computation of 1?_, 27+) = 127/128. 


Now we can formulate the binary splitting algorithm by giving a binsplit function using pari/gp: 


R(m, n)= 
{ /* Rational binsplit */ 
local(x, ret); 
if ( m==n, /* then: */ 
ret = A(m)/A(m-1); 
; /* else: */ 
x = floor( (mtn)/2 ); 
ret = R(m, x) + A(x) / A(m-1) * R(x+1, n); 


; 
return( ret ); 


} 


Here A(k) must be a function that returns the k-th term of the series we wish to compute, in addition 


one must have a(-1)=1. For example, to compute arctan(1/10) one would use 


A(k)=if (k<O, 1, (-1)7(K)/((2*k+1) #107 (2*k+1))); 


Figure |32.1-B]shows the intermediate values with the computation of a grt) 


[fxtbook draft of 2008-January-19] 


614 Chapter 32: Numerical evaluation of power series 


32.1.2 Implementation using integers 


In case the programming language used does not provide rational numbers one needs to rewrite for- 
mula |32.1-8] in separate parts for denominator and numerator. With a; = pi/qi, p-1 = q-1 = 1 and 
Tmn =! Umn/Vm,n one gets 


Um.n = Pm-1 Iz Um, Vie+i.n + Paz Im-1 Un+i.n Vinya (32.1-9a) 
Vinn = Pm-1 QI Vinx Vestn (32.1-9b) 


Qo, 6) 
Qco, 3) 


“== [-10, 3000] 
“== [29900, 300000] 
Q(2, 3) 


2) 
“== [3000, -500000] 
Q(3, 3) 
“== [-500000, 70000000] 
= [-104250000000000000, 17500000000000000000] 
: [1569781275000000000000000000, 15750000000000000000000000000] 
—-snip-— 


Figure 32.1-C: Explosive growth of intermediate quantities with computing arctan(1/10). 


The following implementation also contains code for reduction to lowest terms: 


Q(m, n)= 
{ /* Integer binsplit */ 
local(x, ret, bm, bx, tm, tx); 
if ( m==n, /* then: */ 
bm = B(m); bx = B(m-1); 
ret = [ bm[1]*bx[2] , bx[1]*bm[2] ]; \\ == Bm) /B(m-1); 
= gcd(ret[1], ret[2]); /* Reduction */ 
ret = [ret[1]/x, ret[2]/x]; /* Reduction */ 
; /* else: */ 
= floor( (m+tn)/2 ); 
Q(m, x); \\ (U_{m,x}, V_{m,x}] 


tx = Ole, aly \\ MG ad, Vtnol 
bm = B(m-1); \\ Cp_{m-1}, q_{m-1}] 
bx = B(x); \\ [p_{x}, q_{x}] 


\\ ret == Q(m, x) + B(x) / B(m-1) * Q(x+1, n); 
ret = [ (bm[1]*bx[2]*tm[1]*tx[2] + bx [1] #bm [2] «tx [1] *#tm[2])/10, 
(bm [1] *bx [2] *tm[2]*tx[2])/10 ]; 
= gcd(ret[1], ret[2]); /* Reduction */ 
' ret = [ret[i]/x, ret[2]/x]; /* Reduction */ 


Fa 
return( ret ); 


The reduction step can do good or bad, depending on the terms of the sum. When computing arctan(1/10) 
without the reduction, the intermediate quantities grow exponentially, as shown in figure The 
square brackets are the quantities [Umn, Vin.n]. Such explosive growth will occur with all Taylor series 
unless the function argument equals one. 


32.1.3 Performance 
We compute the sum for arctan(1/10) up to the 5,000th term with the direct method, the rational binsplit 
and the integer binsplit with and without reduction. The timings for the computation are: 


A(k)=if (k<0,1, (-1)*(k)/((2*k+1) *107 (2*k+1))); \\ for rational binsplit 
B(k)=if (k<O, [1,1], [(-1)7(k), ((2*k+1)*107(2*k+1))] ); \\ for integer binsplit 
N=5000; 


[fxtbook draft of 2008-January-19] 


32.1: The binary splitting algorithm for rational series 615 


sum(k=0,N,ACk)); \\ direct method: 69,385 ms. 

R(O,N); \\ rational binsplit: 2,532 ms. 

Q(O,N); \\ integer binsplit with gcd reduction: 4,152 ms. 

Q(O,N); \\ integer binsplit without gcd reduction: >8min, "forever" 


Things look quite different when computing the sum Phx ap (—1)*/(2k+1)?. The intermediate quanti- 


ties U and V have only small common factors, so it is better to omit the reduction step: 
B(k)=if (k<O, [1,1], [(-1)*k, (2*k+1)°2] ); 
A(k)=if (k<0,1, (-1)*(k)/(2*k+1)°2); 

N=50000; 

sum(k=0,N,A(k)); \\ direct method: 32,396 ms. 

R(O,N); \\ rational binsplit: 6,826 ms. 

Q(O,N); \\ integer binsplit with gcd reduction: 27,485 ms. 

Q(O,N); \\ integer binsplit without gcd reduction: 6,251 ms. 


With builtin routines for binsplit summation the advantage will be much more in favor than these figures 
suggest. 

The reason why summation via binary splitting is better than the straightforward way is that its com- 
plexity is only O(log N M(N)), where M(N) is the complexity of one N-bit multiplication (see [129]). If 
an FFT based multiplication algorithm is used (M(N) = N log N) the work is O((log N)? N) This means 
that sums of linear but sufficient convergence are again candidates for high precision computations. The 
algorithm should be implemented in the ‘depth first’ manner presented, and not via the naive pairs, pairs 
of pairs, etc. (breadth first) way. The reasons are better locality and less memory consumption. The 
naive way needs most memory after the first pass, when pairs have been multiplied. 


32.1.4 Extending prior computations 


The ratio ro,v—1 (that is, the sum of the first N terms) can be reused if one wants to evaluate the sum 
to a higher precision than before. To get twice the precision use 


T0,2N-1 = T0,N-1+4@n-1°TN,2N-1 (32.1-10) 
(this is formula }32.1-8| with m = 0,2 = N —1,n =2N —1). With explicit rational arithmetic: 


Up2n-1 = @n-1U0,n-1 Vn,2n-1 + PN-1 UN,2Nn-1 Vo,n-1 (32.1-11la) 
Vo2n-1 = 4n-1 Vo,n-1 Vn2N-1 (32.1-11b) 


Thereby with the appearance of some new computer that can multiply two length 2-N numberg!|one only 
needs to combine the two ratios ro,v—1 and ry,2n-1 that had been precomputed by the last generation 
of computers. This costs only a few full-size multiplications on your new and expensive supercomputer 
(instead of several hundreds for the iterative schemes), which means that one can improve on prior 
computations at low cost. 


If one wants to stare at zillions of decimal digits of the floating point expansion then one division is also 
needed which costs no more than 4 multiplications as described in section on page 


32.1.5 Computation of 7: binary splitting versus AGM-type iterations 


Using formula [32.1-la]on page [611]and the binary splitting scheme for the computation of 7 can outper- 
form the AGM-style iterations given in section [30.4]on page [582] The reason is that the memory access 
pattern is more favorable than with the iterations. When computing N digits of 7 the iterations compute 
proportional log,(N) roots (and or inverses) to full precision. At the last phase of each root computation 
full-length multiplications have to be computed. These access all memory storing a few full-precision 
words. In contrast, the binary splitting involves full-precision multiplications only at the very last phase. 


lassuming the old model could multiply length-N numbers. 


[fxtbook draft of 2008-January-19] 


616 Chapter 32: Numerical evaluation of power series 


The drawback of the binary splitting scheme is that it may need significantly more memory than two full 
words. This may happen if the numerator and denominator grow fast which is more likely if no series so 


favorable as|32.1-la|can be used for the quantity to be computed. 


32.1.6 Fast radix conversion 


A binary splitting scheme for radix conversion of a radix-z integer [ayan_—1...@2a1d09]z can be obtained 


via recursive application of the scheme 


N M+xX-1 N 
) Qk ao= ) Qk Zk + 2X ) Qk 2k 
k=M k=M k=M+X 


where X is chosen to be the largest power of two that is smaller than d:= N — M. 


(32.1-12) 


R(O, 15) 


*== 8455 
“== 554132803 
R(8, 15) 


R(14, 15) 
w== 33 
“== 8455 
*== 554132803 
"== 2379982267079943491 


Figure 32.1-D: Intermediate results when converting the number 210765432107654316 to decimal. 


We define an auxiliary function that computes (for d > 1) the largest exponent s so that 2* < d: 


ex2le(d)= 
{ /* return largest s so that 2°s < d */ 
local(s, t); 
t=1; s=0; 
while ( d>t, t<<=1; st=1; ); 
t >>= 1; s--; 
return(s) ; 


} 
We precompute z?, z*, 28, ..., 2?) where 2” < N: 


N=15; 

z=16; \\ radix 

vz=vector (ceil (log(N)/log(2))); 

vz[iJ=z; 

for (k=2, length(vz), vz[k]=vz[k-1]*2); \\ N space 


Now the conversion function can be defined as 


Ri(m, n, i=0)= 
{ /* Radix conversion, self documenting */ 


[fxtbook draft of 2008-January-19] 


32.2: Rectangular schemes for evaluation of power series 617 


local(x, d, ret, t); 
indent(i); print( "R(", m, ", ", n, ")"); 
d = n-m; 
if (d <= 1, /* then: */ 
if ( d==0, ret = A(m); , ret = A(m) + z*A(n); ); 


; /* else: */ 

t = ex2le(d); 

x = 1<<t; 

ret = Ri(m, mtx-1, iti) + vz[tt+i] * Ri(mt+x, n, itl); 
); 
indent(i); print( "“== ", ret); 


return( ret ); 


} 


We define A(k)=(k+3)%8; and convert the 16-digit, radix-16 number [ai5ai4...a2a1ao|16  := 
2107654321076543;6 to decimal. The intermediate results are shown in figure|32.1-D 


32.2 Rectangular schemes for evaluation of power series 


The rectangular scheme for the evaluation of polynomials was given in |190), and later in [215|. We use 
it for the evaluation of truncated power series up to a given power N — 1 of the series variable. We give 
two variants, one for series whose coefficients are small rationals (as for the logarithm), and another for 
series where the ratios of successive coefficients are a small rationals (as for the exponential function). 
When the numbers of rows and columns in the schemes are identical, a method involving proportional 
VN full-precision multiplications is obtained. The schemes are very competitive up to very high precision 
in practice, even compared with AGM-based methods. 


32.2.1 Rectangular scheme for arctan and logarithm 


Computing the sum of the first N terms of a power series as 
N-1 
Sy = So Ape® = Ag+2(Art+2(A24+2(A3+...2(An-i)---))) (82.2-1) 
k=0 


costs N long (full-precision) multiplications if z is a full-precision number. If the A, are small rational 
values, and N = R-C then one can rewrite Sy as 


aa Ago + Aoc41 2 + Aoc42 27 +... + Aic-1 2071 + (32.2-2) 
42° [Aic + Aic41 oat Aic+2 3 Sion = ale Dee ZOr1y 
a [Aac Ue Agc+1 aan Aoc+2 a aa ee ke a Az3c_- got 
+20 [Asc a A3c+1 aan A3c+2 a 7 ee ee Aico got 
+ a + 
150 [A re A 2. ; os 
2” |Acr-1e + Acr-1yc41 2 + A(r-1)c42 2% +... + Arc-12 }..]]] 


We compute Sy as 
[I [- ees [Ur-1| x risa ashe Us] ge + U2] x + Ui] a + Uo (32.2-3) 


-1 : : ; 
where U,. := — ArC+k z* is the sum in one row of relation|32.2-2 


Precomputing the quantities z?, 2°, z4,...z° involves C — 1 long multiplications. The sums in each 


row of expression [32.2-2|involve only short multiplications with series coefficients A;. The multiplication 
by z© for each but the first row involves further R — 1 long multiplications. The computation uses C 
temporaries (z, z?, ..., ©) and proportional R + C long multiplications. Choosing R = C = VN leads 
to a complexity of 2VN long multiplications, and also involves VN temporaries. 


[fxtbook draft of 2008-January-19] 


618 Chapter 32: Numerical evaluation of power series 


32.2.1.1 Implementation for arctan 


We implement the scheme for the arctan in pari/gp: 


fa(n) = \\ inverse of series coefficient 
{ /* fa(n) := (-1)7n/(2n+1) */ 
local (an) ; 


an = (2*n+1); 
if ( bitand(n,1), an=-an); 
return( an ); 


} 
atan_rect(z, R, C)= 
{ /* compute atan(z) as z*(1-z°2/3+z74/5-z°6/7+-... +-z7 (2*(R*C-1))/(2*R*C-1) */ 
local(S, vz, s, ur, k); 
vz = vector(C); \\ vz == [2°2,z274,z°6,...,27 (2*C)] 
vz[1] = z*z; \\ 1 long multiplication (special for arctan) 
for (k=2, C, vz[k]=vz[1]*vz[k-1]); \\ C-1 long multiplications 
k = R*#C; \\ index of current coefficient 
s=0; \\ sum 
forstep (r=R-1, 0, -1, 
ur = 0; \\ sum of this row 
forstep (c=C-1, 1, -1, k-=1; urt=vz[c]/fa(k); ); 
k -= 1; ur t= 1/fa(k); 
if ( r!=R-1, s*=vz[C]; ); \\ R-1 long multiplications 
s += ur; 
); 
s *= z; \\ 1 long multiplication (special for arctan) 
; return( s ); 


We compute 7/16 as arctan(z) where z = V2/2+4—- V2 —1 & 0.19891236 (using relation |31.1-30]on 
page twice on z = 1), using a precision of 30,000 decimal digits. We use R = C = VN =: S: 

? ? z=1;z=z+sqrt (z°2+1) ;z=ztsqrt(z*2+1) ;z=1/z; \\ ==> Pi/16 

? a=atan(z); \\ builtin arctan: computed in 1,123 ms. 


? r=atan_rect(z,S,S); \\ computed in 2,377 ms. 
\\ using S=147, and N=S~°2=21609 


a-r 
0.E-30017 \\ result OK 


The given implementation involves about two times of the cost of the builtin routine. Argument reduction 
make the method much more competitive: 


? a=atan(z); \\ computed in 1,123 ms. 

? z=1/z; 

? for (k=1,32,z=z+sqrt(z*2+1)) \\ computed in 204 ms. 
? z=1/z 

4 

Fe 


.57161899770987400328861548736 E-11 

? S=ceil (sqrt (-1/2*rp*log (10) /log(z) )) 

39 \\ N=S72=1521 

? r=atan_rect(z,S,S); \\ computed in 284 ms. 
2 r¥=2732 

? a-r 

-1.3690050398194919519 F-30016 \\ OK 


With 100,000 decimal digits the performance ratio is roughly the same. Note that one will have to limit 
the number C' of temporaries according to the available memory. 


z 


V1—22 


and arccos(z) = 5 — arcsin(z). 


Compute the inverse sine and cosine as arcsin(z) = arctan 


32.2.1.2 Implementation for the logarithm 


A routine for log(1 — z) is 


log_rect(z, R, C)= 

{ /* compute log(1-z) as 1+x/2+x72/3+...+x7(R*C-1)/(R*C) */ 
local(S, vz, s, ur, k); 
vz = vector(C); \\ vz == [z272,z°4,z°6,...,z27 (2*C)] 
vz[1i] = z; 
for (k=2, C, vz[k]=z*vz[k-1]); \\ C-1 long multiplications 
k = R*#C; \\ index of current coefficient 


[fxtbook draft of 2008-January-19] 


32.2: Rectangular schemes for evaluation of power series 619 


s=0; \\ sum 
forstep (r=R-1, 0, -1, 
ur = 0; \\ sum of this row 
forstep (c=C-1, 1, -1, k-=1; urt=vz[c]/(kt1); ); 
k -= 1; ur += 1/(kt+1); 
if ( r!=R-1, s*=vz[C]; ); \\ R-1 long multiplications 
s += ur; 
Dis 
s *= z; \\ 1 long multiplication (special for arctan) 
return( -s ); 


} 


However, using a precision of 30,000 decimal digits and argument z = 1/5 the routine is slower than the 
builtin one (using the AGM) by a factor of about 1/7. With argument reduction (relation |31.1-27] on 
page 601), and R= C = VN =: S we obtain a more competitive performance: 


? e=log(1-z) \\ computed in 621 ms. 


705 293129551314209755 766295090310 
? z=1-z; 


? for(k=1,32,z=sqrt(z)); \\ computed in 132 ms. 

? z=1-z; \\ == 5.19546566783481003872552738341 E-11 
? S=ceil (sqrt (-rp*log(10) /log(z))) 

55 \\ N=S72=3025 

? r=log_rect(z,N); \\ computed in 461 ms. 

? r*=2732 

poe oan aera) Der eGzesnatet) 


7 r 
-6.071613129762050924 E-30008 \\ OK 


We note that with both the logarithm and the arctan, subsequent computations with the builtin routine 
are faster as some constants that are computed with the first call are reused. 


Compute the inverse hyperbolic sine and cosine as arcsinh(z) = log(z + Vz?+4+ 1) and arccosh(z) = 
log(z + Vz? — 1) (for z > 0). 


32.2.2 Rectangular scheme for exp, sine, and cosine 


We rewrite the sum of the first N terms of a power series 


N-1 
Sy = Dy Anz! (32.2-4) 
k=0 
as 
ay [Aoc-+0 + Aicso z'© + Ascyo 2° +... + Acr—1o02®- YC] a (32.2-5) 
- [oc + Aroq 2° + Asc 27° +... Awenowi2® YC] 
a [Aoc+s + Arosa 20° + Ascy3 7° +... 4 Acr_noss2®- YC] 
+ tae + 
alae [Aic-2 4 Asin-9 8” + Asoo es? Apc-226F-VC] 4 
~C-1 [Ato-1 cy ee ay eee ee Aro-12®-Y¢] 


Compute the sum as (the transposed version of relation |32.2-2/on page|617) 
Sn — ([[.--[Uc-1] 2 + Uc-a]z+...+ U3] 2+ U2] z2+Ui)z2+Uo5 (32.2-6) 


where U, = 5. Arce 2*° (C temporary sums are computed). When proceeding colum-wise the 
update A; — Aj;11 involves only a short multiplication by the ratio A;,,/A;. Only when going to the 
next column a long multiplication by z© is required (R—1 long multiplications). Finally, there are C —1 
long multiplications by z. 


[fxtbook draft of 2008-January-19] 


620 Chapter 32: Numerical evaluation of power series 


32.2.2.1 Implementation for the exponential function 


A routine for the computation of exp(z) — 1 can be given as follows: 


exp_rect(z, R, C)= 
{ /* compute exp(z)-1 as z*[ 1+z/2!+z72/3! +...+z7(R*C-1)/((R*C)!) J] */ 
local(ur, zc, k, t); 
zc = z°C; \\ proportional log(C) long multiplications 
ur = vector(C); 
k = 1; \\ ratio of series coefficients /* set to zero for plain exp */ 
t 1.203 
for (r=1, R, \\ number of columns (!) 
for (c=1, C, ur[c] += t; k++; t /= (k); ); 
if ( r!=R, t *= zc; ); \\ R-1 long multiplications 


); 

t = ur([C]; 

forstep (c=C-1, 1, -1, t#=z; t+=ur[c]); \\ C-1 long multiplications 
t *= z; /* omit for plain exp */ 

return( t ); 


} 


We use the argument reduction given as relation|31.2-18}on page and compute exp(1/5) to a precision 
of 30,000 decimal digits. We use R= C = /N =: S: 


z=0.2; 
e=exp(z) \\ computed in 855 ms. 


.22140275816016983392107199464 
nred=32; 


z/=2-nred 

.65661287307739257812500000000 E-11 

S=48; \\ N=S*2=2304 

r=exp_rect(z,S,S) \\ computed in 395 ms. 
.65661287318581279537523334667 E-11 
for(k=1,nred,r=r+rtr*2); \\ computed in 68 ms. 


+= 
.52140275816016983392107199464 
(Sie 
.965120231677044083 E-30016 \\ OK 
Using 100,000 digits, nred=112, and S=52 we obtain the timings 


SIRE IB IR RE 


? e=exp(z); \\ computed in 8,601 ms. 
? r=exp_rect(z,S,S); \\ computed in 2,345 ms. 
? for(k=1,nred,r=r+r+r~2); \\ computed in 1,640 ms. 


32.2.2.2 Implementation for the cosine 


A routine for computing cos(z) — 1 can be given as 


cos_rect(z, R, C)= 


{ /* compute cos(z)-1 as z*2*[ -1/2!+z°2/4! - z°4/6! +- ... ] */ 
local (ur, zc, k, t); 
Z*= Z; 


zc = z°C; \\ proportional log(C) long multiplications 

ur = vector(C); 

k = 2; \\ ratio of series coefficients 

t =O, 5% 

for (r=1, R, \\ number of columns (!) 
for (c=1, C, urlc] += t; k++; t /= (kK); k++; t /= -(K); ); 
if ( r!=R, t *= zc; ); \\ R-1 long multiplications 


); 

t = ur([C]; 

forstep (c=C-1, 1, -1, tx=z; tt=ur[c]); \\ C-1 long multiplications 
t *= z; /* omit for plain exp */ 

return( t ); 


} 
We use the argument reduction as in relation |31.2-20] on page and compute cos(1/5) to 30,000 
decimal digits: 


? z=0.2; 
? e=cos(z) \\ computed in 788 ms. 


0.980066577841241631124196516748 
? nred=32; 


[fxtbook draft of 2008-January-19] 


32.3: The magic sumalt algorithm for alternating series 621 


? z/=2-nred; 

? S=34; \\ N=S°2=1156 

? r=cos_rect(z,S,S); \\ computed in 318 ms. 

? for(k=1,nred,r=2*(r+1)*2-2); \\ computed in 70 ms. 

? xrt=1 

Q.980066577841241631124196516748 

? e-r 

-3.646143951667310362 E-30017 \\ OK 

The sine and tangent can be computed as sin(z) = ,/1 — cos(z)?, and tan(z) = sin(z)/ cos(z). 


The routine is easily converted to compute the hyperbolic cosine. The relation exp(z) = cosh(z) — 
,/cosh(z)? — 1 gives an alternative way to compute the exponential function. 


32.3. The magic sumalt algorithm for alternating series 


The following convergence acceleration algorithm for alternating series is due to Cohen, Villegas and 
Zagier, see [85]. As remarked in the cited paper, the algorithm often gives meaningful results also for 
non-alternating and even divergent series. 


The algorithm computes an estimate of the sum s = ate Lp as 


n-1 
te = Saas (32.3-1) 
k=0 


The weights c,,, do not depend on the values x;. With the following pseudo code the summands x; have 
to be supplied in the array x[0,1,...,n-1]: 


function sumalt(x[], n) 


d := (3+sqrt(8))“n 
d := (d+1/d)/2 
b:=1 
c:=d 
s :=0 
for k:=0 to n-1 
{ 
ct ¢o 3D 
s:=s+t+c * x[k] 
; b := b * (2*(ntk)*(n-k)) / ((2*k+1)*(k+1)) 


return s/d 


With alternating sums the accuracy of the estimate will be (3 + V/8)~" = 5.82—”". For example, the 
estimate for 4-arctan(1) using the first 8 terms is 


11111 212-21 ~«21 
TOR -( )- 3.017... (32.3-2) 


The sumalt-massaged estimate is 


665856 665728 663040 641536 
fe oe 1-( - st + (32.3-3) 
557056 376832 163840 32768 
7s 3a iB 15 ) /oo5s57 


= 4-3365266048 /4284789795 = 3.141592665... 


and already gives 7 correct digits of 7. The linear but impressive growth of the accuracy of successive 
sumalt estimates with n, the number of terms used, is illustrated in figure 


[fxtbook draft of 2008-January-19] 


622 Chapter 32: Numerical evaluation of power series 
n: sumalt (n) sumalt (n)—7 
1: 2. 6B66666666666666666666 0.474925986923126571795 
2: 3.137254901960784313725 0.004337751629008924737 
3: 3.140740740740740740740 0.000851912849052497721 
4: 3.141635718412148221507 —0.000043064822354983044 
5: 3.141586546403673968348 0.000006107186119270114 
6: 3.141593344215659403660 —0.000000690625866165197 
7: 3.141592564937540122015 0.000000088652253116447 
8: 3.141592665224315864017 —0.000000011634522625555 
9: 3.141592652008811951619 0.000000001580981286843 
10: 3.141592653809731569318 —0.000000000219938330856 
11: 3.141592653558578755513 0.000000000031214482948 
12: 3.141592653594296338470 —0.000000000004503100007 
13: 3.141592653589134580517 0.000000000000658657944 
14: 3.141592653589890718625 —0.000000000000097480163 
15: 3.141592653589778664375 0.000000000000014574087 
16: 3.141592653589795436775 —0.000000000000002198312 
17: 3.141592653589792904285 0.000000000000000334177 
18: 3.141592653589793289614 —0.000000000000000051151 
19: 3.141592653589793230584 0 .000000000000000007877 
20: 3.141592653589793239682 —0.000000000000000001220 


Figure 32.3-A: Sumalt-estimates of 7 = 4-arctan(1) using n = 1,2,...,20 terms. 


Therefore even slowly converging series like 


7 = Drs = 4-arctan(1) (32.3-4a) 

C= 3 ar a = 0.9159655941772190... (32.3-4b) 

log(2) = 3 _ = 0.6931471805599453... (32.3-4c) 

(3) = 7 _ py (32.3-4d) 
k=1 


can be used to compute estimates that are correct up to thousands of digits. The algorithm scales like n? 
if the series terms in the array x[] are small rational values and like n° - log(n) if they are full precision 


(rational or float) values. 


In fact, pari/gp has a built-in sumalt routine, we use it to compute the Catalan constant: 


default (realprecision, 1000) ; 

sumalt (k=0, (-1)*k/(2*k+1)°2); \\ takes 60 ms. 
default (realprecision, 2000) ; 

sumalt (k=0, (-1)*k/(2*k+1)°2); \\ takes 
default (realprecision, 4000) ; 

sumalt (k=0, (-1)*k/(2*k+1)°2); \\ takes 2,730 ms. 


376 ms. 


VN IN VN NY 


The time scales roughly with the third power of the precision used. 


All values cz, and by occurring in the computation are integers. In fact, the b, in the computation with n 
terms are the coefficients of the expanded n-th Chebyshev polynomial (of the first kind, see section 


on page|645) with argument 1 + 2a: 


[fxtbook draft of 2008-January-19] 


32.3: The magic sumalt algorithm for alternating series 623 


k: by Ck 
0: 1 665857 
1: 128 665856 
2: 2688 665728 
3: 21504 663040 
4: 84480 641536 
5 180224 557056 
6: 212992 376832 
ve 131072 163840 
8: 32768 32768 
Tg(1+2x) = 1+128x + 26882? + 215042x° + 844802x* + (32.3-5a) 
+1802247° + 2129922° + 1310722" + 327682° = Tig(V1 + 2) 
Ti6(z) = 1-—128x? + 2688a* — 215042° + 844802 — (32.3-5b) 


—180224x1° + 212992712 — 13107224 + 32768x'6 


Now observe that one has always c, = b, = 2?"~1 in a length-n sumalt computation. Obviously, ‘going 
backwards’ avoids the computation of (3 + V8)": 


function sumalt(x[], n) 


b 
c 


2** (2*n-1) 

:=b 

s := 0 

for k:=n-1 to 0 step -1 
{ 


Ss: +c * x[k] 
bu * aren eee? / (2% (nt+k) *(n-k) ) 
ers + 


Vou 
avn 


return s/c 


The b, and cy occurring in a length-n sumalt computation can be given explicitly as 


n nt+k 
b, = gen 25. 
=( ey P2308) 
s “on (nti 2: f 
Ck = ae 2 )2 (32.3-6b) 


To compute an estimate of an X, using the first n partial sums use the following pseudo code (the 


partial sums py, = Sean x; are expected in p[0,1,...,n-1]): 


function sumalt_partial(p[], n) 


d := (3+sqrt(8))“n 
d := (d+1/d)/2 
b:=1 
c:=d 
s :=0 
7 k:=0 to n-1 
s:=s tb * p(k] 
} b := b ¥* (2e(ntk)*(n-k)) / ((2*k+1)*(k+1)) 


return s/d 


a 

The backward variant is: 

function sumalt_partial(p[], n) 
b 
c 


2** (2*n-1) 

:=b 

s := 0 

for k:=n-1 to 0 step -1 


[fxtbook draft of 2008-January-19] 


624 Chapter 32: Numerical evaluation of power series 


s +b * p(k] 
b * Lerten? / (2*(nt+k)*(n-k)) 
Cc 


avn 
ioueou 


return s/c 


For series of already geometrical rate of convergence (where |a;/az41| © e) it is better to use 


function sumalt_partial(p[], n, e) 


d := ( 2e + 1 + 2esqrt(e*(et1)) )*n 
d := (d+1/d)/2 
b:=1 
c:=d 
s :=0 
~ k:=0 to n-1 
s:=s +b * p[k] 
: b := b * (2*(ntk)*(n-k)) / ((2*k+1)*(k+1)) * e 


return s/d 


Convergence is improved from ~ e-” to ~ (2e+1+4+2,/e(e+1))-” ® (4e+2)-". This algorithm 
specializes to the original one for e = 1. 


C++ routines implementing the sumalt algorithm and the variant for partial sums are given in [hfloat: 


src/hf/sumalt.cc). 


[fxtbook draft of 2008-January-19] 


625 


Chapter 33 


Computing the elementary functions 
with limited resources 


This chapter presents two types of algorithms for computations with limited resources, the shift-and-add 
and the CORDIC algorithms. The algorithms allow the computations of the elementary functions as the 
logarithm, exponential function, sine, cosine and their inverses with only shifts, adds, comparisons and 
table lookups. Algorithms of this type are usually used for pocket calculators. 


33.1 Shift-and-add algorithms for log,(x) and b* 


In this section so-called shift-and-add algorithms for the computation of log,(x) and b” are presented. 
These algorithms use only additions, multiplications by a power of two (‘shifts’) and comparisons. Pre- 
computed lookup table with as many entries as the desired accuracy in bits is required. The algorithms 
are especially useful with limited hardware capabilities. 


The implementations given in this section use floating point numbers. They can be rewritten to scaled 
integer arithmetic without difficultly. 


33.1.1 Computing the base-b logarithm 


We use a table that contains the values A,, = log, (1+ 3+) where n > 0, it is created as follows: 


double *shiftadd_ltab; 
ulong ltab_n; 


void 
make_shiftadd_ltab(double b) 
{ 
double 11b = 1.0 / log(b); 
double s = 1.0; 
for (ulong k=0; k<ltab_n; ++k) 
shiftadd_ltab[k] = log(1.0t+s) * 11b; // == log_b(1+1/27k) 
s *= 0.5; 
} 
} 


The algorithm takes as input the argument x > 1 and the number of iterations N and computes log, (x). 
It proceeds as follows: 


1. Initialize: set tp = 0, eg = 1. 


2. Compute un = en: (1 +27"). If un < ax the set d, = 1, else set d, = 0. 


[fxtbook draft of 2008-January-19] 


626 Chapter 33: Computing the elementary functions with limited resources 


n: Un tn en An 

init | - 0.00000000 | +1.00000000 | +1.00000000 
13 1.50000000 | 0.00000000 | +1.00000000 | +0.58496250 
2: 1.25000000 | 0.00000000 | +1.00000000 | +0.32192809 
a3 1.56250000 | 0.32192809 | +1.25000000 | +0.32192809 
3: 1.40625000 | 0.32192809 | +1.25000000 | +0.16992500 
3: 1.58203125 | 0.49185309 | +1.40625000 | +0.16992500 
4: 1.49414062 | 0.49185309 | +1.40625000 | +0.08746284 
5: 1.45019531 | 0.49185309 | +1.40625000 | +0.04439411 
6: 1.42822265 | 0.49185309 | +1.40625000 | +0.02236781 
7: 1.41723632 | 0.49185309 | +1.40625000 | +0.01122725 
8: 1.41174316 | 0.49185309 | +1.40625000 | +0.00562454 
8: 1.41725778 | 0.49747764 | +1.41174316 | +0.00562454 
9: 1.41450047 | 0.49747764 | +1.41174316 | +0.00281501 
10: 1.41312181 | 0.49747764 | +1.41174316 | +0.00140819 
10: 1.41450182 | 0.49888583 | +1.41312181 | +0.00140819 
Liss 1.41381182 | 0.49888583 | +1.41312181 | +0.00070426 
11: 1.41450215 | 0.49959010 | +1.41381182 | +0.00070426 
12: 1.41415698 | 0.49959010 | +1.41381182 | +0.00035217 
12: 1.41450224 | 0.49994228 | +1.41415698 | +0.00035217 
13: 1.41432961 | 0.49994228 | +1.41415698 | +0.00017609 
14: 1.41424330 | 0.49994228 | +1.41415698 | +0.00008805 
15: 1.41420014 | 0.49994228 | +1.41415698 | +0.00004402 
15: 1.41424330 | 0.49998631 | +1.41420014 | +0.00004402 
oo: 1.41421356 | 0.50000000 | +1.41421356 | +0.00000000 

=f =log,(V2) | =a =0 
Figure 33.1-A: Numerical values occurring in the shift-and-add computation of log,(/2) = 1/2. The 
computation of log, j2(V2) = —1/2 corresponds to the same values but opposite signs for all entries A, 


and Yn. 


3. If d, 4 0 then set try, = tp + An and en4+1 = Un and repeat the last step. Else set tp41 = tn and 
E€n+1 = En- 


4. Increment n. If n = N return t,, else goto step 2. 


A C++ implementation is given in [FXT: arith/shiftadd-log-demo.cc|, note that the variable n equals N, 


and k equals n: 


double 
shiftadd_log(double x, ulong n) 


{ 


double t 0;.0% 
double e L503 
double v L203 
// (PRINT] 
for (ulong k=1; k<n; ++k) 
{ 


if ( nm>=ltab_n ) n = ltab_n; 


v *= 0.5; // v == (1>>k) 


double u; 
bool d; 
— (1) 


et+tevx*v; // u=e; ut=(e>>k); 


// [PRINT] 

if ( d==false ) break; 
t += shiftadd_ltab[k]; 
e =u; 


} 


return t; 


[fxtbook draft of 2008-January-19] 


33.1: Shift-and-add algorithms for log,(#) and b® 627 


The variable v is a power of 1/2 so all multiplies by it can with scaled integer arithmetic be replaced 
by shifts as indicated by the comments. The values for first steps of the computation for the argument 
rp = V2 are given in figure[33.1-A] The columns of the figure correspond to the variables k(= n), u(= un), 
t(= tn), e(= en), and shiftadd_ltab[k] (= A,). 


n: Un tn en An 
init | - 0.00000000 | +1.00000000 | +1.00000000 
1: 1.50000000 | 0.00000000 | +1.00000000 | +0.58496250 
1: | 2.25000000 | 0.58496250 | +1.50000000 | +0.58496250 
1: | 3.37500000 | 1.16992500 | +2.25000000 | +0.58496250 
1: | 5.06250000 | 1.75488750 | +3.37500000 | +0.58496250 
1: | 7.59375000 | 2.33985000 | +5.06250000 | +0.58496250 
1: 11.3906250 | 2.92481250 | +7.59375000 | +0.58496250 
2: | 9.49218750 | 2.92481250 | +7.59375000 | +0.32192809 
3: | 8.54296875 | 2.92481250 | +7.59375000 | +0.16992500 
4: | 8.06835937 | 2.92481250 | +7.59375000 | +0.08746284 
5: | 7.83105468 | 2.92481250 | +7.59375000 | +0.04439411 
5: | 8.07577514 | 2.96920662 | +7.83105468 | +0.04439411 
6: | 7.95341491 | 2.96920662 | +7.83105468 | +0.02236781 
6: | 8.07768702 | 2.99157443 | +7.95341491 | +0.02236781 
co: | 8.00000000 | 2.99999999 | +8.00000000 | +0.00000000 

=x = log, (8) =x =0 


Figure 33.1-B: Values occurring in the first few steps of a shift-and-add computation of log,(8) = 3. 


The algorithm has been adapted from [184] (chapter 5) where the correction is made only once for each 
value A,, limiting the range of convergence to x < X where 


x I (1 rs =) (33.1-1) 


n=0 


= 4.768462058062743448299798577356794477543 . .. 


I 


As given, the algorithm converges for any x > 0, « #1. A numerical example for the argument x = 8 is 
given in figure |33.1-B] The basis b must satisfy b > 0 and bF 1. 


33.1.2 Computing b* 


We can use the same precomputed table as with the computation of log,(z). 


The algorithm takes as input the argument x and the number of iterations N and computes b® for b > 1, 
x ER. It proceeds as follows: 


1. Initialize: set tp = 0, eg = 1. 
2. Compute un = tn + An. If un < x the set d, = 1, else set dy, = 0. 


3. If d, #0 then set tpi. = Un and en41 = ey: (1 +27”) and repeat the last step. Else set ty41 = tn 
and €n41 = en. 


4. Increment n. If n = N return e,, else goto step 2. 


A C++ implementation is given in [FXT: |arith/shiftadd-exp-demo.cc]: 


double 
shiftadd_exp(double x, ulong n) 
{ 
if ( nm>=ltab_n ) n = ltab_n; 
double t = 0.0; 
double e = 1.0; 
double v = 1.0; 
// [PRINT] 


[fxtbook draft of 2008-January-19] 


628 Chapter 33: Computing the elementary functions with limited resources 


n: Un ty En An 

init | 0.00000000 | 0.00000000 | +1.00000000 | +0.00000000 
de 0.58496250 | 0.00000000 | +1.00000000 | +0.58496250 
2: 0.32192809 | 0.00000000 | +1.00000000 | +0.32192809 
2: 0.64385618 | 0.32192809 | +1.25000000 | +0.32192809 
3: 0.49185309 | 0.32192809 | +1.25000000 | +0.16992500 
3: 0.66177809 | 0.49185309 | +1.40625000 | +0.16992500 
4: 0.57931593 | 0.49185309 | +1.40625000 | +0.08746284 
5: 0.53624721 | 0.49185309 | +1.40625000 | +0.04439411 
6: 0.51422090 | 0.49185309 | +1.40625000 | +0.02236781 
G 0.50308035 | 0.49185309 | +1.40625000 | +0.01122725 
8: 0.49747764 | 0.49185309 | +1.40625000 | +0.00562454 
8: 0.50310219 | 0.49747764 | +1.41174316 | +0.00562454 
9: 0.50029266 | 0.49747764 | +1.41174316 | +0.00281501 
10: 0.49888583 | 0.49747764 | +1.41174316 | +0.00140819 
10: 0.50029403 | 0.49888583 | +1.41312181 | +0.00140819 
11: 0.49959010 | 0.49888583 | +1.41312181 | +0.00070426 
11: 0.50029437 | 0.49959010 | +1.41381182 | +0.00070426 
12: 0.49994228 | 0.49959010 | +1.41381182 | +0.00035217 
12: 0.50029446 | 0.49994228 | +1.41415698 | +0.00035217 
13: 0.50011838 | 0.49994228 | +1.41415698 | +0.00017609 
14: 0.50003033 | 0.49994228 | +1.41415698 | +0.00008805 
15: 0.49998631 | 0.49994228 | +1.41415698 | +0.00004402 
15: 0.50003034 | 0.49998631 | +1.41420014 | +0.00004402 
co: 0.50000000 | 0.50000000 | +1.41421356 | +0.00000000 

=2 =2£ = 2)/? =0 
Figure 33.1-C: Numerical values occurring in the shift-and-add computation of 6* = 2'/? = \/2. The 


values are printed at points where a comment [PRINT] appears in the code. 


for (ulong k=1; k<n; ++k) 
{ 


v *= 0.5; // v == (1>>k) 


double u; 
bool d; 
ote (1) 


u t + shiftadd_ltab[k]; 
d ( u<=x ); 

// [PRINT] 

if ( d==false ) break; 
t= u; 

et=ex*v; // et=(e>>k); 


} 


return e; 


33.1.3 An alternative algorithm for the logarithm 


A slightly different method for the computation of the base-b logarithm (b > 0, b 4 1) is given in [154]. 
Here the table used has to contain the values A, = log, (#5) where n > 0: 


double *briggs_ltab; 

ulong i1tab_len; 

void 

make_briggs_ltab(ulong na, double b) 
{ 


double lib = 1.0 / log(b); 
double s = 2.0; // == 27k 
briggs_ltab[0] = -1.0; // unsused 
for (ulong k=1; k<na; ++k) 


[fxtbook draft of 2008-January-19] 


33.1: Shift-and-add algorithms for log,(a«) and b® 


629 


n: Ln Yn Zn An 
init 1.41421356 | 0.00000000 | +0.70710678 | +0.00000000 
2 1.41421356 | 0.00000000 | +0.35355339 | +0.41503749 
Ys 1.06066017 | 0.41503749 | +0.26516504 | +0.41503749 
3: 1.06066017 | 0.41503749 | +0.13258252 | +0.19264507 
4: 1.06066017 | 0.41503749 | +0.06629126 | +0.09310940 
5: 1.06066017 | 0.41503749 | +0.03314563 | +0.04580368 
5? 1.02751454 | 0.46084118 | +0.03210982 | +0.04580368 
6: 1.02751454 | 0.46084118 | +0.01605491 | +0.02272007 
6: 1.01145962 | 0.48356126 | +0.01580405 | +0.02272007 
re 1.01145962 | 0.48356126 | +0.00790202 | +0.01131531 
Cs 1.00355759 | 0.49487657 | +0.00784029 | +0.01131531 
8: 1.00355759 | 0.49487657 | +0.00392014 | +0.00564656 
9: 1.00355759 | 0.49487657 | +0.00196007 | +0.00282051 
9: 1.00159752 | 0.49769709 | +0.00195624 | +0.00282051 
10: 1.00159752 | 0.49769709 | +0.00097812 | +0.00140957 
10: 1.00061940 | 0.49910666 | +0.00097716 | +0.00140957 
Li 1.00061940 | 0.49910666 | +0.00048858 | +0.00070461 
11% 1.00013081 | 0.49981128 | +0.00048834 | +0.00070461 
12: 1.00013081 | 0.49981128 | +0.00024417 | +0.00035226 
13: 1.00013081 | 0.49981128 | +0.00012208 | +0.00017612 
413+ 1.00000873 | 0.49998740 | +0.00012207 | +0.00017612 
eh 1.00000000 | 0.50000000 | +0.00000000 | +0.00000000 
=1 = log,(v2)_| =0 =0 


Figure 33.1-D: Numerical 


values occurring in the computation of logs(/2) = 1/2. The value of n is 
incremented in the inner loop (comment [PRINT1] in the code, the value of z changes). The values of x 
and y change just before the location of the comment [PRINT2], corresponding to consecutive rows with 
same value of n. The computation of log, jo(V2) = —1/2 corresponds to the same values but opposite 
signs for all entries A, and yp. 


briggs_ltab[k] = log(s/(s-1.0)) * 11b; 


The algorithm terminates when a given precision (eps) is reached: 


{ 
s *= 2.0; 

} 
} 
double 
briggs_log(double x, double eps) 
{ 

double y = 0; 

double z = x * 0.5; 

// [PRINT] 

ulong k = 1; 


double v = 0.5; 


// v == 27 (-k) 


while ( fabs(x-1.0)>=eps ) 


if ( k >= ltab_len ) 


goto done; 


y_k + log_b(x_k) == log_b(x_0) 


{ 
ae ( fabs(x-z)<1.0 ) 
z *= 0.5; 
t++k; vi *= 0.5; 
// [PRINT1] 
X -= Z; 
y += briggs_ltab[k] ; 
z=x*v; // z=(x>>k) 
// invariant: 
// [PRINT2] 
} 
done 


return y; 


[fxtbook draft of 2008-January-19] 


// no more table entries 


630 Chapter 33: Computing the elementary functions with limited resources 


} 


The code is given in [F XT: |arith/briggs-log-demo.cc|. The values for first steps of the computation for 
the argument a) = V2 are given in figure|33.1-D} The argument 2 must be greater than or equal to 1. 
Knuth [154] gives 1 < x < 2 but the restriction to values smaller than 2 does not seem to be necessary. 


33.2 CORDIC algorithms 


The so-called CORDIC algorithms can be used for the computation of functions like sine, cosine, exp and 
log. The acronym CORDIC stands for Coordinate Rotation Digital Computer. 


Similar to the shift-and-add algorithms (section |33.1) only multiplications by powers of two (shifts), 
additions, subtractions and comparisons are used. Again, a precomputed lookup table with as many 
entries as the desired accuracy in bits is required. 


Some early floating point units (FPUs) used CORDIC algorithms and your pocket calculator surely does. 


33.2.1 The circular case: sine and cosine 


n: Ln Yn Zn, —d-An 
init | 0.60725293 | 0.00000000 | +1.04719755 | +0.00000000 
0: | 0.60725293 | 0.60725293 | +0.26179938 | -0.78539816 
1: | 0.30362646 | 0.91087940 | -0.20184822 | -0.46364760 
2: | 0.53134631 | 0.83497278 | +0.04313044 | +0.24497866 
3: | 0.42697471 | 0.90139107 | -0.08122455 | -0.12435499 
4: | 0.48331166 | 0.87470515 | -0.01880574 | +0.06241880 
5: | 0.51064619 | 0.85960166 | +0.01243409 | +0.03123983 
6: | 0.49721492 | 0.86758051 | -0.00318963 | -0.01562372 
7: | 0.50399289 | 0.86369602 | +0.00462270 | +0.00781234 
8: | 0.50061908 | 0.86566474 | +0.00071647 | -0.00390623 
9: | 0.49892833 | 0.86664251 | -0.00123664 | -0.00195312 
10: | 0.49977466 | 0.86615528 | -0.00026008 | +0.00097656 
11: | 0.50019758 | 0.86591124 | +0.00022819 | +0.00048828 
12: | 0.49998618 | 0.86603336 | -0.00001594 | -0.00024414 
13: | 0.50009190 | 0.86597233 | +0.00010612 | +0.00012207 
14: | 0.50003904 | 0.86600285 | +0.00004508 | -0.00006103 
15: | 0.50001261 | 0.86601811 | +0.00001457 | -0.00003051 
oo: | 0.50000000 | 0.86602540 | +0.00000000 | +0.00000000 
=cos(7/3) | =sin(7/3) | =0 =0 


Figure 33.2-A: Numerical values occurring in the CORDIC computation of cos(7/3) and sin(7/3). 


We start with a CORDIC routine for the computation of the sine and cosine. The lookup table has to 


contain the values arctan(2~”) for n = 0,1,2,3,..., these shall be stored in the array cordic_ctab[]. 
An implementation of the function is given in [FXT: jarith/cordic-circ-demo.cc]: 
void 
cordic_circ(double theta, double &s, double &c, ulong n) 
{ 
double x = cordic_1K; 
double y = 0; 
double z = theta; 
double v = 1.0; 
// [PRINT] 


for (ulong k=0; k<n; ++k) 
{ 


double d = ( z>=0 ? +1: -1); 
double tx =x-d*v*y; 

double ty =y+d*v _* x; 

double tz = z - d * cordic_ctab[k] ; 


[fxtbook draft of 2008-January-19] 


33.2: CORDIC algorithms 


x= tx; yoty; z= tz; 


v *= 0.5; 
// [PRINT] 
} 
c= X; 
s = ¥; 


} 


631 


For the sake of clarity floating point types are used. All operations can easily be converted to integer 
arithmetic. The multiplications by d are sign changes and should be replaced by an if-construct. The 


multiplications by v are shifts. 


The values for first 16 steps of the computation for the argument z) = 0 = 7/3 = 1.04719755... are given 
in figure |33.2-A] While z gets closer to zero (however, the magnitude of z does not necessarily decrease 
with every step) the values of 2 and y approach sin(7/3) = 1/2 and cos(a/3) = V3/2 = 0.86602540..., 


respectively. 


More formally, one initializes 


to = 1/K = 0.607252935008881 ... 
yo = O 
ZO = 0 


and iterates (starting with n = 0) 


A, = arctan (2~”) (precomputed) 
Un = 2” 
dy, = sign(2n) 
Intl = Ln—-—AdnUn Yn  — cos() 
Ynt+1l = Yn + dn Un In _- sin(@) 
Znt1 = 2n—dn An —0 
The scaling constant K is 
= |[v1+2- 
k=0 


Ale RO 
i 


The algorithm converges if —r < zo <r where 


p= S " arctan(2~*) 

k=0 
r = 1.743286620472340003504337656136416285813831185428206523.... 
r > © = 157079632... 


With arguments 20, yo, Zo one has 


z — K (ao cos(zo) — yo sin(zo)) 
y — K (yo cos(z) + 29 sin(z0)) 


z — O 


which, for zo = 1/K, yo = 0, 20 = 9 specializes to the computation as above. 


[fxtbook draft of 2008-January-19] 


1.646760258121065648366051222282298435652376725701027409 . .. 
= 0.6072529350088812561694467525049282631123908521500897724... 


(33.2-1a) 
(33.2-1b) 
(33.2-1c) 


(33.2-1d) 
(33.2-le) 
(33.2-1f) 
) 
) 
) 


$3215 
(33.2-1i 


(33.2-1g 
( 


(33.2-2a) 


(33.2-2b) 
(33.2-2c) 


(33.2-3a) 


(33.2-3b) 
(33.2-3c) 


(33.2-4a) 
(33.2-4b) 
(33.2-4c) 


632 Chapter 33: Computing the elementary functions with limited resources 


A nice feature of the algorithm is that it also works backwards: initialize as above and use the same 


iteration with the slight modification that d, := — sign (y,), then 
zt — Ky/a+ye (33.2-5a) 
y — 0 (33.2-5b) 
Z — 2 — arctan (*) (33.2-5c) 
vO 


The algorithm can be derived by writing 


Pra] = [fem cote] 3.26 


and noting that (using d,, = +1, so cos(d, A,) = cos(A,) and sin(d, Ap) = dy, sin(An)) 


Ln+1 = +1 —dy Un In 
hae = cos(A,) Log ” 41 | ia (33.2-7) 
where v, = 27”. The CORDIC algorithm postpones the multiplications by cos(A,,). One has 
1 
cos(A,) = cos(arctan(2~”)) = ———— 33.2-8 


Thereby 


K = 1/ I cos(A,) = I V1+2-2" (33.2-9) 
k=0 k=0 


33.2.2 The linear case: multiplication and division 


A slight variation gives a base-2 multiply-add algorithm: 


A, 2 (33.2-10a) 
ie = OR (33.2-10b) 
d, = sign(2n) (33.2-10c) 
Cig = wy (33.2-10d) 
Yntt = YntdnUn In (33.2-10e) 
iar = a= dey (33.2-10f) 
then 
x — 2X9 (33.2-11a) 
Y > Yo+ Xo 20 (33.2-11b) 
z— 0 (33.2-11c) 


Going backwards (replace relation |33.2-10c|by d, := — sign (yp)) gives an algorithm for division: 


x —- x9 (33.2-12a) 

iy = 0 (33.2-12b) 

2 3 go (33.2-12c) 
Xo 


[fxtbook draft of 2008-January-19] 


33.2: CORDIC algorithms 633 


n: Ln Yn Zn, An 
init | 1.20749706 | 0.00000000 | +1.00000000 | +0.00000000 
1: 1.20749706 | 0.60374853 | +0.45069385 | -0.54930614 
2: 1.35843420 | 0.90562280 | +0.19528104 | -0.25541281 
3: 1.47163705 | 1.07542707 | +0.06962382 | -0.12565721 
4: 1.53885124 | 1.16740439 | +0.00704225 | -0.06258157 
+4; 1.61181401 | 1.26358259 | -0.05553931 | -0.06258157 
5: 1.57232706 | 1.21321340 | -0.02427913 | +0.03126017 
6: 1.55337060 | 1.18864579 | -0.00865286 | +0.01562627 
7: 1.54408430 | 1.17651008 | -0.00084020 | +0.00781265 
8: 1.53948856 | 1.17047850 | +0.00306606 | +0.00390626 
9: 1.54177465 | 1.17348532 | +0.00111293 | -0.00195312 
10: 1.54292063 | 1.17499096 | +0.00013637 | -0.00097656 
11: 1.54349436 | 1.17574434 | -0.00035190 | -0.00048828 
12: 1.54320731 | 1.17536751 | -0.00010776 | +0.00024414 
13: 1.54306383 | 1.17517913 | +0.00001430 | +0.00012207 
+13: 1.54320729 | 1.17536749 | -0.00010776 | -0.00012207 
14: 1.54313555 | 1.17527330 | -0.00004673 | +0.00006103 
15: 1.54309968 | 1.17522621 | -0.00001621 | +0.00003051 
oo: 1.54308063 | 1.17520119 | +0.00000000 | +0.00000000 

= cosh(1) = sinh(1) =0 =0 


Figure 33.2-B: Numerical values occurring in the CORDIC computation of cosh(1) and sinh(1). Note 
that steps 4 and 13 are executed twice. 


33.2.3. The hyperbolic case: sinh and cosh 


The versions presented so far can be unified as 


ty, = 27" (33.2-13a) 
Intl = Ln —MadnVp Yn (33.2-13b) 
Ynti = Ynt+dnUn In (33.2-13c) 
Znt1 = %n—dnAn (33.2-13d) 


where the linear case corresponds to m = 0 and A, = 27”, the circular case to m = 1 and A, = 
arctan(2~—”). The forward direction (‘rotation mode’) is obtained by setting d, = sign(z,), the backward 
direction (‘vectoring mode’) by setting d, = —sign(yn). 


Setting m = —1 gives a CORDIC algorithm that computes the hyperbolic sine and cosine or their 
inverses. The lookup table has to contain the values arctanh(2~”) for n = 1,2,3,..., stored in the array 
cordic_htab[]. The algorithm needs a modification in order to converge: the iteration starts with index 
one and some steps have to be executed twice. The sequence of the indices that need to be processed 
twice is 4, 13,40, 121,... (¢9 = 4, tn4y = 3%, +1). 


A sample implementation is given in [FXT: jarith/cordic-hyp-demo.cc’: 


void 
cordic_hyp(double theta, double &s, double &c, ulong n) 
{ 


double x = cordic_ikp; 

double y = 0; 

double z = theta; 

double v = 1.0; 

// [PRINT] 

ulong i = 4; 

for (ulong k=1; k<n; ++k) 
v *= 0.5; 

again: 


double d = ( z>=0 ? +1: -1); 
double tx =x+d*v* y; 


[fxtbook draft of 2008-January-19] 


634 Chapter 33: Computing the elementary functions with limited resources 


double ty =y+td*v _* x; 

double tz = z - d * cordic_htab[k] ; 
x= tx; yoty; z= tz; 

// [PRINT] 


if ( k==i ) { i=83*i+1; goto again; } 


} 
The values for first steps of the computation for the argument @ = z,; = 1.0 are given in figure |33.2-B 


The scaling constant corresponding to K is K’, one has 


= II 4/1 —2-2k . I] 4/1 — 2-2ix (33.2-14a) 
k=1 k=0 


K’ = 0.8281593609602156270761983277591751468694538376908425291...  (33.2-14b) 
1 
7° = 1.207497067763072128877721011310915836812783221769813422... (33.2-14c) 


The duplicated indices appear twice in the product. The algorithm can be used for the computation of 
the exponential function using exp(#) = sinh(x) + cosh(#). The algorithm converges if —r’ < z < r’ 
where 


r= Y arctanh(2~*) + 5° arctanh(2~"*) (33.2-15a) 
k=1 k=0 
r’ = 1,118173015526503803610627556783092451806572942929536106...  (33.2-15b) 


With arguments 21, yi, 21 one has 


a — K"' (a cosh(z1) + y sinh(z)) (33.2-16a) 
y — K'(y: cosh(z1) + a1 sinh(z1)) (33.2-16b) 
a+ o (33.2-16c) 


which, for 2, = 1/K’', y, = 0, 2; = 0 specializes to the computation as above. 


The backward version (d,, := — sign (y,)) computes 
zg 7 K',/2?-y? (33.2-17a) 
y > 0 (33.2-17b) 
Z — 2, —arctanh (2) (33.2-17c) 
v1 


For the computation of the natural logarithm use log(w) = 2 arctanh uo. That is, start with 4] = w+1 


and y; = w—1, then z > $ log(w). 


The computation of the square root \/w can be obtained by starting with 7; = w+1/4 and y, = w—1/4 
then z > K’ /w. 


The reader is referred to [14], [132] and chapter 6 of [184] for further studies. 


[fxtbook draft of 2008-January-19] 


635 


Chapter 34 


Recurrences and Chebyshev 
polynomials 


This chapter presents algorithms and material concerning recurrences. 


Firstly, several algorithms for recurrences, mostly for the case of constant coefficients, are given. Secondly, 
the Chebyshev polynomials are described. These are an important special case of a recurrence. 


34.1 Recurrences 


A sequence [ao, a1, a2,...] so that a recurrence relation 
k 
an = S- M7 An—J (34.1-1) 
j=l 


with given m, holds for all a; is called a k-th order recurrence. The recurrence is linear, homogeneous, 
with constant coefficients. The sequence is defined by both the recurrence relation and the first k elements. 


An example, the second order recurrence relation ap, = 1a,—1 +14@n_2 together with ag = 0 and a; = 1 
gives the Fibonacci numbers F,,, starting with a9 = 2 and a, = 1 gives the Lucas numbers L,,: 


n: 0 1 2 3 4 #65 6 7 8 9 10 11 12 13 14 
F(n): 0 1 al 2 3 #5 8 13 21 34 55 89 144 233 377 
L(n): 2 1 3 4 7 11 18 29 47 76 123 199 322 521 843 


The characteristic polynomial of the recurrence relation |34.1-l/is given by 
k 
pic) = 2 —Somja* (34.1-2) 
j=l 


The definition can be motivated by writing down the recurrence relation for the element with index n = k: 


k 
0 = a Sm; ay; (34.1-3) 
j=l 


34.1.1 Fast computation using matrix powers 


For the recurrence defined by the recurrence relation 


Qn t= M1, An-1 + M2 An_2 (34.1-4) 


[fxtbook draft of 2008-January-19] 


636 Chapter 34: Recurrences and Chebyshev polynomials 


and the start ag, a; use the relation 


[ao, a1] ki wal = [ax, ax4i] (34.1-5) 


1 My 


for the fast computation of an individual element a,. The algorithm is fast when powering algorithms 
(see section [27.6) are used. 


Note that with two consecutive terms of the recurrence in the resulting vector it is easy two compute the 
following terms ay41, @+2, ... using the original recurrence relation. 


The generalization is straightforward. For example, a recurrence a, = ™  Gn—1 + M2 Gn—2 + M3 An—3 
corresponds to 


k 
0 O ms 
(ao, Qi, a] 1 O mg. = (ak, Qk+1; ar+2] (34.1-6) 
0 1 My 


The matrix is the companion matrix of the characteristic polynomial «2° — (m2? + mz x2! + m3 2x°), see 
relation |40.5-1]on page Note that the indexing of the mz, is different here. 


Performance 


The computations are fast. As an example we give the timing of the computation of a few sequence terms 
with large indices. The following calculations were carried out with exact arithmetic, the post-multiply 
with the float 1.0 renders the output readable: 


? M=[0,1;1,1] \\ Fibonacci sequence 
? # 

timer = 1 (on) 
i Ne 1] +M~ avoooyiaet 0 


1m 
588 aa76487643 E2089 
? ([0,1]*M*100000) [1] *1.0 


time_= 10 ms. 

2.597406934722 E20898 
? ([0,1]*M71000000) [1] *1.0 

time = 458 ms. 

1.953282128707 E208987 
The powering algorithm can obviously be used also for polynomial recurrences such as for the Chebyshev 
polynomials T,, (x): 


? M=[0, i 1,2*x] 


[1 2*x] 
? a a ca ",(C{1,x]*M*n) [1])) 
QO: 
1: Z 
2: 2*x72 - 1 
3: 4*x73 - 3*x 
e: 8*x74_- 8 x2 + 


1 

{64x75 - 20*x73 + 5¥x 
$ = =([1,x] *M°1000) [1]; 

time = 1,027 ms. 
? poldegree(p) 

1000 
? log(polcoeff (p,poldegree(p) ))/log(10) 

300.728965668317 \\ The coefficient of x~1000 is a 301-digit number 


With modular arithmetic the quantities remain bounded and the computations can be carried out for 
extreme large values of n. We use the modulus m = 2!?79 — 1 and compute the n = (m+ 1)/4 element 
of the sequence 2,4, 14,52,... where ap, = 4an_1 — An_2: 


? m=271279-1; \\ a 1279-bit number 
? log(m) /log(10) 
385.0173 \\ 306 decimal digits 
? M=Mod(([0,-1;1,4],m); \\ all entries modulo m 
? component( ([2,4]+*M7((m+1)/4)) [1], 2) 
pine = 118 ms. 


[fxtbook draft of 2008-January-19] 


34.1: Recurrences 637 


The result is zero which proves that m is prime, see section |37.11.4] Here is a one-liner that prints all 
exponents e < 1000 of Mersenne primes: 


? forprime(e=3,1000,m=2*e-1;M=Mod(([0,-1;1,4] ,m) ;if (O==(( [2,4] *M* ((mt+1)/4)) [1]) ,printi(" ", e))) 
3 5 7 13 17 19 31 61 89 107 127 521 607 


The computation takes a few seconds only. 


The connection of recurrences and matrix powers is investigated in [32]. 


34.1.2 Faster computation using polynomial arithmetic 


The matrix power algorithm for computing the k-th element of a n-th order recursion involves proportional 
log, multiplications of n x n matrices. As matrix multiplication (with the straightforward algorithm) is 
proportional n° the algorithm is not optimal for recursions of high order. Note that the matrix entries 
grow exponentially, so the asymptotics as given is valid only for computations with bounded values such 
as with modular arithmetic. We will see that the involved work can be brought down from log k - n3 to 
log k- n? and even to logk-n- logn. 


The characteristic polynomial for the recursion ay := 3dn—1 + lan—2 + 2an_3 is 
p(t) = 2° -3a?-12-2 (34.1-7) 


We list the first few powers of the companion matrix M of p(x): 


1 0 0 0 0 2 0 2 6 2 6 20 
M°®=|0 1 0 M'=/1 01 M?=|0 1 5 M?={1 5 16] (34.1-8) 
001 G a: 3 1 3. 10 8.10. 35 


Note that each power is a left shifted version of its predecessor, only the rightmost colum is ‘new’. Now 
compare the columns of the matrix powers to the first few values x* modulo p(z): 


x° mod p(t) = 027+02+1 (34.1-9a) 
xi mod p(t) = O02?+12+0 (34.1-9b) 
x? mod p(t) = 12*+02+0 (34.1-9c) 
x? mod p(t) = 327+12+2 (34.1-9d) 
a‘ mod p(r) = 1027+52+6 (34.1-9e) 
x” mod p(a) 3527 + 162 + 20 (34.1-9f) 


Observe that x* mod p(x) corresponds to the leftmost column of M*. 


We now turn the observation into an efficient algorithm. The main routines in this section take as 
arguments a vector v of initial values, a vector m of recursion coefficients and an index k. The vector 
r = [ap, Gp41, -.-, Ak4n] is returned. We compute the leftmost column of M* as z := «* mod p(x) and 
compute a, as the scalar product of z (as a vector) and v. Our main routine is: 


frec(v, m, k)= 


local(n, pc, pv, pp, px, r, t); 
n = length(m) ; 
if ( k<=n, return( recstep(v, m, k) ) ); \\ small indices by definition 
pe = vec2charpol (m) ; 
Mod( x, pce ); 
pp? (x); 
r = vector(n); 
for (i=1, n, 
t = component (px, 2); 
ri] = sum(j=1,n, v[j]*polcoeff(t,j-1,x)); 
Px *= pp; 


3 
ue] 
out 


) : 


? 
return( r ); 


[fxtbook draft of 2008-January-19] 


638 Chapter 34: Recurrences and Chebyshev polynomials 


If only the value ax is of interest, skip the computations in the final for loop for the values i> 1. 
For small indices & the result is computed directly by definition, using the following auxiliary routine: 


recstep(v, m, k)= 
{ /* update v by k steps according to the recursion coefficients in m */ 
local(n,r); 
if ( k<=0, return(v) ); \\ negative k is forbidden 
n = length(m) ; 
r = vector(n); 


for (i=1, k, 
for (j=1, n-1, r[jl=v[j+1] ); \\ shift left 
r[n] = sum(j=1,n, m[nti-j]*v[j]); \\ new element (convolution) 
v= OX; 
)5 
return( r ); 
} 
The auxiliary routine used to compute the characteristic polynomial corresponding to the vector m is: 
vec2charpol (m)= 
{ /* return characteristic polynomial for the recursion coefficients in m */ 
local(d,p); 


d = length(m) ; 
p = x°d - Pol(m,x); 
return( p ); 


} 


The computation of the k-th element of a n-term recurrence involves proportional log k modular polyno- 
mial multiplications. Thereby the total cost is logk- M(n) where M(n) is the cost of the multiplication 
of two polynomials of degree n. That is, the cost is logk-n? when usual polynomial multiplication is 
used, and logk-n- logn if an FFT scheme is applied. 

The matrix power algorithm, restated for the argument structure defined above, can be implemented as: 


mrec(v, m, k)= 


local(p,M); 

p = vec2charpol (m) ; 
M = matcompanion(p) ; 
M = M*k; 


return (v * M ); 


} 
All main routines can be used with symbolic values: 


? frec([a0,al1] , [m1,m2] ,3) 

[m2*m1*aO + (mi72 + m2)*al, (m2*m17*2 + m272)*a0 + (m173 + 2*m2*m1)*ai] 
? mrec([a0,a1] , [m1,m2] ,3) 

[m2*m1*aO + (mi72 + m2)*al, (m2*m1*2 + m2°72)*a0 + (m173 + 2*m2*m1)*ai] 
? recstep([a0,a1], [m1,m2] ,3) 

[m2*m1*aO + (mi72 + m2)*al, (m2*m17*2 + m272)*a0 + (m173 + 2*m2*m1)*ai] 


Performance 


We check the performance (suppressing output): 


? k=1075; 
? recstep((0,1],[1,1],k); 

time = 2,811 ms. \\ time linear in k 
? mrec([0,1],[1,1],k); 

time = 10 ms. \\ time linear in log(k) 
? frec([0,1],[1,1],k); 

time = 4 ms. \\ time linear in log(k) 


The relative performance of the routine frec() and mrec() differs more with higher orders n of the 
recurrence, we use n = 10: 


? n=10; v=vector(n); v[n]=1; m=vector(n,j,1); k=1075; \\ tenth order recurrence 
? mrec(v,m,k); 

time = 2,813 ms. 
? f=frec(v,m,k); 

time = 159 ms. 


[fxtbook draft of 2008-January-19] 


34.1: Recurrences 639 


? log(£)/log(10.0) 
[30078.67, 30078.97, 30079.27, 30079.58, 30079.88, 30080.18, \ 
30080.48, 30080.78, 30081.08, 30081.38] \\ about 30k decimal digits each 
Somewhat surprisingly, we see a performance gain greater than n even though the computations were 
done using integers. Finally, we repeat the computations modulo p = 2°?! — 1 for k = 10°: 
? n=10; v=vector(n); v[n]=1; m=vector(n,j,1); k=10°30; 
? p=27521-1; v=Mod(v,p); m=Mod(m,p); 
? mrec(v,m,k); 
time = 312 ms. 
? frec(v,m,k); 
time = 14 ms. 
That the performance gain with integers is not smaller than with modular arithmetic can be motivated by 
the fact that the quantities in both algorithms grow with the same rate. Now at each step the performance 
ratio should approximately equal n. Thereby the algorithms perform with the same ratio. 


The computational advantage of powering modulo the characteristic polynomial versus matrix powering 
has been pointed out 1994 by Brent |62] p.392] (page 4 of the preprint). 


34.1.3. Inhomogeneous recurrences 


The fast algorithms for the computation of recurrences do only work with homogeneous recurrences as 
defined by relation |34.1-1]on page A inhomogeneous recurrence is defined by a relation 


k 
Om = > mj an-;+ P(n) (34.1-10) 
j=l 


where P(n) is a nonzero polynomial in n. We will show how to transform a inhomogeneous recurrence 
into a homogeneous recurrence of greater order. 


34.1.3.1 Recurrence relations with a constant 


In case a constant is to be added in an k-th order relation, one can use a recurrence of order k + 1. 

From the recurrence relation a, = M1 Qn_1 + M2Qyn_-2 +... + Mp an—~ + C subtract a shifted version 

An—1 = M1 An—2 + M2 Gn_3 +... + ME An—~p-1 + C to obtain apy = (mz + 1) an_1 + (M2 — M1) Gn_2 + 
~+ (mr _ Mk-1) An—k- 


An example should make the idea clear: with a, = 34an_1 — Gn—2 + 2 subtract a shifted version 
Gn—1 = 34an_2 — Gn—3 +2 to obtain a, = 35an_1 — 35ay_2 + an_3. Setting ap = 1, ay = 36 we get, 
using the original relation 

? n=7; 

? ts=vector(n); ts[iJ=1; ts[2]=36; 

? for (k=3,n,ts[k]=34*ts [k-1]-ts [k-2]+2) ; 


? ts 
[1, 36, 1225, 41616, 1413721, 48024900, 1631432881] 


and, using the relation without constant, 


? ts=vector(n); ts[iJ=1; ts[2]=36; ts[3]=34*ts[2]-ts[1]+2; 
? for (k=4,n,ts[k]=35*ts [k-1]-35*ts [k-2]+ts[k-3]); 
7 t 


s 
[1, 36, 1225, 41616, 1413721, 48024900, 1631432881] 


34.1.3.2 The general case 
If the recurrence is of the form 
Gn = M1 Gn-1+M2Gn-2 +... + ME An—~ + P(n) (34.1-11) 


[fxtbook draft of 2008-January-19] 


640 Chapter 34: Recurrences and Chebyshev polynomials 


where P(n) is a polynomial of degree d in n then a homogeneous recurrence of order k + d+ 1 
an = M, An—1 + Mp An—2 +... 4+ Mr+d+1 An—k—d—1 (34.1-12) 


can be obtained by repeatedly subtracting a shifted relation. 


The following pari/gp routine takes as input a vector of the multipliers m; (i = 1, ..., &) and a polynomial 
of degree d in n. It returns a homogeneous recurrence relation as a vector [My, ..., Mziayil: 
ihom2hom(m, p)= 
{ 
local(d, M, k); 
if ( p==0, return(m) ); 
d = poldegree(p, ’n); 
k = length(m) ; 
M = vector (k+d+1) ; 
for (j=1, k, M[jl=m[j]); 
for (s=1, dt+i, 
M[1] += 1; \\ left hand side 
for (j=2, kts, M[j] -= m[j-1]; ); 
m = M; 
D3 
return (M) ; 
} 


In order to verify the output we use a (slow) routine that directly computes the values of an inhomogeneous 
recurrence: 


ihom(v, m, k, p)= 


{ 
local(n, r); 
if ( k<=0, return(v[1]) ); 
n = length(m) ; 
r = vector(n); 
for (i=1, k, 
for (j=1, n-1, r[jl=v[j+1] ); \\ shift left 
r[n] = sum(j=1,n, m[nti-j]*v[j]); \\ new element (convolution) 
r{n] + subst(p, ’n, itn-1); \\ add inhomogeneous term 
; return( r[1] ); 


We use the recurrence relation a, = 3a,—1 + 2an_2 + (n°? — n? — 7). We compute the homogeneous 
equivalent (intermediate values of M added): 


? m=[3,+2] ;p=n*3-n*2-7; 
? M=ihom2hom(m,p) 
[3, 2, 0, 0, 0, 0] 
(4, -1, -2, 0, 0, 0] 
(5, -5, -1, 2, 0, 0] 
(6, -10, 4, 3, -2, 0] 
[7, -16, 14, -1, -5, 2] 
[7, -16, 14, -1, -5, 2] \\ a_n = 7*a_{m-i} - 16*a_{n-2} + 14*a_{m-3} +- ... 


We can compute the first few values for the sequence starting with a9 = 2, a1 = 5 by the direct method: 
? v=(2,5]; 
? for(k=0,9,print(k,": ",ihom(v,m,k,p))); 


FO 


WOONMDOTNAWN! 
PORWHENOFUIN 


A vector of start values and the homogeneous equivalent allow the fast computation using the powering 
algorithms: 


? V=vector(length(M) ,j,ihom(v,m,j-1,p)) 
[2, 5, 16, 69, 280, 1071] 

? for(k=0,9,print(k,": ",frec(V,M,k)[1])); 
[- same output as with direct computation -] 


[fxtbook draft of 2008-January-19] 


34.1: Recurrences 641 


The computation of ai09,000 now takes less than a second: 


? z=frec(V,M,10°5)[1]; \\ result computed in 156 ms. 


? 1.0*z 
1.72279531330182 E55164 
? z=ihom(v,m,10°5,p); \\ result computed in 6,768 ms. 


34.1.4 Recurrence relations for subsequences 
34.1.4.1 Two term recurrences 


The recurrence for the subsequence of every k-th element of a two term recurrence dn = @dn_1 + Ban—2 
can be obtained as follows. Write 


Qn+o = Apadn+ Boan-p = 2an — lay_o (34.1-13a) 
Qn41 = Ayant+ Bran. = aan + Bani (34.1-13b) 
Qnia = Asan + Bodn_e = (07 +28)an — Bana (34.1-13c) 
Qn43 = Azan+ Bz3an—3 = (0° +308)an + B%an_3 (34.1-13d) 
Qni4 = AgQn + Byana = (04+ 4076 +287) an — Brana (34.1-13e) 
Qntk = Argan + Bean_r (34.1-13f) 


We have an, = Ax Gn—~ +B Gn—2~ Where Ap = 2, Ay = wand Agy, =a Ax t+ Ag_i (and By = —(—8)*). 
That is, the first coefficient A; of the recursion relations for the subsequences can be computed by the 
original recurrence relation. For efficient computation use 


cme hy 
[Az, Anti] = [2, a] i (34.1-14) 
A closed form for A; in terms of Chebyshev polynomials is given in [80] item 14]: 
A, = 2(-6)*/? 7, (a//-48) (34.1-15) 


A simple example, let fF, and L, denote the n-th Fibonacci and Lucas number, respectively. Then 
a=$=1and 


k 
0 1 
Ay Apel = Pl i 1 =i iy Teas (34.1-16) 
That is 
Fi, n+e = Ly Fi, (n—1)+e — (—1)* Fy, (n—2)+e (34.1-17) 


where k € Z and e € Z. The variable e expresses the shift invariance of the relation. 


34.1.4.2 Recurrences of order n 


For the stride-s recurrence relations of order n the following may be the most straightforward algorithm. 
Let p(x) be the characteristic polynomial of the recurrence and M its companion matrix. Then the 
characteristic polynomial of M* corresponds to the recurrence relation of the stride-s subsequence. 


recsubseq(n, s, m=0)= 
{ /* Return vector coefficients of the stride-s subsequence 
a the n-th order linear recurrence. 
* 
local(p, M, z, r); 
if ( O==m, 


[fxtbook draft of 2008-January-19] 


642 


m = vector(n, 


, /* else */ 


= length(m) ; 


RN S'd 
ou oie 


return( r ); 


} 


For the second order recurrence we get what we have already seen for s = 0,... 


? m=[a,b]; 
? for (s=-2, 5,print(s, 


Chapter 34: Recurrences and Chebyshev polynomials 


j,eval(Str("m" j))); \\ use symbols m_j 


\\ m given 


vec2charpol (m) ; 
matcompanion(p) ; 
x°n-charpoly(M‘*s) ; 
vector (n,j,polcoeff(z,n-j,x)); 


":  ",recsubseq(0,s,m));); 


-2: [1/b72*a72 + 2/b, -1/b°2] 
-1: [-1/b*a, 1/b] 

O: (2, -1] 

1: fa, bl 

2: [a°2 + 2*b,  -b*2] 

3: [a°3 + 3*b*a, b*3] 

4: [a°4 + 4*b*a*2 + 2*b*2,  -b74] 
5: [aS + 5*b*a73 + 5*b72*a, b75] 


For the third order recurrence we get: 


? m=[a,b,c]; 
? for (s=-2, 5 »print(s, 


":  ",recsubseq(0,s,m));); 


[2/-c*a - 1/-c72*b°2, 1/-c*2*a°2 + 2/-c72*b, 1/c*2] 


[-1/c*b, 1/- 


[3, -3, 1] 


[a*2 + 2*b, 


c#a, 1/c] 


2Q*c*a - b°2, c72] 


[a*3 + 3*b*a + 3%c, -3*c*b*a + (b73 - 3*c*2), c73] 
[a*4 + 4*b*a°2 + 4*c¥a + 2*b72, \ 
-2*c72*a~2 + 4*xc*b°2*a + (-b°4 + 4*c72*b), \ 


=2i 
=1 

O: 

12. «a. b, c] 
2: 

3 

4 


c74] 


5: [a75 + 5*b*a73 + 5*c#a72 + 5*b72*a + 5*c*d, \ 
5*c72*b*a72 + (-5*c#b73 + 5*c73)*a + (b7°5 - 5*c72*b72), \ 


c75] 


34.1.5 Generating functions for recurrences 


A generating function for a recurrence has a power series where the k-th coefficient equals the k-th term 
of the recurrence. For example, for the Fibonacci- and Lucas numbers: 


imo = O+e4+a2 +203 +304 + 50° + 80° + 1307 + 212° 4+ 34094... 
—-2—-@ 
CO 
- ors! 
k=0 
2 = 
as = Bt 82? + 409 + Tot + 112 + 180° + 2927 + 47a +... 
—-2—-@ 
CO 
- ne 
k=0 
In general, for a recurrence a, = pweeen Mr Gn—kK With given ag, a1, ..., @K one has 


K-1 

> b; x4 

j=0 ap j 
SS a 


K 
Lea 1M; x9 


[fxtbook draft of 2008-January-19] 


(34.1-18a) 


(34.1-18b) 


(34.1-18c) 


(34.1-18d) 


(34.1-19a) 


34.1: Recurrences 


where the denominator is the reciprocal polynomial of the characteristic polynomial and 


bo = a0 

by = a, —(aom) 

bo = a- (ao m2 + ay my) 

bs az — (ag m3 + a1 Mz + a2mM1) 
k-1 

br = aAk— ; aj ME; 
j=0 


As an example we choose the sequence 


(0, 0, 1, 1, 2, 4, 7, 13, 24, 44, 81, 149, 274, ...] 


with the recurrence relation ay), = @n—1 + Gn—2 + An_2: 


a=[0,0,1]7; 
m=[1,1,1]~; 
K=length(m) ; 
b=vector(K, k, alk]-sum(j=0,k-2, a[j+1]*m[k-j-1])) 
(0, 0, 1] 
? pb=sum(j=0,K-1,b[j+1] #x7j) 
x72 


NNN NY 


? pr=1-sum(k=1,K,m[k]*x*k) \\ reciprocal of charpoly 
-x°3 - x°2 -x+i1 ; : 

? gen=pb/pr \\ the generating function 
x°2/(-x73 - x°2 - x + 1) 

? t=taylor(gen, x) 


X72 + x73 + 2kx74 + 4kx75 + 7*xX76 + 13¥*xX77 + 24*x78 + 44*x79 + 81*x710 
+ 149*x711 + 274*x712 + 504*x713 + 927*x714 + 1705*x715 + 3136*x716 + O(x717) 


? t=truncate(t); 
? for(j=0,poldegree(t) ,printi(" ",polcoeff(t,j))) 
0 011 2 4 7 #13 24 #44 81 149 274 504 927 


1705 3136 


643 


(34.1-20e) 


(34.1-21) 


Note that the denominator is the reciprocal of the characteristic polynomial. The general form of the 


expressions for a two term linear recurrence can be obtained using symbols: 


a=[a0,a1]~; 
m=[m1i,m2]~; 
K=length(m) ; 
b=vector (K,k,a[k]-sum(j=0,k-2,a[j+1]*m[k-j-1])) 
[aO, -mixaO + ai] 
? pb=sum(j=0,K-1,b[j+1] #x7j) 
(-mi*aO + a1)*x + ad 
? pr=1-sum(k=1,K,m[k]*x*k) 
—m2*x72 - mixx + 1 
? gen=pb/pr \\ the generating function 
((-m1i*aO + a1)*x + a0)/(-m2*x*2 - mixx + 1) 
? t=taylor(gen,x); 
? t=truncate(t); 


NNN 


? for(j=0,poldegree(t) ,print(j,": ",polcoeff(t,j))) 
O: a 
1: al 
2: m2*aO + mixal 
3: m2*mi*a0 + (mi72 + m2)*al 
4: (m2*m172 + m2*2)*a0 + (m173 + 2*m2*m1)*al 
5: (m2*m1i73 + 2*m272*m1)*a0 + (m174 + 3*m2*m1i*2 + m272)*al 
6: (m2*m1i74 + 3*m272*m17*2 + m2*3)*a0 + (m175 + 4*m2*m173 + 3+*m272*m1)*al 
7: (m2*m1i75 + 4*m272*m173 + 3*m273*m1)*a0 + (m1*6 + 5*m2*m174 + 6*m272*m1~*2 + m2*3)*al 


34.1.6 Binet forms for recurrences 


A closed form expression for the Fibonacci numbers is 


© | fa ‘i 
rR = + V5 


1-5 


Ji y 


2 


[fxtbook draft of 2008-January-19] 


(34.1-22) 


644 Chapter 34: Recurrences and Chebyshev polynomials 


For a two-term recurrence a), = M1 Gn—1 + M2 Gyn—2 a Closed form solution is given by 


1 
a, = — |(a,—a9M) P®— (a1 —a9P) M”| (34.1-23a) 
w 


where w = \/mi +4me2, P= (m+ w)/2 and M = (m, — w)/2. 


In general such formulas can be obtained as exemplified using a three-term recurrence: let aj, = m1 G,—1+ 
Mz Gn—2 + M3 An_3, its characteristic polynomial is p(x) = x3 — (m, 27+ mzgx+ms3). Let rg, 71, T2 be 
the roots of p(x), then a, =corg +car? +car} if co, c1, cz satisfy 


ag = cor Cr © (34.1-24a) 
ay = ToCcorTM C1 +12 C2 (34.1-24b) 
a2 = MCotTia +73 C2 (34.1-24c) 


That is, we have to solve the matrix equation Z -c = a for the vector c where a is the vector of starting 
values and 


1 1 i 


Z= To 1 T2 (34.1-25) 


2 92 92 
ro Tr 2 


Verification with the three term recurrence ay, = Gn—1 + Gn—2 + Gn—2 starting with ag = a; = 0 and 
aj =1: 


? a=[0,0,1]~; 
? m=(1,1,1]*; 
? K=length(m) ; 
? p=x*K-sum(k=1,K,m[k]*x*(K-k)) \\ characteristic polynomial 
Xo Ss R20 > eS 
r=(polroots(p)) 
[1.8392867, -0.419643 - 0.606290*I, -0.419643 + 0.6062907*I]~ 
? Z=matrix(K,K,ri,ci,r[ci]~(ri-1)) 
[1 1 1] 
[1.839286 -0.4196433 - 0.6062907*I -0.4196433 + 0.6062907*I] 
[3.382975 -0.1914878 + 0.5088517+I1 -0.1914878 - 0.5088517*I] 


~_ 


? c=matsolve(Z,a) 
[0.1828035 + 1.8947 E-20*I, -0.09140176 - 0.3405465*I, -0.0914017 + 0.3405465*I] ~ 
? norm(Z*c-a) \\ check solution 
[1.147 E-39, 6.795 E-39, 3.673 E-39]~ 
? seq(n)=sum(k=0,K-1,c[k+1] *r[k+1] “n) 
? for(n=0,20,printi(" ",round(seq(n)))) 
0011247 13 24 44 81 149 274 504 927 1705 3136 5768 10609 19513 35890 


The method fails if the characteristic polynomial has multiple roots because then the matrix Z is singular. 


34.1.6.1 The special case c, = 1 


Let p(x) be the characteristic polynomial of a recurrence, with roots rj: p(x) = [], (w — rx). We want to 
determine the generating function for the recurrence such that a; = )°, ri) (that is, all constants cz, are 
one). For the reciprocal polynomial h of p we have h(x) = J], (1 — rx @), and (using the product rule 
for differentiation) 


(34.1-26) 


h'(x j41 j 
= ie a (= rit x (34.1-27) 


That is a; = >°, ae and cy, = 1 for all k. The relation is the key to the fast computation of the trace 
vector in finite fields, see relation |40.3-6]on page [861] 


[fxtbook draft of 2008-January-19] 


34.2: Chebyshev polynomials 645 


34.1.6.2 Binet form with multiple roots of the characteristic polynomial 


When the characteristic polynomial has multiple roots the Binet form has coefficients that are polynomials 
in n. For example, for the characteristic polynomials p(x) = (a — ro)? (a — r1) the Binet from would be 
An = (Cot ndg + neo) ri +ce1rf. With n = 0, 1, and 2 we obtain the system of equations 


ao = (Co +0 do 1 Oe €0) 1 Cl (34.1-28a) 
ay = 70 (Co +1 do i i i? €0) +TT1Ciy (34.1-28b) 
dg = ra(egt+2do +2 ep) + rec (34.1-28c) 


In general, the coefficient of the power of the k-th root rz, in the Binet form must be a polynomial of 
degree mz, — 1 where m, is the multiplicity of rz. 


34.1.7 Logarithms of generating functions * 


A seemingly mysterious relation for the generating function of the Fibonacci numbers 


1 co 
fe) = yao F L+at2e?+30°+5c4+8e°+...= S$ > Fiyia® (341-29) 
eS 
is 
ie, Wwe oe, is ge ee oe ~ La 
= a big as. = 41 
log(f(z)) x 5 3% gta rac 5 lle = Dag k (34.1-30) 


where L;, are the Lucas numbers. Similarly, 


1 
g(x) = = 5 = 14 2x + 5a? + 122° + 29a* + 702° + 1692° +... (34.1-31a) 
—2x2-2 


1 1 1 1 1 
log(g(x)) = 2 a+ 53a°+ 57a +7 1Ta" | 410° + 299094... (34.1-31b) 


Now set f(x) =: Ray then 


= tox(F(0)) = ke (Zs) = ae (34.1-32) 


The expression ““ is again the generating function of a recurrence and formal integration of the Taylor 
p h(a) g g & g 


series terms gives the factors i The observation is a special case of the algorithm for the computation 


of the logarithm for powers series given in section on page 


34.2 Chebyshev polynomials 


The Chebyshev polynomials of the first (J) and second (U) kind can be defined by the functions 


Tn(x) = cos[n arccos(x)] (34.2-1a) 
ia = sma A) eee (34.2-1b) 


For integral n both of them are polynomials. The first few polynomials are given in figure |34.2-A| (first 
kind) and figure |34.2-B] (second kind). 


[fxtbook draft of 2008-January-19] 


646 Chapter 34: Recurrences and Chebyshev polynomials 


Pan(g)) =. Tp (a) 

L4(G)> = “Ge 

To(z) = 1 

T(z) = « 

T(x) = 2a7-1 

T3(2) = 423-32 

Ta(z) = 82'-—82?+1 

T5(z) = 162°-—202°+52 

Te(a) = 322°—48a*4+ 1827-1 

Tr(z) = 6427 -11292°4+5623-72 

Ta(z) = 1282° —2562°+ 16024 — 3227+1 

Ty(z) = 25629 —5762' + 4320° —1202° +92 

Tio(t) = 51219 — 12802° + 1120 2° — 400 2* + 50a? —1 
Tii(x) = 1024a*! — 2816 2° + 28162’ — 12322° + 22027 — 11a 


Figure 34.2-A: The first few Chebyshev polynomials of the first kind. 


U_p»(x) = —Uy~-2(x) 
U_o(x) = -1 
U_i(z) = 0 
U(x) = 1 
Ui(z) = 2@ 
Us(z) = 427-1 
Us(z) = 82°-Ax 
U(x) = 1624-122? 4+1 
Us(z) = 32a°-320°+62 
Us(z) = 642°— 8024+ 2427-1 
Ur(z) = 12827 —1922°4+ 8027-82 
Us(z) = 2562° — 448 2° + 24024 — 4027 +1 
Ug(z) = 51229 — 102427 + 6722° — 160274 102 
Uio(x) = 1024x1° — 230428 + 1792 2° — 560 2* + 6027 — 1 
Uyi(z) = 204827" — 51202° + 46082" — 1792 2° + 28027 — 122 


Figure 34.2-B: The first few Chebyshev polynomials of the second kind. 


[fxtbook draft of 2008-January-19] 


34.2: Chebyshev polynomials 647 


One has 
ie , (n—k-1)! play 
T,(2) = 5 » aR ieee 
[n/2| 
k=0 
[n/2| A 
k=0 
and 
[n/2] (n — k)! 
AC S- ( 1) Bm ob! (Ors a (34.2-5a) 
k=0 , 
[n/2| 
- Sev (ee (2n)"-2* (34.2-5b) 
k=0 
n/2+1 
7 S Coa (a? — 1) (34.2-5c) 
k=0 


The indexing of U seems to be slightly unfortunate, having Up = 0 would render many of the relations 
for the Chebyshev polynomials more symmetric. 


The n+ 1 extrema of T,,(x) are located at the points x, = cos hE where k = 0,1,2,...,n and -1 < 

tp < +1, which can be seen from the definition. The values at those points are +1. The n zeros lie at 
— cog (=1/2) 7 = 

Lp = cos ~~ where k = 1,2,3,...,n. 


The expansion of x” in terms of Chebyshev polynomials of the first kind is, for n even, 


1 n 1 ici n 
oS on (70) +5 » (;) Tn—2k(2) (34.2-6a) 
and, for odd n, 
1 Dey 
a = a @) Tn—28(2) (34.2-6b) 


k=0 


For the Chebyshev polynomials of the first kind one has 


T,, (Gi) = = (34.2-7) 


This relation can be used to find a solution of T,,(”) = z directly. Indeed 


7 En + VR where Ry i= (2+ (x=) (34.2-8) 


is a solution which can be chosen to be real if z € R and z > 1. Thereby we have the closed form 
expression 


Tr(z) = —- where ro:= (e+ v 2-1) (34.2-9) 


[fxtbook draft of 2008-January-19] 


648 Chapter 34: Recurrences and Chebyshev polynomials 


34.2.1 Recurrence relation, generating functions, and the composition law 


Both types of Chebyshev polynomials obey the same recurrence (omitting the argument 2) 
Nn = 22Nyn-1— Nn-2 (34.2-10) 


where N can be either symbol, T or U. Recurrence relations for subsequences are: 


Nn4i = [2a]-Nn- Nn-1 (34.2-11a) 
Nn+2 = [2(207-1)]-Nn—Nn—2 (34.2-11b) 
Nn+s = [2(40° —32)]- Nn — Nn—s (34.2-11c) 
Nata = [2(80*—82?+1])-Ny— Nps (34.2-11d) 
Nn+s = [2(16x° — 20x° + 5x)] - Ny — Nn—s (34.2-11e) 
Nn+s = [27Ts(a)]-Nn — Nn-s (34.2-11f) 
The generating functions are 
l-—at oS 
ee ed ae 34.2-12 
1—22t+2 py (2) ( a 
1 Co 
——; = t” Uy, 34.2-12b 
1—22t+2 » Un (2) ( ) 
Quick check of relation |34.2-12aJ using pari/gp: 
? gen=truncate (taylor ((1-t*x) /(1-2*x*t+t*2) ,t)); 
? for(k=0,5,print(k,": ",polcoeff(gen,k,t))); 
tig 
2: 2*x72 - 1 
3: 4*x73 - 3*x 
4 8*x74 - 8*x72 + 1 
5 16*x°5 - 20*x73 + 5*x 
Binet forms for T (compare with relation |34.2-9}on the previous page) and U are 
iL n n 
Tie = = I(z + 2? 1) ! (- 2 1) (34.2-13a) 
U, (2) : ( +V2 i (:-V2 i)” | (34.2-13b) 
n(Z) = m= ](z z z z .2- 
2Vz22-1 
Composition is multiplication of indices as can be seen by the definition (relation |34.2-la]on page |645): 
Tn(Ln(2)) = Trm(2) (34.2-14) 
For example, 
Ton(z) = To(T,(x)) = 27?2(2)-1 (34.2-15a) 
= 1,(Ta(x)) = T,(22? - 1) (34.2-15b) 


34.2.2 Index-doubling and relations between T' and U 


Index-doubling relations for the polynomials of the first kind are 


to = 271 (34.2-16a) 
Tontt = 2TaiiTIn—2 (34.2-16b) 
To. 4. = BE ae (34.2-16c) 


[fxtbook draft of 2008-January-19] 


34.2: Chebyshev polynomials 


Similar relations for the polynomials of the second kind are 


Us, = UZ—Us_1 = (Unt+Un—1) (Un — Uns) 
SS ee, a Ge 
Uont1 = Un (Un41 — Un-1) 
=! OT xa = 90) = 9 GT a) 
Uoen-1 = Un_-1 (Un — Un—2) 


= 2Un-1 (Un, — «Un-1) = 2Un 1 (aU, 1—U, 2) 


Some relations between T and U are 


1 
Th = Un — ©Un—1 — tUn-1 —Un_2 = 3 (Un — Un-2) 
Tnti = Ty —(1—27)Up- 
Van = 2Th Un -1 
Van— = 2 Th Un—1 = 2 (Tn41 Un So x) 
Van+ = 2Tn+41 Un = 2 (Tn2 Un-1 + x) 
n—-1 
Umr_1 = 2” |] Tx 
k=0 


Relation |34.2-18b| written as 


£Tp41 = Th+2 Th = LTn41 
Un = = 
1-2? 1-2? 


649 


(34.2-18f) 


(34.2-19) 


can be used to compute the polynomials of the second kind from those of the first kind. One further has: 


TrhimtIn-em = 27,Tn 
Tr+m _ Ln—m = 2 (a? + 1) Un—1 Um-1 
Un+m—1 ae URema = 2 Un-1 Im 
Un+m—1 —_ Un—m-1 = 2Th Um-1 
Expressions for certain sums: 
. 1 
S Tx = 5 (1+ Van) 
k=0 
n—-1 1 
» Tort. = 3 Uan—1 
k=0 
” 1 — Tonto 
dU = aq ah 
— 2(1— 2x?) 
> U — &—Trn41 
aby FET sey 
k=0 


Using 0,cos(n arccos(x)) = n sin(n arccos(x))/V1— x? we obtain 


OrT n(x) = nUy_-1i(x) 


[fxtbook draft of 2008-January-19] 


(34.2-21a) 


(34.2-21b) 


(34.2-21c) 


(34.2-21d) 


(34.2-22) 


650 Chapter 34: Recurrences and Chebyshev polynomials 


34.2.3 Fast computation of the Chebyshev polynomials 


We give algorithms that improve on both the matrix power, and the polynomial based algorithms. 


34.2.3.1 Chebyshev polynomials of the first kind 


For even index use relation |34.2-16a](T>, = 2T? — 1). For odd index we use relations |34.2-16c]and 


[16] We compute the pair [T;,-1, T;,] recursively via 


[Tn—1, In] = [27 ,-1T,-2, 277-1] where q=n/2, if neven (34.2-23a) 
et En) oS *[D ia —1,2T)-1T,—a] where g=(n+1)/2, ifnodd (34.2-23b) 


Note that no multiplication with x occurs thereby the computation is efficient also for floating point 
arguments. With integer x the cost of the computation of T,,(x) is ~ M(n) where M(n) is the cost of a 
multiplication of numbers with the precision of the result. When z is a floating point number the cost is 
~ log,(n) M(n) where M(n) is the cost of a multiplication with the precision used. 


The code for the pair computations is 


fvT(n, x)= 
{ /* return [ T(n-1,x), T(n,x) ] */ 
local(nr, t, ti, t2); 
if ( n<=1, 
if ( 1==n, return( [1, x] ) ) 
if ( 0==n, return( [x, 1] ) ) 
if ( -1i==n, return( [2*x72-1, x] ) ); 
return( 0 ); | \\ disallow negative index < -1 


2 
’ 


yi 
mr = (nti) >> 1; \\ if ( "n even", nr = n/2 , nr = (n+1)/2; ); 
vr = fvT(mr, x); \\ recursion 


t1 =vrf[i]; +t2 = vr([2]; 
if ( !bitand(n,1), \\ n is even 
= [2*ti*t2-x, 2*t2°72-1]; 


t 
t = [2eti72-1, 2*t1#*t2-x]; 


> 
return( t ); 


} 

The function to be called by the user is 
fT(m, x)= 

{ 


local(q, t, v, 1); 

n = abs(n); 

if ( n<=1, 
if (m>=0, return(if(0==n,1,x))); 
return( fT(-n, x) ); 


=n; 
while ( 0==bitand(q, 1), q>>=1; tt=1; ); 
\\ here: n==q*27t 
T = fvT(q, x)[2]; 
while ( t, T=2*T*T-1; t-=1; ); 
return( T ); 
} 
We check the speedup by comparing with the matrix-power computation that gives identical results. We 
compute Ty 545,967(2), a number with more than 2,600,000 decimal digits: 
vT(n,x)= return( ([1, x]*[0,-1; 1,2*x]7n) ); 
x=2; \\ want integer calculations 
n=4545967 ; 


vT(n,x); \\ computed in 9,800 ms. 
fvT(n,x); \\ computed in 2,241 ms. 


C++ implementations for the computation of T,(2) and T;,(a2) modulo m are given in [FXT: 


mod/chebyshev1l.cc’. 


[fxtbook draft of 2008-January-19] 


34.2: Chebyshev polynomials 651 


34.2.3.2 Chebyshev polynomials of the second kind 


One can use the fast algorithm for the polynomials of the first kind and relation |34.2-19] (U, = (Th — 
2Ty41)/(1 — x7), involving a division): 


fU(n, x)= 
{ 


local (v); 
if ( 1==x, return(nti) ); \\ avoid division by zero 
v = fvT(nt1, x); 
return( (v[i]-x*v[2])/(1-x72) ); 
} 


We give an additional algorithm that uses 3 multiplication for each reduction of the index n. One 
multiplication is by the variable 7. We compute the pair [U,_1, U,] recursively via 


M, = (U,+Uq-1) Ug —Uy-1) (34.2-24a) 
(Un-1, Un] = [2Ug-1 (Ug -—@Uq-1), Mg] where q=n/2, ifn even (34.2-24b) 
(Un-1, Un] = [Mg, 2U, (eU,—Ug-1)]| where qg=(n-—1)/2, ifnodd (34.2-24c) 


The code for the pair computations is 


fvU(n, x)= 
{ /* return [ U(n-1,x), U(n,x) ] */ 
local(nr, ui, u0, ue, t, u); 
if ( n<=1, 
if ( 1==n, return( [1, (2*x)] ) ); 
if ( O==n, return( [0, 1] ) ); 
if ( -1==n, return( [-1, 0] ) ); 
if ( -2==n, return( [-(2*x), -1] ) ); 
return( 0 ); \\ disallow negative index < -2 


Oe 

mr =n >> 1; \\ if ( "n even", nr =n/2, nr = (n-1)/2; ); 
vr = fvU(mr, x); \\ recursion 

ui = vr[i]; uO = vr([2]; 


ue = (ud+ui) * (u0-ul); 
if ( !bitand(n,1), \\ n is even 


t = ul*(u0-x*ul); tt=t; 
u=[t, uel]; 
t = ud*(x*u0-ul); tt=t; 
u = [ue, t]; 


)3 

return( u ); 

} 

The function to be called by the user is 
fU(m, x)= return( fvU(n,x) [2] ); 


The comparison with the matrix-power computation shows almost the same speedup as for the polyno- 
mials of the first kind: 


vU(n,x)= return( [0, 1]*[0,-1; 1,2*x]“n ); 
x=2; \\ want integer calculations 
n=4545967; 

vU(n,x); \\ computed in 9,783 ms. 
fvU(n,x); \\ computed in 2,704 ms. 


C++ implementations for the computation of U,(2) and U,(x) modulo m are given in [FXT: 


mod/chebyshev2.cc . 


34.2.3.3 Symbolic computation 


For symbolic computations the explicit power series as in |34.2-4al or |34.2-5a] on page should be 


preferred. The following routine computes T;, as a polynomial in @: 


[fxtbook draft of 2008-January-19] 


652 Chapter 34: Recurrences and Chebyshev polynomials 


chebyTrec (n)= 
{ 


local(b, s); 
b = 2°(n-1); 
if ( O==n42, if ( O==n%4, s=t1, s=-1 ), s=0 ); 
forstep (k=n, 1, -2, 
s t= b*’x7(k); 
b *= -(k*(k-1))/((atk-2) * (n-k+2)) ; 


); 
: return( Pol(s) ); 


For U,, one can use 


chebyUrec (n)= 
{ 


local(b, s); 
n += 1; 
b = 27(n-1)/n; 


s ? 

forstep (k=n, 1, -2, 

s += (k)*b*’x7(k-1); 

b *= -(k*(k-1))/((ntk-2) *(n-k+2)) ; 


De 
return( Pol(s) ); 


34.2.4 Relations to approximations of the square root * 


34.2.4.1 Padé approximants for Vr? +1 


We start with the relation (from the definitions |34.2-1a| and |34.2-1b}on page and sin? + cos? = 1) 
T-—(@"-1)24 = 1 (34.2-25) 


which we write as 


—_ 
Veat = gee (34.2-26) 


em) 
If we define R, = T,/Un—1, then 
Th 
R(t) = —t w& Va?-1 (34.2-27) 
Un-1 
A composition law holds for R: 
Rnn(@) = Rm(Rn(2)) (34.2-28) 
We list the first few values of R;,(2) and R(x): 
ki Ry (2) R,(2) 
x 
1: 2/1 — 
/ 1 
Qu? —1 
2: 4 
ie 2x 
Ax? — 3a 
3: 26/15 Dee (34.2-29) 
824 — 827 +1 
4: SSE EE 
97/56 ae 
16x° — 20x? + 5a 
= aoaray 16x24 — 12”2 +1 
oo: V3 2 —1 


[fxtbook draft of 2008-January-19] 


34.2: Chebyshev polynomials 653 
If we define T,' (x) := T(ix)/i” and U,*(x) := U(izx)/i" then 
Tt? (97 +1)U77, = 1 (34.2-30) 
Defining R+ := T+/U_, we have 
Rin(t) = Rp(Rn(2)) (34.2-31) 


Tt? —1 Tt 
+1 = 4/4 *& m = R(x) (34.2-32) 
Us Ue 


The first few values of R{(1) and Rf (x) are 


and 


r 


k REC) Re (2) 
L: 1/1 : 
202 +1 
2: 3/2 = 
3: 7/5 aes (34.2-33) 
824 + 8x2 +1 
4: 17/12 Sa 


162° + 20x? + 5a 
16a4 + 12%? + 1 


oo: V2 v2 +1 


5: 41/29 


Relations |34.2-30] and |34.2-25] can be used to power solutions of Pell’s Diophantine equation, see sec- 
tion |37.13.2}on page |780 


34.2.4.2 Two products for the square root 


For those fond of products: for d>0,d41 


= 1 d+1 
vd = J[(1+—) where go = oes. dha =2q2-1 (34.2-34) 
k=0 = a= 


(convergence is quadratic) and 


> 2 d+3 
vd = JJ (1 ae ) Hee, pS eee eae 0085) 
are hr d—1 


(convergence is cubic). These are given in [29] (also in [110], more expressions can be found in [103]). 
The paper gives hey, = ae i ae (h?) — 3. Note that for relation |34.2-34] we have 


qk = Tx(q0) (34.2-36) 
1 —1)* 2(1—d)* 
= a 2 — st) where N= 2* (34.2-37) 
qk wee ON) di (1 + Vad)?N + (1 — Vd)? 
where TJ), is the n-th Chebyshev polynomial of the first kind. One finds 
1l-d 
dk = Tox(1/c) where c= faa © <1 (34.2-38) 


[fxtbook draft of 2008-January-19] 


654 Chapter 34: Recurrences and Chebyshev polynomials 


l-c¢ 1 —c Uge_,(1/c) 
4/—— ®& 34.2-39 
1l+e c — Tyx(1/c) ( ) 
l—c 


which can be expressed in d = 77 as 


and 


1+d 
Vd & (a) where d>1 (34.2-40) 


where U,, is the n-th Chebyshev polynomial of the second kind. We have U3._,(a) = 2* ear To: (a). 
Successively compute T>: = 2 Te — 1 and accumulate the product Ugi_, = 2 Ugi-1_4 Toi-1 until Ugr_ 4 
and Ty. are obtained. Alternatively use the relation U,(a) = Et OxT41(a) and use the recursion for 


the coefficients of T’ as shown on page 
A systematic approach to find product expressions for roots is given in section on page [558] 


[fxtbook draft of 2008-January-19] 


655 


Chapter 35 


Cyclotomic polynomials, 
Hypergeometric functions, and 
continued fractions 


We describe the cyclotomic polynomials and some of their properties, together with the Mobius inversion 
principle. We also give algorithms to convert a power series into Lambert series and infinite products. 


We describe the hypergeometric functions which contain most of the ‘useful’ functions such as the log- 
arithm and the sine as special cases. The transformation formulas for hypergeometric functions can be 
used to obtain series transformations that are non-obvious. The computation of certain hypergeometric 
functions by AGM-type algorithms is described in section [30.3] on page [578 


Further continued fractions are described together with algorithms for their computation. 


35.1 Cylotomic polynomials, Mobius inversion, Lambert series 


35.1.1 Cyclotomic polynomials 


The roots (over C) of the polynomial x” — 1 are the n-th roots of unity: 


n-1 


g?-1 = TI («-ex (72*)) (35.1-1) 


k=0 


The n-th cyclotomic polynomial Y,, can be defined as the polynomial whose roots are the primitive n-th 
roots of unity: 


Yp(z) = II (« — exp A) (35.1-2) 


&k=0..0—1 
gcd(k,n)=1 


The degree of Y,, equals the number of primitive n-th roots, that is 
deg(Y¥n) = ¢(n) (35.1-3) 
The coefficients are integers, for example, 


Yes(xz) = 2°86 — 2933 4 9?! — 4 4 8 — 9 4? — 23 +1 (35. 1-4) 


[fxtbook draft of 2008-January-19] 


656 Chapter 35: Cyclotomic polynomials, Hypergeometric functions, and continued fractions 


n: Yn (x) 

1: xe 1 

2: x +1 

3: x72 +x4+1 

4: x72 + 1 

ie x°44+ x73 + x72 + x+ 1 

6: X02 x a 

7: x76 + x75 + x74 4+ x73 + x72 + x41 

8: x74 + 1 

9: x76 + x73 4+ 1 

10: x°4- x73 + x72 -x+1 

11: x°10 + ... + 1 <--= all coefficients are one for prime n 
12: x°4- x72 +1 

13: XOUD 4a ol 

14: x76 - x75 + x74 - x73 + x72 -x+1 

15: x78 - x°7 + x75 - x°4+ x73 -x+1 

16: x78 + 1 

17: x716 +... +1 

18: x76 - x73 4+ 1 

19: x718 +... +1 
20: x78 - x°6 + x74 -x724+ 1 
21: x712 - x711 + x79 - x78 + x76 - x74 4+ x73 -x+1 
22: x710 - x79 + x°8 - x77 + x76 - x75 + x74 - x73 4+ x72 -x4+1 
23: x722 +... + 1 
24: x78 - x74 41 
25: x720 + x715 + x710 + x754+1 
26: x712 - x711 + x710 - x79 + x78 - x77 + x76 - x75 + x74 - x73 + x72 -x+1 
2(: x718 + x79 +1 
28: x712 - x°10 + x°8 - x°6 + x74 -x°24+1 
29: x728 + ... + 
30: x78 + x°7 - x75 -x°4-x7°3+x+1 


Figure 35.1-A: The first 30 cyclotomic polynomials. 


The first 30 cyclotomic polynomials are shown in figure The first cyclotomic polynomial with a 
coefficient not in the set {0,+1} is Yios: 


Yios(z) = af? ta ta — 28 — 2? 9. gg — 2 4 (35.1-5) 


The cyclotomic polynomials are irreducible over Z. All except Yj are self-reciprocal. 
For n prime the cyclotomic polynomial Y,,(x) equals (x” — 1)/(a-—1) =a"! +a""-?4...+2+1. For 
n = 2k and odd k > 3 we have Y,, (x) = Yx(—a2). For n = pk where p is a prime that does not divide k 
we have Y;,(x) = Y;(#”)/Y,(x). The following algorithm for the computation of Y,,(x) is given in [119] 
p.403]: 

1. Let [p1, po,...,p,] the distinct prime divisors of n. Set yo(a) = x — 1. 

2. For 7 =1,2,...,r set y;(x) = y,;(x?*)/y; (x) (the division is exact). 


3. Return Yyr(ar/ (2 p2-.- Pr)) 


The last statement uses the fact that for n = kt where all prime factors of k divide t we have Y,,(a) = 
Y,(z*). An implementation is 


polcyclo2(n, z=’x)= 


{ 
local(fc, y); 
fc = factor(n)[,1]; \\ prime divisors 
yzz-i1; 
for (j=1, #fc, y=subst(y,z,z°fclj])\y; n\=fclj]; ); 
y = subst(y, z, zn); 
return( y ); 
} 


Note that the routine will only work when the argument z is a symbol. 


[fxtbook draft of 2008-January-19] 


35.1: Cylotomic polynomials, Mobius inversion, Lambert series 657 


35.1.2. The Mobius inversion principle 


The Mobius function L(n) is defined for positive integer arguments n as 


0 if mn has a square factor 
Hin) := (-1)* if n isa product of k distinct primes (35.1-6) 
+1 if n=1 


The function satisfies 


1 if n=0 
You@ = { ee (35.1-7) 
d\n 
A function f(n) defined that satisfies 
f(n-m) = f(n)-f(n) if ged(n,m)=1 (35.1-8) 
is said to be multiplicative. For a multiplicative function one always has f(1) = 1 and f(n) = f(pj') - 
f (ps?) - ...- f(py*) where n = pi! - ps? -...- p;* is the factorization of n into distinct primes p;. If the 


equality holds also for gcd(n,m) 4 1 the function is said to be completely multiplicative. Such a function 
satisfies f(n) = f(pi)" - f(p2) >... fpe)**. 


The Mobius function is multiplicative 


H(n-m) if — gcd(n,m)=1 


min) mem) =f 9irem™ (35.1-9) 
For the cyclotomic polynomials one has 
2-1 = |[Ya(c) (35.1-10) 
d\n 
and 
¥,(a) = J] (#?-1)""" (35.1-11) 


d\n 


The relation implies a reasonably efficient algorithm for the computation of the cyclotomic polynomials. 
The method also works when the argument x is not a symbol. 


n :4(n) n :L(n) n :L(n) n :f(n) n :L(n) n :4(n) n :L(n) n :L(n) 
1: +1 11: —1 21: +1 31: —1 41: —1 51: +1 61: —1 71: —-1 
2: —1 12: 0 22: +1 32: 0 42: —1 52: 0 62: +1 72: 0 
3: —1 13: -1 23: —1 33: +1 43: —1 53: —1 63: 0 73: —1 
4: 0 14: +1 24: 0 34: +1 44: 0 54: 0 64: 0 74: 

5: —1 15: +1 25: 0 35: +1 45: 0 5d: +1 65: +1 75: 0 

6: +1 16: 0 26: +1 36: 0 46: +1 56: 0 66: —1 76: 0 

7: —1 17: —1 27: 0 37: —1 A7: —1 57: +1 67: —1 TT: 

8: 0 18: 0 28: 0 38: +1 48: 0 58: +1 68: 0 78: -1 

9: 0 19: —1 29: —1 39: +1 49: 0 59: —1 69: +1 79: —1 
10: +1 20: 0 30: -1 40: 0 50: 0 60: 0 70: —1 80: 0 


Figure 35.1-B: Values of the Mobius function /(n) for n < 80. 


The pair of relations}35.1-10]and|35.1-11}is actually a special case of the (multiplicative) Mébius inversion 


principle: 


on) = [J f@ = fm) = dV g@rr (35.1-12) 


d\n d\n 


[fxtbook draft of 2008-January-19] 


658 Chapter 35: Cyclotomic polynomials, Hypergeometric functions, and continued fractions 


Relation |35.1-10]implies (considering the polynomial degrees only and using relation |35.1-3) 


Soe) (35.1-13) 
d\n 

while relation |35.1-11}corresponds to the equality 
Sd M(n/d) (35.1-14) 
d\n 


Relations |35.1-13]and]35.1-14]are a special case of the additive version of the Mobius inversion principle: 


=Sif@ — f(r) = SoG) H(n/d) (35.1-15) 


d\n d\n 


More general, if h(ab) = h(a) h(b) (see [97] p.447]) then 


= Sof@h(n/d) = fn) = So g(a) h(n/d) H(n/d) (35.1-16) 


d\n d\n 


Setting h(n) = 1 gives relation |35.1-15| The Mobius inversion principle is nicely explained in [124]. The 


sequence of the values of the Mobius function (see figure |35.1-B) is entry |A008683 of [214]. 


We note two relations valid for multiplicative functions f: 


Ye@dst@d = JT] a-sf@) (35.1-17a) 
d\n d\n, d prime 
dH? f@ = IT] @+r@©) (35.1-17b) 
d\n d\n, d prime 


Relation |35.1-17a] with f(n) = 1/n gives relation |35.1-13]and also 
1 
= 1—= 35.1-18 
a) =» TT (1-3) (35.1-18) 


d\n, d prime 


35.1.3. Lambert series 


A Lambert series is a series of the form 


Le) = Sos ci = Sagat (35.1-19) 


k>0 k>0 j>0 
It can be converted to a Taylor series 
S- bev where by, = » Gd (35.1-20) 
k>0 d\k 


The inversion principle allows us to transform a Taylor series to a Lambert series: 


an = S> ba M(k/d) (35.1-21) 
d\k 


With pari/gp the conversion to a Lambert series can be implemented as 


[fxtbook draft of 2008-January-19] 


35.1: Cylotomic polynomials, Mobius inversion, Lambert series 659 


ser2lambert (t)= 


/* Let t=[al,a2,a3, ...], n=length(v), where t(x)=sum_{k=1}*{n}{a_k*x*k}; 
* Return L=[11,12,13,...] so that (up to order n) 
ay (x)=\sum_{j=1}°{n}{1_j*x*j/(1-x*j)} 
* 
local(n, L); 
n = length(t) ; 
L = vector(n); 
for (k=1, n, fordiv(k, d, L[k]+=moebius(k/d)*t[d]); ); 
return( L ); 


} 
The conversion in the other direction is 
lambert 2ser (L)= 
{ /* inverse of ser2lambert() */ 
Sue hae t); 
= length (L) ; 
: = sum(k=1, length(L), O(’x*(n+1))+L[k]*’x*k/(1-’x*k) ); 
= Vec(t); 
return( t ); 
} 


We note a relation that is a useful for the computation of the sum, it is given in [156) p.644, ex.27], 
S- a la, + S- (ay + an4,) x4 (35. 1-22) 
k>0 j>0 


The special case ay = 1 is given as relation |37.3-2]on page For the related series 


P(x) = Sree =-> > (Hi a, 2 (35.1-23) 


k>0j>0 


we find 
P(z) = L(x) —2L(2’) (35.1-24) 


To verify the relation compute the k-th term on both sides: az a*/(1+2*) = az x*/(1—2x*) —2 ay 2?*/(1— 
2k) The other direction is obtained by repeatedly using L(x) = P(x) + 2 L(«?): 


S 2" P(x?") (35.1-25) 
Use relations |35.1-22] and [35.1-24] to obtain 
= Se x (1- 20% y+ S- (ap + @e+;) (ott = re) (35.1-26) 
k>0 j>0 


35.1.4 Conversion of series to infinite products 


Given a series with constant term one, 


f(z) = 14+ 0 ay2* (35.1-27) 
k>0 


we want to find an infinite product such that 


f@) = [[a-2*)* (35.1-28) 


k>0 


[fxtbook draft of 2008-January-19] 


660 Chapter 35: Cyclotomic polynomials, Hypergeometric functions, and continued fractions 


We take the logarithm, differentiate, and multiply by «: 


ge pels (35.1-29) 


1— ak 
k>0 


The expression on the right hand side is a Lambert series with coefficients —k b;, the expression on the 
left is easily computable as a power series, and we know how to compute a Lambert series from a power 
series. Thereby 


be = -2 do ax M(k/d) (35.1-30) 


where the gq, are the coefficients of the power series for g(x) := x f’(x)/f(x). With pari/gp the conversion 
to a product can be implemented as 


ser2prod(t)= 


aL 

/* Let t=[1,a1,a2,a3, ...], n=length(v), where t(x)=1+sum_{k=1}*{n}{a_k*x“k}; 
* Return p=[p1,p2,p3,...] so that (up to order n) 
* t(x)=\prod_{j=1}°{n}{(1-x*j) “{p_j}} 


*/ 
local (v); 
v = Ser(t); 
v=v’/v; 
v = vector(#t-1, j, polcoeff(v, j-1)); 
v = ser2lambert(v) ; 
v = vector(#v, j, -v[jl/j); 


return( v ); 


} 
A simple example is f(x) = exp(x), so x f’/f =a, and 
(1 ag le ( a8)? 0 a ce, 


exp(t) = II (L— ak) (MBE 11/1 6)1/6 10)1/10 (35.1-31) 
a (1 — wt)1/1 (1 — 76)1/6 (1 — g10)1/10 |, 
Taking the logarithm, we obtain 
k 
c= -) me) log(1 — 2*) (35.133) 


k>0 


Setting f(x) = 1— 2-2 we obtain relation |17.2-6a| on page (number of binary Lyndon words): 


? ser2prod(Vec(1-2*x+0(x*20))) 
{[2, 1, 2, 3, 6, 9, 18, 30, 56, 99, 186, 335, 630, 1161, 2182, 4080, 7710, 14532, 27594] 


Setting f(x) = 1 — x — 2? gives the number of binary Lyndon words without the subsequence 00 (entry 
A006206 of [214]): 


? ser2prod(Vec(1-x-x*2+0(x*20))) 
{1, 1, 1, 1, 2, 2, 4, 5, 8, 11, 18, 25, 40, 58, 90, 135, 210, 316, 492] 


The ordinary generating function for the e, corresponding to the product form f(a) = [] (1 —2*)* is 


ae” = ee log (f(«*)) (35.1-33) 
k=1 k=1 


This can be seen by using the product form for f on the right hand side, using the power series log(1—ax) = 

(x + 27/2 + 23/3+...), and using the defining property of the Mébius function (relation ae 
page |657). An example is relation [17.2-6b] on page For the cyclotomic polynomials we obtain (via 
relation on page (657): 


= AO hog (Hate) = SOM@ 2 (35.1-34) 
k=1 d\n 


[fxtbook draft of 2008-January-19] 


35.1: Cylotomic polynomials, Mobius inversion, Lambert series 661 


For example, setting n = 2 we obtain 


+ HC) 
wor = - », —_— log (1+ 2*) (35.1-35) 


35.1.4.1 An alternative product form 


For the transformation into products of the form [] (1+ 2")°* we set 


fe) = [[Qt+2*)* (35.1-36) 
k>0 
and note that 
"(x k cp) v® 
a oe -»> Chex) (35.1-37) 
k>0 


So we need a transformation into series of this type. As the Mobius transform is not (easily) applicable 
we use a greedy algorithm: 


ser2lambertplus(t)= 


{ 

/* Let t=[al,a2,a3, ...], n=length(v), where t(x)=sum_{k=1}*{n}{a_k*x*k}; 
* Return L=[11,12,13,...] so that (up to order n) 
* t(x)=\sum_{j=1}*{n}{1_j*x°j/(1+x7j)} 


*/ 
local(n, L, k4); 
n = length(t); 
L = vector(n); 
for (k=1, n, 
tk = t[k]; 
L[k] = tk; 
\\ subtract tk * x*k/(1+x7k): 
forstep(j=k, n, 2*k, t[j] -= tk); 
forstep(j=ktk, n, 2*k, t[j] += tk); 
D3 
return( L ); 
} 
Now we can compute the product form via 
ser2prodplus(t)= 
{ 
/* Let t=[1,a1,a2,a3, ...], n=length(v), where t(x)=1+sum_{k=1}*{n}{a_k*x“k}; 


* Return p=[p1,p2,p3,...] so that (up to order n) 
* t(x)=\prod_{j=1}°{n}{(1+x*j) *{p_j}} 


*/ 
local (v); 
v = Ser(t); 
v=v’/v; 
v = vector(#t-1, j, polcoeff(v, j-1)); 
v = ser2lambertplus(v) ; 
v = vector(#v, j, v[j]/j); 
; return( v ); 


A product [],..9 (1 — 7*)’* can be converted into a product [],,..9 (1 + 2*)** via the relation (1 — x) = 
Heso + ee Nee 


35.1.4.2 Conversion to eta-products 


The conversion of a series to a product of the form (eta-product) 


Co CO 


[n(a*)]"* where n(x) := [[ 1-2’ (35.1-38) 
k=1 j=l 


[fxtbook draft of 2008-January-19] 


662 Chapter 35: Cyclotomic polynomials, Hypergeometric functions, and continued fractions 


r= 2: ( E(y72)73 ) / ( E(y74) ) 
r= 3: ( E(y73)74 ) / ( E(y’9) ) 
r= 4: ( E(y74)°7 ) / ( E(y78)73 ) 
r= 5: ( E(y75)76 ) / ( E(y725) ) 
r= 6: ( E(y76)712 E(y736) ) / ( E(y712)74 E(y718)°3 ) 
r= 7: ( E(y77)78 ) / ( E(y749) ) 
r= 8: ( E(y78)715 ) / ( E(y716)°7 ) 
r= 9: ( E(y79)713 ) / ( E(y727)74 ) 
r=10: ( E(y710)718 E(y7100) ) / ( E(y720)76 E(y750)73 ) 
r=i1: ( E(y711)712 ) / ( E(y7121) ) 
r=12: ( E(y712)°28 E(y*72)73 ) / ( E(y724)712 E(y*36)°7 ) 
r=13: ( E(y713)714 ) / ( E(y7169) ) 
r=14: ( E(y714)724 E(y7196) ) / ( E(y728)78 E(y798)73 ) 
r=15: ( E(y715)°24 E(y7225) ) / ( E(y745)76 E(y*75)74 ) 
r=16: ( E(y716)731 ) / ( E(y732)715 ) 
r=17: ( E(y717)718 ) / ( E(y7289) ) 
r=18: ( E(y718)°39 E(y7108)74 ) / ( E(y736)713 E(y754)712 ) 
r=19: ( E(y719)°20 ) / ( E(y7361) ) 
r=20: ( E(y720)742 E(y7200)73 ) / ( E(y740)718 E(y7100)*7 ) 
r=21: ( E(y*21)°32 E(y*441) ) / ( E(y*63)°8 E(y7147)74 ) 
r=22:  ( E(y722)°36 E(y*484) ) / ( E(y744)712 E(y°242)73 ) 
r=23: ( E(y723)°24 ) / ( E(y7529) ) 
r=24: ( E(y724)760 E(y7144)°7 ) / ( E(y748)°28 E(y772)715 ) 
r=25: ( E(y725)731 ) / ( E(y7125)76 ) 
r=26: ( E(y726)742 E(y7676) ) / ( E(y752)714 E(y7338)73 ) 
r=27: ( E(y727)740 ) / ( E(y781)713 ) 
r=28: ( E(y728)756 E(y7392)73 ) / ( E(y756)724 E(y7196)°7 ) 
r=29: ( E(y729)730 ) / ( E(y7841) ) 

( 


E(y730)*72 E(y7180)*6 E(y~300)*4 E(y*450)73 ) / 
( E(y*60)°24 E(y*90)°18 E(y7150)°12 E(y~900) ) 


r=31: ( E(y731)732 ) / ( E(y7961) ) 
r=32: ( E(y732)763 ) / ( E(y764)731 ) 
r=33: ( E(y733)748 E(y71089) ) / ( E(y799)712 E(y7363)74 ) 


Figure 35.1-C: Functions 7,(y) := cg n(w! y) as products of 7-functions. 


can be done by a greedy algorithm: 
etaprod(v)= 


{ 

/* Let t=[1,a1,a2,a3, ...], n=length(v), where t(x)=1+sum_{k=1}*{n}{a_k*x“k}; 
* Return p=[p1,p2,p3,...] so that (up to order n) 
* t(x)=\prod_{j=1}"{n}{eta(x*j) “{p_j}} 

* where eta(x) = prod(k>0, (1-x*k)) 
*/ 
local(n, t); 
v = ser2prod(v); 
n = length(v); 
for (k=1, n, 
t = vik; 
forstep (j=k+k, n, k, v[j]-=t; ); 


3 
return( v ); 


Similarly, to convert into a product of the form 


[m4 (w*)] where 74(x) := II 1+<2) (35.1-39) 
k=1 j=l 
use 
etaprodplus(v)= 
{ 
/* Let t=[1,a1,a2,a3, ...], n=length(v), where t(x)=1+sum_{k=1}*{n}{a_k*x“k}; 


* Return p=[p1,p2,p3,...] so that (up to order n) 
* t(x)=\prod_{j=1}"{n}{eta_+(x*j) “{p_j}} 
* where eta_+(x) = prod(k>0, (1+x*k)) 


[fxtbook draft of 2008-January-19] 


35.2: Hypergeometric functions 663 


*/ 
local(n, t); 
v = ser2prodplus(v) ; 
n = length(v) ; 
for (k=1, n, 
t = vik; 
forstep (j=k+k, n, k, v[j]-=t; ); 


3 
return( v ); 


} 


The routines are useful for computations with the generating functions of partitions of certain types, see 


section on page Here we just give: 


2)3 
n(-«) = aa (35.1-40a) 
wt)8 
n(t+ix)n(-iz) = os (35.1-40b) 


Figure |35.1-C} gives more product formulas. 


35.2 Hypergeometric functions 


z) can be defined as 


oo ak pF ak 
:) = S ae (35.2-1) 


k=0 © 


: ; Jb 
The hypergeometric function F e 


where z* := z(z+1)(z+2)...(z+k—1) is the rising factorial power (2° := 1). Some sources use the 
so-called Pochhammer symbol (x), which is the same: (x), = x2". We'll stick to the factorial notation. 


z is the argument of the function, a,b and c are the parameters. Parameters in the upper and lower row 
are called upper and lower parameters, respectively. 


Note the k! = 1* in the denominator of relation |35.2-1| You might want to have the hidden lower 


parameter 1 in mind: 
22 2,2 
F ? | = “ER ’ ” 2-2 
( 1 :) ( 1 :) aE 


The expression is a sum of perfect squares if z is a square. 


We have 


c- 


ab a+1b+1 a+2b+4+2 
:) — 14 $22 (14 5 +2 (1 3 2 a+...)) (35.2-3) 


so by formula}35.2-3|/hypergeometric functions with rational arguments can be computed with the binary 
splitting method described in section 


Hypergeometric functions can have any number of parameters: 
OO Ok k yk 
Q1,..-; Am at...ar, 2 
F = > — 35.2-4 
These are sometimes called generalized hypergeometric functions. The number of upper and lower pa- 


rameters are often emphasized as subscripts left and right to the symbol F’. For example, ,F;, for the 
hypergeometric function in the last relation. 


[fxtbook draft of 2008-January-19] 


664 Chapter 35: Cyclotomic polynomials, Hypergeometric functions, and continued fractions 


The functions F’ 6 2) (of type 1 F) are sometimes written as M(a, b, z) or ®(a; b; z). Kummer’s function 
U(a, b, z) (or V(a; b; z)) is related to hypergeometric functions of type 2Fo: 


l+a—b 
U(a,b,z) = ae = | -1/2) (35.2-5) 


Note that series 2Fo are not convergent. Still, they can be used as asymptotic series for large values of z. 


The so-called Whittaker functions are related to hypergeometric functions as follows: 


ae 
= —z/2 ,b+1/2 3 : 
Ma(2) € z F ( 14-95 :) (35.2-6a) 
1 
Wae(z) = e7/% 2641/2 (5 b= 0,1 28, :) (35.2-6b) 
1 1 b 
Ss eer (3 oi “| = 1/2) (35.2-6c) 


Negative integer parameters in the upper row lead to polynomials: 


e(Y? 2) = 1-92+182?-1023 (35.2-7) 


The lower parameter must not be zero or a negative integer unless there is a negative upper parameter 
with smaller absolute value. 


Sometimes one finds the notational convention to omit an argument z = 1: 


QA1, +--+, am QA1, +--+, Am 
F = F 1 35.2-8 
Gaaee. Ges ) ( ) 
In what follows the argument is never omitted. 
An in-depth treatment of hypergeometric functions is ; 
35.2.1 Derivative and differential equation 
Using the relation 
d ‘ ee eee 
F(®? :) = i nel |) (35.2-9) 
dz” C, OM tee c+n,... 


one can verify that f(z) = F ee 2) is a solution of the differential equation 


d* f | | | df = 
z (1 z) ae T [c (1 - act b) Z| ae a bf = 0 (35.2-10) 
A general form of the differential equation satisfied by F Ge is z) is 
z(0+a)(0+))(0+c)... f(z) = VO+u—-1)0+v-1)V04+w-1)... f(z) (35.2-11) 


where ¥ is the operator z 4. The leftmost 7 on the right hand side of the equation takes care of the 


hidden lower parameter 1: 3 = (8 +1-— 1). See [124] for a beautiful derivation. Relation |10.15-4a] on 
page can be used to rewrite powers of J as polynomials in a. 


[fxtbook draft of 2008-January-19] 


35.2: Hypergeometric functions 665 


35.2.2 Evaluations for fixed z 


A closed form (in terms of the gamma function) evaluation at z = 1 can be given for 2F: 


a, b _ Hete=6—5) . 
F( ; 1) = FeraFerh fF Bele-a-8)>0 orbEN,d<0 (35.212) 
When c—a—b <0 then ex.18, p.299] 
; a, b T(c) (a+ b—c) = - 
lim F(% |) ( 1-22?) = 1 35.2-13a 
Pac ( é / T(a)T'(b) ( ) ( ) 
and, for c—a—b=0, 
. a, b T'(a +) 1 _ 
im F ( ; |) / oo log = +.) = a (35.2-13b) 
For z = —1 there is an evaluation due to Kummer: 
a, b T(1—a+b)T(1+a/2) 
F -—1 — 2-14, 
re ) T(i+a)l(1+a/2—d) eee) 
= 2%r ee) (35.2-14b) 


(1/2 + a/2)T(1 + a/2 — b) 


Several evaluations at z = 4 are given in [1], we just give one: 


a, b 1 T(4 + 3a+ 5b) 
F | = 2727 2 35.2-15 
(; + 3a + 5b uP TG 


z 2 : : = : an, bn+b 
For further information see (chapter 15 of) [I], [240] and [193]. Various evaluations of F (- cere 
for integer a, b, cand n, 1 <a<2,-4<b<4 and —4<c< 4 can be found in [108]. 


35.2.3 Extraction of even and odd part 


Let El f(z)] = (f(z) +f (z))/2 (the even powers of the series of f(z)), and O[f(z)] = (f(z) —f(—z))/2 (the 
odd powers). We express the even and odd parts of a hypergeometric series as hypergeometric functions: 


a, b @ atl b btl 
E E ( ? :)| = FI? . ae ; 2 | 2 (35.2-16a) 
c eee 
b b at) | ae bed b+2 
7 [F @ »)| ~ 22 P( : ee a 2? (35.2-16b) 
pi a aa) 
The lowers parameters 1/2 and 3/2 are due to the hidden lower parameter 1. The general case for 
H(z) = fF G1, +++, Am % (35.2-17a) 
by, .--, On 
is 
ay ay+l 2, am Qm+1 
PAN Ny gen ta Ball a |x2 (35.2-17b) 
? Doors OQ» 9°93 
a1 *** Gm att ate, et fa 
O[A(z)] = Dineen de ZF bi+1l bi+2 bath bn 12 3 3 [Xe (35.2-17c) 
n > Qo 2 5 


[fxtbook draft of 2008-January-19] 


666 Chapter 35: Cyclotomic polynomials, Hypergeometric functions, and continued fractions 


where X = 4"-"—!. For example, 


a = ce ee ae 3 
2 ae a5 4 5 


We indicate a further generalization by the extraction of all terms of H(z) where the exponent of z is 
divisible by 3: 


4 


2? ) sinh z 


(35.2-18) 


z 


2 ay aitl ait+2 Am GQm+tl Gm+2 
A(z)+ H(wz)+H(w z) F oe a 3 ee em 3.2 3° 3 xX (35.2-19) 
3 by by+1 6142 bn bntl bat2 1 2 i 
De TQ Is Br tae See Beg 3° 3-0) BP 3 


where w = exp(2ia/3) and X = 27™-"—!. For example, with H(z) = exp(z) = F ( 


z) we obtain 


( 23 ys yk 
F | =) = (35.2-20) 
3, 5! 27 < (3k)! 
Define the power series Cj(z), for 7 € {0,1,2}, by 
Kee 2bkts 
wea Bal 
Cel?) Ds Bk+s)! ooze) 
k=0 
then (omitting arguments) 
Co Cr Co 
det }Cz2 Co Ci] = Co+CP+C$3-3C)C,C, = 1 (35.2-21b) 
Ci Co CM 


which is a three power series analogy to the relation cosh” — sinh? = 1. 


For the extraction of the coefficient at the positions equal to 7 = M replace every upper and lower 
parameter A by the M parameters (A+ j)/M, (A+j+1)/M, (A+j+4+2)/M,...,(A+j+M-—1)/M, 
and the argument z by X z” where X =(M™M)™—-"-1, 


35.2.4 Transformations 


As obvious from the definition, parameters in the upper row can be swapped (capitalized symbols for 


readability): 
A, Bic B, A, c 
F ? ’ |) a F( b) 3 
( e, fg e, fg 


The same is true for the lower row. Usually one writes the parameters in ascending order. Identical 
elements in the lower and upper row can be canceled: 


a,b, C _ a, b 
r(¢ he :) = F(a :) (35.2-23) 


These trivial transformations are true for any number of elements. The following transformations are 
only valid for the given structure, unless the list of parameters contain an ellipsis ‘...’. 


:) (35.2-22) 


[fxtbook draft of 2008-January-19] 


35.2: Hypergeometric functions 667 


35.2.4.1 Elementary relations 


oe aoe 1,64+1,...,1 
a le E Be ee a (35.2-24) 
Cy ete oe e+1,...,2 
b,... 1, b,... sree 
(a— HF (%” :) = ar(“7 he je)-or (70 ™ :) (35.2-25) 
C, Cysts Ch ets 
a, b,... a+1,b,... a, b,... 
—c)F ae = aF ae -—cF[{[?” 35.2-26 
ee) a) ’ ( e+1,... :) is ( Cc, . :) ( ) 
These are given in [124], the following is taken from [245]. 
b b+1 1 1 
F(® :) = F(* * je)-Er(et ee :) (35.2-27) 
Cc Cc Cc ce+1 
More relations of this type are given in [I]. 
35.2.4.2 Pfaff’s reflection law and Euler’s identity 
Pfaff’s reflection law can be given as either of: 
1 a,b) —z a,c—b 
aaa F(*”| a ee 35.2-28 
mae ("l= 5) °o"lF) eee) 
b 1 - - 
F(® | z) = 7 ”| z (35.2-28b) 
c (1— z)¢ c 1l-—z 
1 c—a,b| -z 
_ BF | 29 
(1-2)? ( c =) nee) 
Euler’s identity is obtained by applying the reflection on both upper parameters: 
b - —b 
F & | :) = (1-2) p 6 bs | :) (35.2-29) 
c c 


Euler’s transformation can generalized for hypergeometric functions ,+1F,, see |174}. While Pfaff’s 
transformation cannot be generalized, the following 3F2 relation which is reminiscent to the reflection 
law, is given in [174] p.32]: 


pane oa(fop4i).ag a f,l+$f,d) -z 
a-2'F( aie |) = r( “yh 5] (35.2-30) 


35.2.4.3 A transformation by Gauss 


2a, 2b b 1 
F( m i :) = F( " 1 42(1~2)) where |z| < = (35.2-31a) 
a+b+5 a 5 2 
b 2a, 2b ;1-vV1-— 
F ( a :) = F ( ee | *) (35.2-31b) 
a+bo+s Gp OS 2 
Note that the right hand side of relation |35.2-31a] does not change if z is replaced by 1 — z, so it seems 
that 
2a, 2b 2a, 2 
F ( be | :) = F ( oun | ie :) (35.2-32) 
atb+h a+b+3 


[fxtbook draft of 2008-January-19] 


668 Chapter 35: Cyclotomic polynomials, Hypergeometric functions, and continued fractions 


However, the relation is ue only for terminating series, that is, for polynomials. Rewriting relation [35.2-] 
for the argument 1 
2a,2b | 1- b 
a ae eeege | 2) el, ON | 1-2 (35.2-33) 
atb+i] 2 at+b+i 


35.2.4.4 Whipple’s identity and quadratic transformations 


Whipple’s identity connects two hypergeometric functions 3 F: 


Aone il b 4 b 
P 54, sat 4 a Cc — _ (1 2)°F a, 0, Cc 
(1 — z) l+a—b,1+a-c 


l+a— : l+a-ce 
Specializing |35.2-34|for c = (a+1)/2 (note the symmetry between b and c so specializing for c = (b+1)/2 
produces the identical relation) gives 


:) (35.2-34) 


a, b 1 lg: tet So Az 
PF ’ SS . pp 22 2 =. ape 
Gea) G2 ( Tada d 3 ee) 
2a 1 2 
2(1-V1— 2a, b4 1-vl 
F( oe. | :) = Ge) ra eal | ( 2) \ (35.236) 
ois Zz a+b+5 z 
With c := a — b in|35.2-35] one obtains: 
a,a—c 1 ta,4-—a+e) —4z 
Pt 2) = ae oe 
( 1l+c :) (1 —z)¢ ( 1l+c (1 — z)? eae ey) 
Similarly as for the relations by Gauss, from relations |35.2-35] and |35.2-36 
1-z 1+z\* Ja, 4a+i— 
F | 2 = 2 ate ilc "1-2 35.2-38 
bes 7) ( 2 ) ( l+a- : ( . 
ey jee tivi=e\ fla teeta 
F |= 7 F) = (LEVEE) pf 2% 2952-9) 22) (35.0-38b) 
ae 14./1— 22 2 l+a-—b 


Relations |35.2-38b] and |35.2-38a|can be obtained from each other by setting « = ,/1— y? (and replacing 
y by x). The same is true for the next pair of relations: 


b a. 8 ope 
Fi i]1-2 = r( °c? =| eee (35.2-39a) 
abt l+2z a+b l+2 
b 2 ef a0 bk). Lawl =e 
F( ms :|*) = (=) F(“? i ae Ne). (a5 a0b) 
atb+3 taal 22 at+b+ 5 1+V1—- 2? 
The transformations 
a, b Su, oa toe 4z 
F = (lt2z) °F ( 20 28" 2)_"* 2-4 
( :) oe) Cay, i) oz 
3 +i) —4z 
= (—2)ne Rr (2% 24 2) 35.2-40b 
(eZ) t a—b+1 as) ( ) 
—h+ +4/z 
= (ltvz%*Fr(%° 2 35.2-40 
teva Cae ee (+ Vzp ( Q 


[fxtbook draft of 2008-January-19] 


35.2: Hypergeometric functions 669 


are given in [I]. Specializing for a = b gives 


- on 2) = (l+z) °F a at 0 ate? = (35.2-40d) 
= (1-2) °F G 2 4 —) (35.2-40e) 
= (li/2)-*F & | os (35.2-40f) 


Relation |35.2-40e]can be obtained by setting c = 0 in relation |35.2-35| Observe that the hypergeometric 
function on the right hand side of relation }35.2-40e]does not change when replacing a by 1 — a. The next 
(3F2) transformation is given in [174]: 


_ a6, 1 24g 2+ 16,1 
(1 — 2) Pie! 4a) SPA )4z(1 — 2) (35.2-41) 
2) Qe at 2) ga 9% 
The following are special cases of this transformation: 
i lilig yt 
(1-2) F ‘ : " :) = # (: 2°) ae(1 — :)) (35.2-42a) 
die 
a ti a, 1 _ ee! = 7 
(1-2) F( 9 2) = F( L4+a,2 4z(1 — z) (35.2-42b) 
1 1ylg 34 
(1—z) OF Gs ; 2) = F( 202% 2 az —2) (35.2-42c) 
p+ 34 g + 94, 2 
The nonlinear transformation (given in [193] p.21]}) 
a, b 2a = n 
F | z) = (1—w)* So dww (35.2-43a) 
c 
n=0 
where 
oe = sy z= Viet (35.2-43b) 
(1 — z)? Vl—-wt+l 
and 
a (35.2-43c) 
2 —2 
Fa peas cas) (35.2-43d) 
e 


2(c — 2b) (n+ 1+) dn41 + (n+ 2a) (n+ 2a+1—-c) dy, 
(n+ 2)(n+1+4+c) 


i (35.2-43e) 


maps the complex (z-)plane into the unit circle. Thereby the w-form of the series converges for all z 4 1. 


35.2.4.5 Clausen’s product formulas 


Clausen’s formulas connect hypergeometric functions of type 2F) and 3F%: 


2 
a, b 2a, a+b, 2b 
F | = F 2-44 
| io :)| Ree :) Boeese) 
1 1 1 1 1 1 1 
Legis ee Le gree ae ee ree 
ae aa, |) ~ ue a! 2) ea 


[fxtbook draft of 2008-January-19] 


670 Chapter 35: Cyclotomic polynomials, Hypergeometric functions, and continued fractions 
If a= b+ 4 in|35.2-44a}then (two parameters on the right hand side cancel) 


b+2,b) \]° 2b+ 2, 2b 
FP 2 = § 2 2-4 
| ee :)| ( 4b +1 |) ee) 


and the right hand side again matches the structure on the left. The corresponding function can be 
—2b 
identified (see p.190]) as Gy(z) := F CR | 2) a (4S ==) . One has Gn m(z) = [Gn(z)]"”- 


2b+1 
Specializing relation |35.2-44b] for 6 = —a we obtain 
1 1 2 1 i 4. 
= z- 5 +2a, 5,5 -2 
jetta? ‘|z)| = F(t re 7 :) (35.2-46) 


For a = 0, z = 1 (or z a sixth power) this relation is an identity between the square of a sum of squares 
and a sum of cubes: 


272 3 
S- == = io = 1.39320392968...  (35.2-47) 
n=0 | j=1 J n=0 | j=1 J 


The relation can be obtained by setting a = G = 1/4 and y = 1/2 in exercise 16 in p.298]. Setting 
a = 1/2 in exercise 28 in [245] p.301] we find that the quantity equals 7/T'(3/4)* = T(1/4)*/(47°). For 
the square root of the expressions (1.39320... = 1.180340...) we have [109] p.34]: 


n=— Co 


2 
Z 1)q eo i 
F & | 5) = S- e | = 1.180340599016... (35.2-48) 


We note that relation |35.2-44a]on the previous page can be obtained as the special case c= a+b of the 
following relation given in ex.16, p.298]: 


aie st 
are eae ine 
C+ 5 C+ 5 


where the A, are defined by 


:) = SoA. gh (35.2-49a) 


(lg)? "PF ex :) = Age (35.2-49b) 


The following relations are given in p.184]: 


a, b a, b 2a, 2b,a+b 
F | F = F » 205 | 35.2-50 
(ja :) Gan :) Ora nee :) ( =) 
a, b a,b—1 2a, 2b—1l,a+b-1 
F , F( ® = te | 35.2-50b 
ee :) (. ae :) Cee eer :) ( ) 


35.2.4.6 The Kummer transformation 
The Kummer transformation connects two hypergeometric functions of type ;F\: 


a b 
enor (l-2) = Feb 


The relation is not valid if both a and b are negative integers. In that case one obtains the Padé 


approximants of exp(z), see relation |31.2-17/on page 


:) (35.2-51) 


[fxtbook draft of 2008-January-19] 


35.2: Hypergeometric functions 671 


A transformation from ;F to 2F3 is given by 


a a a,b-a 2 
F(}|-2) = F = 35.2-52 
F (Sle) FGI - « 14, L641) 7) ( 
Setting b = 2a and using |35.2-51] gives 
a 2 a 2 
= F ——= oe 
[F es 2) | enple) (4 3 2a! 4 ) (paz 3) 
The following transformation connects functions oF and 2F%3: 
3 b), 4 b-1 
F( z) F( z) = (aerate | a2 (35.2-54) 
a b a,b,a+b—-1 
Setting b = a gives (cancellation of parameters on the right hand side) 
2 a—i 
[F ( z)| =e 2 lay (35.2-55) 
a a, 2a—1 
From relations |35.2-53] and |35.2-55| one can obtain 
2 a—4 
exp(z) F —) =F 21 2z (35.2-56) 
al 4 2a—1 


The following relations can be derived from the preceding ones: 


1 1 2 1 ; 
a(G+ 0), sla+b—1) _ a=5 b—i : 
LF ( a,b,at+b—1 |: = ie son ea = b, 26—1\7 (35.2-57) 
F (al) F(gal -4) = ie ie (35.2-58a) 
2al * 2al J at+4116 .2-58a 
2 
Pl oa E ne |=» aoa als (35.2-58b) 
2a+1 2at+1 2a+l,at+ 5! 4 
1 1 
FC ‘) FO, :) — 3 +r, ie 12) | (35.2-59a) 
a+% 
FC :) PN ges2). OA spe Ba) oF (35.2-59b) 


35.2.5 Examples: elementary functions 


The ‘well-known’ functions like exp, log and sin are expressed as hypergeometric functions. In some cases 
a transformation is applied to give an alternative series. 


35.2.5.1 Powers, roots, and binomial series 


aa = F(A |) = 3 ae = F (“| =) (35.2-60a) 
Gy* = F(“ -2) = > (1) ze = F(*| ) (35.2-60b) 


k=0 


[fxtbook draft of 2008-January-19] 


672 Chapter 35: Cyclotomic polynomials, Hypergeometric functions, and continued fractions 


An important special case of relation |35.2-60al is 
if 1 a $1 
i F ( |) = 2? = F ( 9 


The last equality is obtained by setting a = 0 in relation [35.2-42a]on page 


1 
Az(1 — :)) where z< 5 (35.2-61) 


r(* eth, = (1—22)(1—z)*} (35.2-62) 
lars -) = a (35.2-63a) 
a, ntl ey ee 
F(R.) — (=) — 
ae .~ 1 2 _ oe 
F( ' 2) - 75 (=) (35.2-63c) 
ntl nie 1l—-V/z)"-(1 zy)” : 
r( — ;) =. eee ata if n£0 (35.2-64a) 
1 1+ /z 

= OWT. tog (72S) if n= (35.2-64b) 

(+2"-0-23" p(B 8) 2) p(F-b] e 
(i+z"+(122)" 7 nor ( 3 2 \e( 1 “) (35.2-65a) 

5 + 


z aya oe 
a7 )/F 1 aa} (35.2-65b) 


35.2.5.2 Chebyshev polynomials 


The Chebyshev polynomials are treated in section on page 


F e . 2) = T,(1—2z) (35.2-66a) 
2 
LQ) =F “ a“ >) (35.2-66b) 
2 
U.(2) = @4DF (™ as *| : *) (35.2-66c) 
2 
Using relation [34.2-14] on page [648] (as T,(T1/n(z)) = z = id(z)) we find that 

Co) _ la =) (35.2-67) 

i 2 1 2 


near z = 1 (here Fl-4] denotes the inverse function). 


[fxtbook draft of 2008-January-19] 


35.2: Hypergeometric functions 673 


35.2.5.3 Hermite polynomials 


The Hermite polynomials H,,(z) can be defined by the recurrence 


Anii(z) = 22 Hpn(z) —2n Ay_-1(2) (35.2-68) 
where Ho(z) = 1 and Hy(z) = 2z. The first few are 
H, = 1 (35.2-69) 
Ay, = 2z 
Hp = 427-2 
Hz = 82°—12z 
He = 1624 — 4827412 
Hs = 322° — 1602? + 120z 
He = 642° — 48024 + 72027 — 120 
Hr = 1282" — 1344z° + 3360z? — 1680z 
Hg = 256z° — 3584z° + 134402z* — 13440z? + 1680 
Hy = 512z° — 92162" + 48384z° — 80640z? + 30240z 
Hip = 1024z'° — 23040z° + 161280z* — 403200z* + 3024002? — 30240 
For nonnegative integer n we have 
H(z) = (22)"F € a =) (35.2-70) 


35.2.5.4 Stirling numbers of the first kind 


A generating hypergeometric function for the (unsigned) Stirling numbers of the first kind s(n,m) (see 


section |10.15] on page [267) is given by 
1 Co _ CO m 
F( _ :) = ye ge = S- ( e” xno) zn (35.2-71a) 
n=0 1 


n=0 \m= 
= ltezt (ete?) 27 + (2e 4 3e7 + €%) 24 (35.2-71b) 
(6e + 1le? + Ge? + e*) z* 4 
+ (24e + 50e? + 35e° + 10e* + €*) 2° + 


(120e | D7 de? + 295e° + S5et 4+ 15e° 4 e°) ae ee 


35.2.5.5 Logarithm and exponential function 


1,1. = (—1)* 21 

log(l+2z) = 2zF ( ; | :) = » id (35.2-72a) 
1 il 2 

log(—*) = acr(% 2?) = log (1+ (35.2-72b) 

l-z . 1-z 

For large arguments z the following relation can be useful: 
z z 1,1 z 
ae een a a | 2 
log(1 + z) os ( +) Tee: ( 9 +) (35.2-73) 
exp(z) = F ( z) =o (35.2-74) 
k=0 — 


[fxtbook draft of 2008-January-19] 


674 Chapter 35: Cyclotomic polynomials, Hypergeometric functions, and continued fractions 


35.2.5.6 Bessel functions and error function 


The Bessel functions J, of the first kind, and the modified Bessel functions J, (as given in [I]): 


Q\n _ 2 
Ky = Ms as (35.2-75a) 
n! n+1! 4 
Q\n 2 
iis = gp = (35.2-75b) 
n! n+114 
= (n —1)! 
F( z) = y(n—1)/2 Te 1(2V/z) (35.2-75c) 
oO Lk 
Zz 
F(, 2) = hava = a (35.2-75d) 
k=0 
Error function (the Kummer transformation, relation |35.2-51)on page [670] gives relation |35.2-76b 
VT + _» ; 
——erf(z) := | e* dt = 2F | — 2 (35.2-76a) 
2 t=0 3 
2 1 a (227)" 
= ve? F | 2\ — ge? 35.2-76b 
- (|) io OHS 1) ( ) 
k=0 
35.2.5.7 Trigonometric and hyperbolic functions 
Series for sine and cosine: 
0 yk g2k+1 
sin(2) = 2F (.|4 =) - y= ae = i (35.2-77a) 
2 k=0 
Pe CO 2k+1 
sinh(z) z (; 7) ei (Ok +1) (35.2-77b) 
Applying the transformation |35.2-55|on page to relation |35.2-77al gives 
1 
[sin(z)|? = z (4 ,| -:*) (35.2-78) 
2 
72 oo (—1)* 22k 
cos(z) = F( | =) =o) = ee (35.2-79a) 
ya) = Le aay 
Pe oo 
nz) = F(,|=) = a 
cosh(z) G =) (Ok) (35.2-79b) 
k=0 
inh 1 
ay . F( 22) (35.2-80a) 
z 
1 
exp(—iz) an?) = F (| 22) (35.2-80b) 
z 
Further expressions for the sine and cosine are 
sin(a z) tte i | ; 2 
_ = #-F ; 2-81 
ae) ( 3 + sin(z) (35.2-81a) 
+ 3 : 2 
cos(az) = F i + sin(z) (35.2-81b) 
2 


[fxtbook draft of 2008-January-19] 


35.2: Hypergeometric functions 675 


cos(a z) ia Le es 
= 2s 2-81 
cos(z) ( 4 a sin(z) (35 8 c) 
sin(a z) 2 sin(a z) 1+ $,1-$ | Z 
= = 2 35.2-81d 
a sin(z) cos(z) a sin(2 z) 3 + sin(z) ( ) 


Relations for the hyperbolic sine and cosine are obtained by replacing sin + sinh, cos ++ cosh, and 
negating the sign of the argument of the hypergeometric function. For example, from relation |35.2-81b 
one obtains 


cosh(az) = r( a ~snh( (35.2-81e) 


35.2.5.8 Inverse trigonometric and hyperbolic functions 


Series for the inverse tangent and cotangent: 


. 1acy 
arctan(z) = log i = “= 3m log(1 + iz) (35.2-82a) 
—1z 
1 1 co lrg 
= 2F|” | 267) = 50 35.2-82b 
7 ( a | * » 2k +1 ( ) 
By Pfaff’s reflection law (relation |35.2-28b) on can obtain 
z 4 4 2 1 
atchan( 2) =. | | | = ~roeos 35.2-82¢ 
(2) V1i+ 22 3 14+ 22 ange ( ) 
z 1,1) z 
= ‘ b .2-28b .2-82 
<= ( : =) y 52-28 (35.2-82d) 
1 1 
arctanh(2) = 5 log = (35.2-83a) 
3 1 4 OO 2kt1 
= 2¢F ; E =a (35.2-83b) 
k=0 
1, zt+l = 1 
arccoth(z) = 3 log oa = » (Qk+ 1) 22e41 (35.2-83c) 
—1 1 
log(z) = 2 arctanh - == 2 arccoth a (35.2-83d) 
1 a z+t 
arccot(z) = arctan - log - (35.2-84a) 
z 2 zZ-14 
1 Let 1 = (—1)* 
ek a ee oC eee (35.2-84b) 
z ( 3 5] = (2k + 1) 22k+1 
1 3 5| 1 1 
= =F (*,3| = arcsin ——— 35.2-84c 
af 1-2" ( eee V1 + 22 ( ) 
Zz 1,1 1 
= ’ 2-84 
Tae (; ics) eee) 


[fxtbook draft of 2008-January-19] 


676 Chapter 35: Cyclotomic polynomials, Hypergeometric functions, and continued fractions 


Applying Clausen’s product formula (relation |35.2-44a] on page |669) gives 


2 Lili 2 
farctan(z)?> = — ae oe ) (35.2-85a) 


[arccot(z)}?>_ = : F(™ ee] ee ) (35.2-85b) 


Series for the inverse sine and cosine are 


id 
arcsin(z) = (3 “) = arctan ——— (35.2-86a) 
3 aera 
iidewi—2 
= r( : vas) by [35.2-31b (35.2-86b) 
2 
ese 
= g/l PP”, E (35.2-86c) 
2 


The two latter relations suggest the following argument reduction applicable for the inverse sine (and 
tangent). Let G(z) = (1 — V1 — z)/2, then 


F (*y | 2) = aa =F (ts | (2)) (35.2-87a) 
_ a Ti a F (*s'|@@y) = (35.2-87b) 
a -1/2 
F ey | 2) = Tl 1— “| where 2 =2, 241 = G(Zr) (35.2-87c) 
2 k=0 


Clausen’s product formula (relation }35.2-44a]on page can by applied to obtain 


1, 1,1 
[arcsin(z)}? = 2F( 5 _ ?) (35.2-88) 
9) 
7 . z 
arccos(z) = —-—arcsin(z) = arccot ———— (35.2-89) 
2 1— 2? 
AL 
arcsinh(z) = log(z+ V1+2?) = z2F Gi -#) (35.2-90a) 
2 
ene eeey aa i by [35.2-28b (35.2-90b) 
V+ 2? 3 1142? yee. 
1,1)1-—v1l 7 
= -r( : poe) by B5.2-31b (35.2-90c) 
2 


35.2.6 The function x” 


Boldly setting a=1+zin(1+2z)*=F ‘ 


- z) (relation |35.2-60b] on page 671) gives 


(+2)¢ = RN 


- :) = exp[(1 +z) log(1+ z)] (35.2-91a) 


[fxtbook draft of 2008-January-19] 


35.2: Hypergeometric functions 677 


= ip, +E". } camer E ea, f hee Hil (35.2-91b) 


1 2 3 4 
2 1 3 1 A 1 5 3 6 1 7 59 8 71 9 
= t t t t ee .2-91 
EE Des ae hag” bag ~ 799° asap pada een 


This somewhat surprising expression allows the computation of «* without computing exp() or log(). 
The series converges for real z > 0 so we can compute 2” (where x = 1+ z) for real a > +1 as 


a = F ("| a 1) (35.2-92a) 


= 1+ == (x — 1) i+ 23 te 1) 14° 1) [i+ lI] (35.2-92b) 


We denote the series obtained by truncating after the n-th term of the hypergeometric function by gn(2). 
For example, with n = 2 and n = 4 we obtain: 


3,90 2 3 


1 3 
g(x) = , x 5 pt Ht +1 (35.2-93a) 
= 5 52 t2er-4+zt1 (35.2-93b) 
x. le 28 5 7,15 6 19 5, 61 4 313, 131 5 25 
ga(x) vie mt +R? Zt +ye Zt tat - pt 1 (35.2-93c) 
6 dey Dey Le Day Lt 52 
= t t t t tz+1 .2-93d 
oa” age ae Tid +32 ge te +2 (35.2-93d) 


We have gn(n) = n” and further gn(k) = k* for all integer k < n. Thus we have just invented a curious 
way to find polynomials of degree 2n that interpolate k* for 0 < k <n (setting 0° := 1 for our purposes). 


The polynomials actually give acceptable estimates for x” also for non-integer x, especially for x near 1. 
The (unique) degree-n polynomials i,(a) that are obtained by interpolating the values k* have much 
bigger coefficients and give values far away from x” for non-integer arguments 2. 


For 0 < a < n the interpolating polynomials i,,(~) give an estimate that is consistently worse than g,,(x) 
for non-integer values of x. The same is true even for the polynomials i2,(2) that interpolate k* for 
0<k < 2n (so that deg(i2,) = deg(gn) = 2n). In fact, the i2,(x) approximate consistently worse than 
in (x) for non-integer x. 


Finally, the Padé approximants pjp»)(«) for gn(x) give estimates that are worse than with both i,,(x) or 
9n(@). Further, gn(x) # x even for integer x and the pryn)(x) have a pole on the real axis near x = 1. 
That is, we found a surprisingly good and compact polynomial approximation for the function x”. 


The sequence of the n-th derivatives of (1+ z)"+* at z =0 is entry A005727|of 214): 


? Vec(serlaplace(exp((1+z)*log(1+z)))) 
[1, 1, 2, 3, 8, 10, 54, -42, 944, -5112, 47160, -419760, 4297512, ... ] 


Many other expressions for the function x” can be given, we note just one: set s = 24+ z in relation|35.2-62 
on page to obtain 


1 —z-2,z+8 
+2)) = , | - -94 
(1+ z) F( bik :) (35.2-94) 


35.2.7 Elliptic K and E 
In order to avoid the factor > we let K:= ax E := 2£, then 
= iil 
K(k) = F ( os | ) (35.2-95a) 
a ky ok 
E(k) = F( a | «) (35.2-95b) 


[fxtbook draft of 2008-January-19] 


678 Chapter 35: Cyclotomic polynomials, Hypergeometric functions, and continued fractions 


See section on page for explicit expansions. We further set 


I 


—i _1 
N(k) F( ?| i) (35.2-95c) 
2 ., 49 


1 1 441 
k4 4 k® ke 4 pio 4. 
4 64 256 + 16384 65536. + 1048576 


kM94...  (35.2-95d) 


A special value is N(1) = 4/7. Most of the following relations can be written in several ways by one of 
the identities 


Ko= V1—k? (35.2-96a) 
k2 k\? La— 
—= = (=) ae (35.2-96b) 
( k ) 1+k Lh (1+ky)? (35.2-960) 
= —— = — = -2- JOC 
1—-vV1—k? 1—k’ i=py 1 — Rr? 
2 1k 
4k jaf 
—4Ak? 2k \? 1+k2\? 
G—k)2 — (>) =e (3 - =) (35.2-96f) 
35.2.7.1 Relations for kK 
- i a 
K(k) = F &. | X) (35.2-97) 
1 1.1 BN? 
= P| 73 | = (=) by [35.2-28b (35.2-98) 
. 1 12) 14K 
= 2° 2) _ iz 
K(k) = F( : | — =) (35.2-99) 


" 2 ee ay aay ae 
K(k) = F( J 4 
(*) 1+k 1 () ea 
The relation can be written as 
~ ~ 1—k’ 
K(k) = (14+ 2(k)) K(z(k)) where 2z(k) := Le (35.2-100b) 
Relation |35.2-40f] on page [669] with a= 5 gives 
- 1 -~[ 2k 
K(k) = — —— 2- 
(k) (24) (35.2-101) 


x 7 1 Edy ode? ad af tt 1+k?\? 
K(k) = ar ( f ero: =oF(*81-(5 (35.2-102a) 


[fxtbook draft of 2008-January-19] 


35.2: Hypergeometric functions 679 


Euler’s transform on |35.2-102a] gives: 


: 11+ _ (3,3 2k \? 

K(k) = y7 aa F @ “ (=) (35.2-103) 
: ae 
K(k) = F &. | @xx)?) by [35.2-31a (35.2-104) 


35.2.7.2 Relations for E 


P 251 
E(k) = F ( 7" | x) (35.2-105) 
a ; il k\? 
E(k) = WF(-? zi = (¥) by [B5.2-28b (35.2-106) 
The following relation resembles relation |35.2-100a 
2 
2 1+V1-—k? Eel) (1 _-V/1—k? 
E(k) = Came Pl 2 | —________ (35.2-107a) 
2 1 1+ JV1—k? 
ey eee ee eee ee, ae 
_ Bo: 
ZF ( 1 | 1+k eer) 
ag f= 
= (1+2(k)) ~~ N(z(k)) where z(k) := inh (35.2-107c) 
35.2.7.3. Relations for N 
a 4 k? 
Nk) = Vi-eF( 44 | oy by B5.2-40e (35.2-108a) 
pail ag 2k \? 
See | = (+) (35.2-108b) 
J 2 z z 2k : 
- , pe a 
1+ [4 | (=H) by [35.2-28b (35.2-108c) 
Relation |35.2-25]on page with a = b = —1/2 and c= 1 gives 
1-3 1p (B-4,) pip (EH 
F( ?? = =F(? a ee 35.2-109 
Cre eee ee (952.10 


(l—2)F eee =) 


—z 


’) 


2E(k)— K(k) = KW (i) (35.2-110) 


: : 3/2, -1/2 
Applying |35.2-28c] on page to the second function (F ( / 2 / 


and rearranging gives 


Applying the transformation |35.2-40f]on page [669] on the defining relation gives the key to fast compu- 
tation of the function N(k): 


N(k) = arm e( 74) (35.2-111) 


[fxtbook draft of 2008-January-19] 


680 Chapter 35: Cyclotomic polynomials, Hypergeometric functions, and continued fractions 


The relation 
2E(k) —k? K(k) = N(k) (35.2-112) 
can be used to rewrite Legendre’s relation (equation |30.2-17b] on page [577) as either 


4 a oar a 
—- = NK'+KN-KRK' (35.2-113) 
TT 


or, by setting N := 1/2.N, 
a = NE'4KN'-KK' (35.2-114) 
35.3 Continued fractions 


A continued fraction is an expression of the form: 


K(a,b) = aot (35.3-1) 


ag + 
a3 + 


a4 + eee 
Continued fractions are sometimes expressed in the following form: 
bi bg bg ba 


K(a,b) = aod ans 35.3-2 
( ) Y ay+ Got ag+ a4t ( ) 


The ay and by are called the k-th partial numerators and denominators. 


For k > 0 let Px/Q, be the value of the above fraction if 6,41 is set to zero (that is, the continued fraction 
terminates at index k). The ratio is called the k-th convergent of the continued fraction: 
Pr by bg «bg bg be-1 br 


8, ey eed a 85.3.3 
Qk OT i tot ak ae a ( ) 


We note that multiplication of a;, b;, b;4; by some nonzero value does not change the value of the 
continued fraction. Thereby 


by by bs ba C1 bi C2 C1 be C3 C2 b3 C4 C3 ba 


ao 4 oe = ag Lie (35.3-4) 
ait agt+ ag+ a4+ C1 @,+ Cgag+ C3a3+ C4 a4 


where all c; are arbitrary nonzero constants. 


35.3.1 Simple continued fractions 


Continued fractions where all b; are equal to one (and all the a, are positive) are called simple continued 

fractions. Rational numbers have terminating continued fractions. Note that the expression of a rational 
number as simple continued fraction is not unique: 

[a0, ---) @n—1, Qn] = [@0,---;@n-1,Qn—1,1] ifa, >1 (35.3-5a) 

(ao, ---; @n-1, l] = [ao,.--, @n-1 +1] if a,=1 (35.3-5b) 


Solutions of the quadratic equation a x?+3x+/7 = 0 that are not rational (A := 6? —4a7 not a square) 
have simple continued fractions that are eventually periodic. For example: 


[fxtbook draft of 2008-January-19] 


35.3: Continued fractions 681 


? contfrac(sqrt(5)) 


[2, 4, 4, 4, 4, 4, ...] 
? contfrac(2tsqrt(3)) 
[3 1,2) 252, 1,2, ...] 
? contfrac(sqrt(19)) 
[4, 2,1,3,1,2,8, 2,1,3,1,2,8, 2,1,3,1,2,8, ...] 


For the k-th convergent P,/Q, (in lowest terms) of the simple continued fraction expansion of some 
number «x then the convergent is a best approximation in the following sense: if p/q is any better rational 


a 2), then one must have q > Qr. 


approximation to x (that is, E — z| = \o. 


For the simple continued fraction of x one has 


2 1 2 1 
> Qn Qn-1 ae 


and equality can only occur with terminating continued fractions. 


(35.3-6) 


35.3.1.1 Computing the simple continued fraction of a number 


Given a numerical quantity one can compute the sequence a, of its simple continued fraction by the 
following algorithm: 


procedure number_to_scf(x, n, a[0..n~-1]) 


k:=0 to n-1 
xi := floor(x) 
alk] := xi 
x i= 1 / (x-xi) 
} 


Here n is the number of requested terms a;. Obviously some check has to be inserted in order to avoid 
possible division be zero (and indicate a terminating continued fraction as will occur for rational x). If in 
the process one keeps track of the exact rational values of the simple continued fraction convergents (using 
the recursion relations) then the algorithm can be used to produce a ‘best possible’ rational approximation 
where the denominator does not exceed a certain specified size. Alternatively one can stop as soon as 
the convergent is within some specified bound. 


35.3.1.2 Continued fractions of polynomial roots 


= RootOf(z73 - 2) == 1.2599210... 
contfrac(r) == [1, 3, 1, 5, 1, 1, 4, 1, 1, 8, 1, 14, 1, 10, 2, ...] 


f=z73 - 2 r=1. ria hare ==> 1 

f=z73 - 3*z72 - 3*z - 1 3. 84739210186307 ==> 3 

£=10*z73 - 6*z72 - 6*z - 1 r=1.18018873554841_ ==> 1 

£=3*z73 - 12*z72 - 24*z - 10 r=5 .54973648578239 ==> 5 

£=55*z73 - 81*z72 - 33*z - 3 r=1. Se anee arog aes ==> 1 

£=62*Z273 + 30*z7°2 - 84*z - 55 r=1.22092167902528 rae 1 

£=47*273 - 162*z72 - 216*z - 62 r=4.52649103705930 ==> 4 
£=510*273 - 744*z72 - 402*z - 47 r=1.89936756679748 ==> 1 
£=683*z73 + 360*z72 - 786*z - 510 r=1.11189244188653 ==> 1 
£=253*273 - 1983*z72 - 2409*z - 683 r=8.93715413784671_ ==> 8 
£=17331*273 - 14439*z72 -_4089*z - 253 r=1.06706032616757 ==> 1 
f=1450*273 - 19026*z°2 - 37554*z - 17331 r=14.9119465584038 ==> 14 


Figure 35.3-A: Computation of the continued fraction of the positive real root of the polynomial z? — 2. 
Let r > 1 be the only real positive root of a polynomial F(x) with integer coefficients and positive leading 


coefficient. Then the (simple) continued fraction [ao, a1,...,@»] of r can be computed as follows (taken 
from [160] p.261]) 


[fxtbook draft of 2008-January-19] 


682 Chapter 35: Cyclotomic polynomials, Hypergeometric functions, and continued fractions 


r = RootOf(z*2 - 29) == 5.38516480... 
contfrac(r) ==[5, 2; 1) 15.2; 10; 2, 1, 1, 2, 10, ...] 


f=z"2 - aa r=5.38516480713450 == 


£=4*z72 *zZ - 1 r=2.59629120178363 ==> 2 

f=5*z"2 - 6*z - 4 r=1.67703296142690 ==> 1 

f=5*z"72 - 4*z - 5 r=1.47703296142690 ==> 1 

£=4*z"2 - 6*z - 5 r=2.09629120178363 ==> 2 

f=z72 - 10*z - 4 r=10.3851648071345 ==> 10 

f=4*z72 - 10*z - 1 r=2.59629120178363 ==> 2 <--= restart period 
f=b*z72 - 6*z - 4 r=1.67703296142690 ==> 1 


Figure 35.3-B: Computation of the continued fraction of the positive real root of the polynomial z? —29. 


1. Set k = 0, Fo(x) = F(a), and d = deg(F). 
2. Find the (unique) real positive root rz of Fy,(a), set a, = |r|. If k =n then stop. 
3. Set G(x) = F(x + ax), set Fy41 = —G*(x) = —24 G(1/z). 
4. Set k =k+1 and goto step 2. 
A simple demonstration is 


f=2°3 -2 
ff(y)=subst(f, z, y) \\ for solve() function 


{ for (k=1, 12, 
printi(" f=", f); 
r = solve(x=0.9, 1e9, ff(x)); \\ lazy implementation 


printi(" r=", r); 
ak = floor( r ); 
printi(" ==> ", ak); 
g = subst(f, z, ztak); \\ shifted polynomial 
f = -polrecip( g ); \\ negated reciprocal of g 
print(); 
de 5 


The output with F(x) = «3 — 2 is shown in figure|35.3-A] With quadratic equations one obtains periodic 
continued fractions, figure |35.3-B] shows the computation for F(#) = x? — 29. For a comparison of 
methods for the computation of continued fractions for algebraic numbers see |64). 


35.3.2 Computation of the convergents (evaluation) 


The computation of the sequence of convergents uses the recurrence 


Py = ak Pe-1 + b¢ Pr—2 (35.3-7a) 
Qe = a Qe-1 + be Qe-2 (35.3-7b) 
Set — i= i and a := * to initialize. The following is a procedure that computes the sequences of 
values Py and Q, for k = —1...n for a given continued fraction: 
procedure ratios_from_cf(a[0..n], b[O..n], n, P[-1..n], Q[-1..n]) 
{ 
P[-1] :=1 
Q[-1] :=0 
P[O] := al[0] 
Qto] := 1 
ra k:=1 ton 
P[k] := alk] * P[k-1] + blk] * P[k-2] 
Q(k] := alk] * Q[k-1] + b[k] * Q[k-2] 
} 


If only the last ratio is of interest, the ‘backward’ variant of the algorithm can be used. The version that 
computes the numerical value x from the first n terms of a simple continued fraction is: 


[fxtbook draft of 2008-January-19] 


35.3: Continued fractions 683 


function ratio_from_cf(a[0..n-1], n) 


x := a[n-1] 
for k:=n-2 to 0 step -1 


x := 1/x + alk] 


return x 


Using rational arithmetic and a general (non-simple) continued fraction, the algorithm becomes: 
function ratio_from_cf(a[0..n-1], b[O..n-1i], n) 


P := aln-1] 
b[n-1] 


Q: 
for k:=n-2 to 0 step -1 


{P, Q} := {alk]*P+b[k]*Q, P} // x := blk] / x + alk] 


return P/Q 


Implementation 


Converting a number to a simple continued fraction can be done with pari/gp’s builtin function 
contfrac(). The final convergent can be computed with contfracpngqn(): 


? default (realprecision, 23) 
realprecision = 28 significant digits (23 digits displayed) 


Pi 
3.1415926535897932384626 
? cf=contfrac(Pi 
[3, 7, 15, 1, 292, 1, 1, 1, 2, 1, 3, 1, 14, 2, 1, 1, 2, 2, 2, 2, 1, 84, 2, 1, 1, 15, 3] 
? ?contfracpnqn 
contfracpnqn(x): [p_n,p_{n-1}; q_n,q_{n-1}] corresponding to the continued fraction x. 
? m=contfracpnqn (cf) 
[428224593349304 139755218526789] 
[136308121570117 44485467702853] 
? 1.0*m[1,1]/m[2,1] 
3.1415926535897932384626 


The number of terms of the continued fraction depends on the precision used, with greater precision more 
terms can be computed. The computation of the m-th convergent of a continued fraction given as two 
vectors a[] and b[] can be implemented as (backward variant): 


? 


cfab2r(a,b, m=-2)= 
{ 


local(n, r); 

n = length(a) ; 

if ( m>-2, m = min(n, m) ); \\ default: m=n 
if ( m=n, m=n-1 ); 

if ( m<O, return( 0 ) ); \\ infinity 

r=0; 

m += 1; 

forstep (k=m, 2, -1, r = b[k]/(alk]+r); ); 
r += afi]; \\ bli] unused 

return( r ); 


} 


Alternatively, one can use the recursion relations |35.3-7a| and |35.3-7b| We do not store all pairs P,, Qn 
but only return the final pair Py, Qm: 


cfab2pq(a,b,m=-2)= 
{ 


local(n, p, pl, p2, q, ql, q2, i); 

n = length(a)-1; 

if ( m>-2, m = min(n, m) ); \\ default: m=n 
if ( m<O, return( [1, 0] ) ); \\ infinity 
pi = 1; 

qi = 0; 

p = alt]; 

q=1; \\ bli] unused 


[fxtbook draft of 2008-January-19] 


684 Chapter 35: Cyclotomic polynomials, Hypergeometric functions, and continued fractions 


for (k=1, m, 
i = k+l; 
p2=pl; pl=p; 
q2=qi; qi=q; 
p = ali]*pi + b[i]*p2; 
gq = alil*qi + bli]*q2; 


)5 
return( [p,q] ); 


default (realprecision, 55); \\ use enough precision 
default(format, "g.11"); \\ print with moderate precision 
default(echo, 0); 

\r contfrac.inc.gp \\ functions cfab2pq and cfab2r 
x=4.0/Pi 

n=15 

/* set up the continued fraction: */ 

a=vector(n, j, 2); af1]=1; 

b=vector(n, j, (2*j-3)72); 


/* print convergents and their error: */ 
{ for(k=0, n-1, 

t=cfab2pq(a,b, k); 

p=t[1]; g=t([2]; 


printi(k, my "\P> " / Jon qQ; 
printi("\n d=", x-p/q); 
print(); 
); 
quit; /* ------ end of script -------- */ 
/* ------ start output: ------ */ 
15 /* =n */ 


(1, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2] /* =a */ 
[1, 1, 9, 25, 49, 81, 121, 169, 225, 289, 361, 441, 529, 625, 729] /* =b */ 
1.2732395447 /* = 4/Pi */ 
Oo: 1/1 
d=0 . 27323954473 
1: 3/2 
d=-0 . 22676045526 
2: 15 / 13 
d=0. 11939339088 
3: 105 / 76 /* =p3/q3 */ 
d=-0.10833940263 /* =p3/q3-4/Pi */ 
4: 945 / 789 
d=0 .075520913556 
5: 10395 / 7734 
d=-0.070825622061 
[--snip-- 
13: 213458046676875 / 163842638377950 
d=-0 . 029583998575 


14: 6190283353629375 / 4964894559637425 
d=0 . 026428906710 


Figure 35.3-C: A pari/gp script demonstrating the function cfab2pq() that computes the convergents 
of a continued fraction (top) and its output (bottom, comments added). Here convergence is rather slow. 


We use our routines to compute the convergents of the continued fraction for 4/m given 1658 by Brouncker: 


4 if b 
— = 1+ = a+ - (35.3-8) 


e +2 
Pere ae 
ee 7 aa+--: 


Figure |35.3-C]shows how to set up the vectors containing the a, and b; and check the convergents. 


[fxtbook draft of 2008-January-19] 


35.3: Continued fractions 685 


Fast evaluation as matrix product 


For the evaluation of a continued fraction with a large number of terms rewrite relations |35.3-7ajand 
as 


k 
Pr Qk a aj 1 es 
ke a = Is i (35.3-9) 


Use the binary splitting algorithm (section on page|611) for the computation of the matrix product 
M(k). 


35.3.3 Miscellaneous relations for continued fractions 
35.3.3.1 Determinantal expressions 


The determinant formula for the numerators and denominators of successive convergents is 


PB Q at 
k k -1 
det Fe ral = PyQn1—Pr-iQe = (-1) IL, (35.3-10) 


The relation is obtained by taking determinants on both sides of equation |35.3-9| The relation can also 
be written as 
-1 7k 
Py Prea el Tja1 5; 


Qe Orr Qk Dk (35.3-11) 


For simple continued fractions we have b; = 1 so the product in the numerator equals one. Further, 
by inserting Py_1 = (Py — by Pe—2)/ax (relation |35.3-7a) and the equivalent expression for Q,—1 into 
relation |35.3-10| one obtains 


k-1 
Pr Qk k 
det = Pp 9 — Pr , = (-l b; 35.3-12 
e Fe ua i Qk-2 — Pro Qk (—1) 1) F ( ) 
Equivalently, 

Py Pree (—1)* a, oe bj 

= j= (35.3-13) 
Qe Qr-2 Qr-2 Qe 


This relation tells us (provided all a; and 6; are positive) that the sequence of even convergents is 
increasing and the sequence of odd convergents is decreasing. As both converge to a common limit 
we have P,/Q> > P./Qe for all even e and odd o. Equality can occur only for terminating continued 
fractions. 


35.3.3.2 Subsequences of convergents 


Sometimes the terms ax, by of the continued fraction are given in the form “a, = u(k) if k even, ap = 
u(k) else” (and by equivalently). Then one might want to compute the « = K(a,b) in a ‘stride two’ 
manner as 


Pr = Ag Pr-o+ By Pra (35.3-14a) 
Qk Ax Qe-2 + Br Qr—4 (35.3-14b) 


[fxtbook draft of 2008-January-19] 


686 Chapter 35: Cyclotomic polynomials, Hypergeometric functions, and continued fractions 


in order to regularize the involved expressions. We write the recurrence relation three times 


Pe = ap Pe-1 + b¢ Pr—2 (35.3-15a) 
Pei = Gx-1 Peo + Og_1 Pha (35.3-15b) 
Peg = Gx—2 Peg + de—2 Pha (35.3-15c) 


and eliminate the terms P,_; and Py_3. This gives 


by = _1 Ape bp 
An = Gy bg —1 + by k—-2 + Ak Ak-10K-2 _ Ak Og-1 ee ae (35.3-16a) 

Ak—2 Ak-2 

—ap bp—1 bE 
= (35.3-16b) 
Ak-2 
The stride three version 

Pr = Ag Pr_3+ Br Pre (35.3-17a) 
Qe = ArQr_-3+ Br Qr_o (35.3-17b) 


leads to the expressions (writing a,, for a,—» to reduce line width): 


aob1b3 + boa2b3 + bob2aa + a0a1a2b3 + aoaib2a4 + aob1a3a4 + boaza3a4 + apa1a2a304 
b3 + a3a4 


Ak (35.3-18a) 


a = bob2b3ba + aoaibebsba (35.3-18b) 
b3 + a3Q4 


When setting a, = a, by = @ the expressions for A, and By, simplify to the coefficients in relations 


[13c]on page (stride two) and |34.1-13d] (stride three) for recurrences. 


35.3.3.3 Relation to alternating series 


Using relation |35.3-11)on the preceding page it is possible to rewrite a continued fraction « = K(a,b) 
with positive az, by as an alternating series 


x = at) (-1)*ts, (35.3-19) 
k=1 
= by by be by bg bs ais i ( 1)F+1 Wes bi 4 
© DeO, Ory" O03," QrQri1 


Thereby the algorithm for the accelerated summation of alternating series from section can be applied 
to compute x. 


35.3.3.4 Continued fractions from infinite products 


A continued fraction for the product 


Po := |[Q+¥) (35.3-20a) 
k=0 
in terms of a = [ao, a1, ...] and b= [bo, bi, ...] is 
a = [, 1, +%i+(+¥)-¥%, +¥%e +(1+¥%)- Ys, +¥s+ (1 +¥5)- Yo, -..] (35-3-200) 
[1, +¥o, —1-M%-(1+¥o), —Yo-¥Ye-(14+%), —-¥1-¥s-(1+¥o), ...] (35.3-20c) 
For a given a vector y = [Yo, Yi, ...] the computation of individual values a; and b, can be implemented 
as: 


[fxtbook draft of 2008-January-19] 


35.3: Continued fractions 687 


Y(k) = eval(Str("Y" k)) \\ return symbol Yk 
yprod(n)= if (n<=0, 1, prod(j=0, n-1, (1+Y(j)))) 
=3 
pe = yprod(n) 
((Y2 + 1)*Y1 + (Y2 + 1))*YO + ((Y¥2 + 1)*Y1 + (Y2 + 1)) 
yv = vector(n, j, Y(j-1) ) 


(Yo, Y1, Y2] 
t = cfprod(yv) ; 
a=t [1] 


{1, 1, (Y¥1 + 1)*YO + Y1, (Y2 + 1)*Y1 + Y2] 


2 

(1, YO, -Y1*YO - Y1, (-Y2*Y1 - Y2)*YO] 
{ for(k=0, n, 

t=cfab2pq(a,b, k); 

p=t(1]; g=t[2]; 


printi(k, ": (",p, ") / (", q,""); 
yp = yprod(k); 
printi("\n ==", simplify(p/q)); 
print(); 
Dane 
0: a / (1) 
1: (yvo+1)/ (1) NV (pl) / (qt) 
== YO +1 \\ == yprod(1) 
2: ((¥1 + 1)*Y072 + (Y1 + 1)*YO) / (YO) \\ (p2) / (q2) 
== (Yi + 1)*YO + (Y1 + 1) \\ == yprod(2) == (1+Y0)*(1+¥1) 


3: (C(Y2 + 1)*Y172 + (Y2 + 1)*Y1)*YO72 + ((Y2 + 1)*Y172 + (Y2 + 1)*Y1)*YO) / (Y1*Y0) 
== ((Y2 + 1)*Y1 + (Y2 + 1))*YO + ((Y2 + 1)*Y1 + (Y2 + 1)) 


Figure 35.3-D: Verification of relations |35.3-20b] and |35.3-20c|on the preceding page using pari/gp. 


cfproda(yv, n)= 
{ 


local( y2, y3, d ); 

if ( n<=1, return(1) ); 
y3 = yvi[n]; 

y2 = yvi[n-1]; 

return( (y2+y3*(1it+y2)) ); 


} 
cfprodb(yv, n)= 
{ 
local( yi, y2, y3 ); 


if (O==n, return(1) ); \\ unused 
if (1==n, return(+yv[1+0]) ); 


y3 = yvi[n]; 
y2 = yv[n-1]; 
yi = if ( n==2, 1, yv[n-2] ); 


return( -yl*y3*(1+y2) ); 
} 


The routine cfprod() generates the vectors a and b with n+ 1 terms where n is the length of y: 


cfprod(yv)= 
{ 


local(n, a, b); 
n = length(yv); 
n += 1; \\ nti terms in continued fraction 
a = vector(n); 
b = vector(n); 
for (k=0, n-1, 
a[k+1] = cfproda(yv, k); 
b[k+1] = cfprodb(yv, k); 


); 
: return( [a, b] ); 


Relations |35.3-20b] and |35.3-20c|can be verified using pari/gp as shown in figure |35.3-D 


[fxtbook draft of 2008-January-19] 


688 Chapter 35: Cyclotomic polynomials, Hypergeometric functions, and continued fractions 


35.3.3.5 An expression for a sum of products 
Define Z,, as 
k 
Zn 3= Bt 224 2% 20234 2% 2223 24+... = l[« 
Then Z,, has the continued fraction 


21 
Lo = 


22 


43 


z. 
14+ 23 = 


25 
PORE eae 
are 


That is, Z = K(a,b) where 


(0, 1, zo +1, zg +1, zat], zi +1, ze +1, Gil 


b = [1, a, —22, 23, ZA, 25, Bey hostel 


For the n-th convergent P,,/Qn one has Q, = 1 and P, = Zp. 
To convert the power series of a hypergeometric function (see section on page 


aes 
bi, bo, ..., by 


into a continued fraction, set z; = 1, and for k > 1 set 


E _ z ITj-1 (a; Tv k) 
elo |e 7.7. EA 
7 k Hj-1 (b; ay k) 


An implementation is 


hyper2cf(va, vb, n, z=’z)= 
\\ convert hypergeom(va,vb,z) to continued fraction 
{ 

local(cfa, cfb, m); 

n += 2; 

cfa = vector(n); 

cfib = vector(n); 

cfa[i] = 0; cfa[2] 
ss cfb [2] 
for (k=3, n, 

m = 1/(k-2); \\ hidden lower parameter 1: (n-2) == 1+(n-3) 

m *= prod(j=1, #va, va[j]+(k-3)); \\ upper parameters 

m /= prod(j=1, #vb, vb[j]+(k-3)); \\ lower parameters 

m *= z; \\ argument 

cfa[k]=(m+1) ; 

cfb[k]=-m; 


1; 
1; 


a 
Hh 
io” 
- 
a 
uw 
u 


); 
return( [cfa, cfb] ); 
} 


We convert log(1 — z)/z =F ey | z) to a continued fraction and check the result: 
N=7; 

va=[1,1] ; vb=[2] ; 

t=hyper2cf(va,vb,N); 

cfa=t [1] 

(0, 1, 1/2*z + 1, 2/3*z + 1, 3/4*z + 1, 4/5*z + 1, 5/6*z + 1, 6/7*z + 1, 7/8*z + 1) 
cfb=t [2] 


NNN YD 


~_N 


[fxtbook draft of 2008-January-19] 


(35.3-21) 


(35.3-22) 


(35.3-23a) 
(35.3-23b) 


(35.3-24) 


(35.3-25) 


35.3: Continued fractions 689 


[1, 1, -1/2*z, -2/3*z, -3/4*z, -4/5*z, -5/6*z, -6/7*z, -7/8*z] 


? t=cfab2pq(cfa,cfb) 
[1/8*z°7 + 1/7*z°6 + 1/6*z75 + 1/5*z74 + 1/4*z73 + 1/3*z72 + 1/2*z + 1, 1] 


? st=t[1]/t[2]+0(z7N) 
1 + 1/2*z + 1/3*z72 + 1/4*z°3 + 1/5*z74 + 1/6*z75 + 1/7*z76 + 0(z77) 


? s2=hypergeom(va,vb,z,N)+0(z“N) 
1 + 1/2*z + 1/3*z72 + 1/4*z73 + 1/5*z74 + 1/6*z75 + 1/7*z76 + 0(z°7) 


For further information on continued fractions see [187] and [124]. An in depth treatment is [172]. 


[fxtbook draft of 2008-January-19] 


690 Chapter 35: Cyclotomic polynomials, Hypergeometric functions, and continued fractions 


[fxtbook draft of 2008-January-19] 


691 


Chapter 36 


Synthetic Iterations * 


It is easy to construct arbitrary many iterations that converge super-linearly. Guided by some special 
constants that in base 2 can be obtained by recursive constructions we build iterations that allow the 
computation of the constant in a base independent manner. The iterations lead to functions that typically 
cannot be identified in terms of known (named) functions. Some of the functions can be expressed as 
infinite sums or products. For the constructions with repeated string substitutions see chapter 


36.1 A variation of the iteration for the inverse 


We start with the product form for the most simple iteration, the one for the inverse: 


1 
I a el 

(y) fa9 (36.1-1a) 
= ltytyty ty t... (36.1-1b) 
= (lt+y)(+y)+y)(1t+y%)... ty”)... (36.1-1c) 
(2 Yo) ea) (a eee) is (36.1-1d) 

where Yo=y, Year =YP 

We now modify the signs in the infinite product: 
j 

JQ) <= Ce ptaer lay sy ae ly? ye: (36.1-2a) 
= l-y-yp+y—-yt+ytyi—y yt... (36.1-2b) 
(1 — Yo) (1—¥i) (1 — Y2) (1-3)... (1- Ye) --- (36.1-2c) 

where Yo=y, Yri1 = y 


The value of the n-th coefficient equals plus one if the parity of n is zero, else minus one (sequence |A106400 
of [214], the Thue-Morse sequence). The function J can be implemented as 
£j(y,N=5)= 
{ 
local (r); 
r=1; 
for (k=1, N, 
ro-= ry; 
y *= y3 


; 
return(r) ; 


[fxtbook draft of 2008-January-19] 


692 Chapter 36: Synthetic Iterations * 


Replacing the minus by a plus gives the implementation for the function I. 


A related constant is the parity number (or Prouhet-Thue-Morse constant): 


P = 0.4124540336401075977833613682584552830894783744557695575 . .. (36.1-3) 
[base 2} = 0.0110, 1001, 1001, 0110, 1001, 0110, 0110, 1001, 1001, 0110, 0110, 1001, ... 
[base 16] = 0.6996, 9669, 9669, 6996, 9669, 6996, 6996, 9669, 9669, 6996, 6996, 9669, . 
[CF] = [0,2,2,2,1,4,3,5,2,1,4,2,1,5,44,1,4,1,2,4,1,1,1,5, 14, 1,50, 15,5, 1141,4, aa ee 


The sequence of zeros and ones in the binary expansions is entry |A010060 of [214]. The constant P can 
be computed defining 


1p =F 
Ky) = FD) FON Ly type ys sult yh ty ty ty ty. (36.1-4) 
Then 
Let a 1G)-4@] _ 1 1,/1 
=— => =— l- 
af 5 (5) 2 2 a 47\3 or) 


1 ro 1 
2-4P = 1(5) = II (1- =) = 0.350183865439569608866554526966178 ... (36.1-6) 
k=0 


The sequence of bits of the parity number can also be obtained by starting with a single 0 and repeated 
application of the substitution rules 0 — 01 and 1 — 10. 


The following relations are direct consequences of the definitions of the functions J and J: 


I(y) T(-y) = I(y’) (36.1-7a) 
J(y”) 
I = 36.1-7b 
(y) Iw ( ) 
= 
I(-y) = oe I(y) (36.1-7c) 
Ly 
J(-y) = Toy 7) (36.1-7d) 
We have 
co k-1 ; 
Hy) = 14+ >> |x J] 1+”) (36.1-8a) 
k=0 j=0 
co ; k-1 ; 
Jy) = 1-So]y (1 _y? ) (36.1-8b) 
k=0 j=0 
A functional equation for K is 
Ky) = (1-y)K(y?)+ a (36.1-9) 
It is solved by 
co y? k-1 ; 
Ky) = \- i Il (1 _¥ ) (36.1-10) 
k=0 j=0 


[fxtbook draft of 2008-January-19] 


36.1: A variation of the iteration for the inverse 693 


For the inverse of J we have 


1 
I@ = 1lty+2y? + 2y? + 4y* + 4y? + 6y® + Gy? + 10y8 + 10y? + 14y? +... (36.1-11a) 
y 
=i = k 
= [a-ya-y)a-y)a-9)..]7~ = [[1@) (36.1-11b) 
k=0 
co 1+y? 
= C=») || (36.1-11¢) 
k=0 y 
= (+7 0s/ Osiris ase) ..a+97 )" (36.1-11d) 


The sequence of coefficients of the even powers of x in relation |36.1-11laJis 

1, 2, 4, 6, 10, 14, 20, 26, 36, 46, 60, 74, 94, 114, 140, 166, 202, 
This is entry |A000123 of 214], the number of binary partitions of the even numbers. The sequence 
$ [2,4,6,10,14,...] modulo two equals the period-doubling sequence, see section on page }700 


Relation|36.1-11d|tells us that the number of partitions of n into parts 2* equals the number of partitions 
of n into at most one 1, two 2, three 4,..., k+1 parts 2". The same relation can be used for a divisionless 
algorithm for the computation of 1/J: 


binpart (y ,N=5)= 
{ 


sacar 
13 
— (k= 1, N, 
for (j= =1, k, vr t= r*y; ); 
yR- Y3 
return(r) ; 
} 
The generating function 1+ 2y+4y?+6y?+10y*+ 14y° + 20y®+... equals 
I : 
Fey = Cty ses Gt CE. CaM. (6.1212) 


It can be computed via (note the change in the inner loop) 
binpart2(y,N=5)= 
{ 
eee al 
1; 
ae (k= 15 ONG 
for G= =1, k+1, xr += rey; ); 
y *= y; 


3 
return(r) ; 


} 
For I(y) we have 


Qk—4 ok y gh. 


¥ 
- > iF = -> Taye (36.1-13a) 
Integration gives (compare with relation |28.2-12|on page |546) 
ee l+y? es k 
—log(l-y) = x 5kFI log ( — = Slog (1 +y* ) (36.1-14a) 
k=0 k=0 


For the derivative of J we have 


(36.1-15) 


[fxtbook draft of 2008-January-19] 


694 Chapter 36: Synthetic Iterations * 


The following functional equations hold for I(y): 


0 = B-2AB+A? where A=I(y), B= I(y’) (36.1-16a) 
0 = B-2AB-A’®+2A°B where A=I(-y), B=I(-y’) (36.1-16b) 
0 = B-3AB+3A*B—A® where A=I(y), B=I(y’) (36.1-16c) 
0 = B-5AB+10A?B-—10A?B+5A*B—A® where (36.1-16d) 


A=I(y), B=I(y’) 
0 = B{[(l—A)*—(—-A)*]+(-A)* where A=I(y), B=I(y*) (36.1-16e) 


From the functional equation for K(y) (relation |36.1-9), the definition of K(y), and relation |36.1-7b| one 
can derive the following relation for J(y): 


0 = JZ-2InJgH,+Ja J? where Jp =J(y), Jo= Jy”), Ja=J(y*)  (36.1-17) 
This relation is given in entry |A106400 of [214], together with 
0 = Ig J? —3JeJoJ7 +3 Je Je iy — Js Te (36.1-18) 


where J, = J(y*). Relations between J, Jo, Jz, and Jo, can be derived from relation |36.1-16e] by 
replacing I(y) by J(y?)/J(y). For example, k = 5 gives 


0 = Io J? —5 Sip Je Jp +10 Jig Je J? — 10 no Je J? + 5 Sig JG i — Jp Je (36.1-19) 


The Komornik-Loreti constant 
One has K(1/G) = 1 for 


= 0.5595245584967265251322097651574322858310764789686603076... (36.1-20a) 


] =  0.1000111100111101000000000110000000001101011000100010110... 
B = 1.787231650182965933013274890337008385337931402961810997... (36.1-20b) 
= 1.1100100110001000000000110110111111101001011101011010000... 

[1,1,3,1, 2,3, 188,1,12,1,1, 22, 33,1, 10,1,1,7,1,9,1,1,20,2,15,1,...] 
The constant 3 is the smallest real number in the interval (1,2) so that 1 has a unique expansion of 
the form S°°°_, 5, G~" where 6, € {0,1}. It is called the Komornik-Loreti constant (see |8]). The fact 
that 6, = 1 exactly where the Thue-Morse sequence equals 1 was used for the computation of 3: one 


solves K(y) = 1 for y. The transcendence of 3 is proved (using the fact that J(y) is transcendental for 
algebraic y) in [9]. 


Third order variants 


Variations of the third order iteration for the inverse 


1 
I(y) = ie Itytyt+y ty t+... (36.1-21a) 
= (l+yty)(1+y?+y%) (14+ y9 +y'8)... dty® +y%*")... (86.1-21b) 
= (14+H4+Y2)04+N4+Y70+h4+Y9)...0+¥%4+ YP)... (36.1-21c) 


where Yo=y, Yro1 =YpP 
lead to series related to the base-3 analogue of the parity. The most simple example may be 


Ty) = (+hH-YAJ0d4+n-YAV0d+Hv-Y?7)...0+K-Yp)... (36.1-22a) 
(gay fap ey? aa ay ay ey ee ay aay ey . 61-205) 


[fxtbook draft of 2008-January-19] 


36.2: An iteration related to the Thue constant 695 


The sign of the n-th coefficient is the parity of the number of twos in the radix-3 expansion of n. We 
have 


1 : : 
5 F)-TW) = ytytyty ty ty ty tyr ty ty ty +... (36.1-23a) 
1 1 1 
; (1 ( 5) si ( 5)) =  0.1526445236254075825319249214757916793115045148714892548 . .. (36.1-23b) 
[base 2] = 0.0010011100010011101101100010010011100010011101101100011... 
[CF] = [0,6,1,1,4,2,1,1,2,4,1,1,4,1,4,2,1,1,1,2,1, 18,3, 24,1,6,1,3,...] 


The sequence of zeros and ones in the binary expansion is entry A064990) of [214], the Mephisto Waltz 
sequence. 


36.2 An iteration related to the Thue constant 


We construct a sequence of zeros and ones that can be generated by starting with a single 0 and repeated 
application of the substitution rules 0 — 111 and 1 — 110. The evolution starting with a single zero is: 


TO = 0 

Ti = 111 

T2 = 110110110 
== 3 times 11.0 

T3 = 110110111110110111110110111 
== 3 times 110110.i11 

T4 = 110110111110110111110110110110110111110110111110110110110110111110110111110110110 
== 3 times 110110111110110111.110110110 

T --> 1101101111101101111101101101101101111101101111101101101101101111101101111101101111. 


The crucial observation is that is T,, is three time repeated the string T/_,.T,—2 where Tj, consists of the 
first and second third of T;,. The length of the n-th string is 3”. Let T'(y) be the function whose power 
series corresponds to the string T, 


Ty) = ltytytyt ty ty tytyty tyr tyPtyP ty ty +y2 +... (36.21) 
It can be computed by the iteration 

Lp = 0, Ap = 1+y, Bo Sy", Yoo= ¥ (36.2-2a) 

Ry = Anty’ Ln (36.2-2b) 

Las = An+Bn (36.2-2c) 

Vag ot (36.2-2d) 

Anti = Ria(14+Yni1) — Ty) (36.2-2e) 

Base = ig ds (36.2-2f) 


The implementation is slightly tricky: 
th(y, N=5)= 
{ 


local(L, R, A, B, y2, y3, t); 
/* correct up to order 3*(N+1)-1 */ 


L=0; 
A=1ty; Be=y72; /* R = A.B */ 
for(k=1, N, 
/* (L, A.B) --> (A.B, A.L.A.L . ALL) */ 
y2 = y°2; 
R= A + y2*L; /* A.L */ 
L=A+B; /* next L = A.B */ 
y3 = y * y2; 
B=R * (y3*y3); 
A=R * (1+y3); /* next A= A.L.A.L */ 
= y3; 


return( A+B ) 


[fxtbook draft of 2008-January-19] 


696 Chapter 36: Synthetic Iterations * 


The Thue constant (which should be Roth’s constant, see entry A014578 of [214]) can be computed as 


11 
5 E(5) = 0.8590997968547031049035725028419742026142399555594390874 ... (36.2-3) 
[base 2} = 0.110,110, 111,110,110, 111,110, 110, 110, 110, 110, 111, 110,110, 111,110, 110,... 
[base 8] = 0.667, 667,666, 667, 667, 666, 667, 667, 667, 667, 667, 666, 667, 667, 666, 667, 667, ... 

[CF] (0, 1, 6, 10, 3, 2,513, 1, 1,2, 1, 4, 2, 6576668769, 1, 1,4, 


1, 2,2, 256, 1, 1,2, 1,2,3, 1,3, 3, 2417851639229258349412353, 
1,2,3,1,3,2, 1,2, 1,1, 256, 2,2, 1, 4, 2, 3288334384, 
11,4, 19,9, 146,38 3,9. 1,9. 1,19, X,.,] 


The term X in the continued fraction has 74 decimal digits. By construction the bits at positions n 
not divisible by three are one and otherwise the complement of the bit at position n/3. As a functional 


equation (see also section on page |700): 


yTy)+¥TYy’?) = —— (36.2-4) 


From this relation we can obtain a series for T(y): 


90 3° S1 
1) = Das (36.2-5) 
n=0 


36.3 An iteration related to the Golay-Rudin-Shapiro sequence 


Define Q(y) by 


Lo —_ 1, Ro = %Y, Yo = YY (36.3-1a) 
Lnt4t = IntRn — Q(y) (36.3-1b) 
og Se (36.3-1c) 
Rua, = Your ln = Re) (36.3-1d) 
then 
Qy) = ltyty-ytyty—-y+y ty ty ty yy? -yP ty —y" +.. (363-2) 


The sequence of coefficients is the Golay-Rudin-Shapiro sequence (or GRS sequence, entry A020985 
of [214], see also page [40). The constant 


Q =  0.9292438695973788532539766447220507644128755395243255222 ... (36.3-3) 
[base 2} = 0.1110,1101, 1110,0010, 1110, 1101, 0001, 1101, 1110, 1101, 1110, 0010, ... 
[base 16] = 0.ede2, edld, ede2, 122, ede2, ed1d, 121d, ed1d, ede2, ed1d, ede2, 12€2,... 
[CF] = [0,1,13,7,1,1,15,4,1,3,1,2,2, 1000, 12, 2,1,6,1,1,1,1,1,1,8,2,1,1,2,4,1,1,3,..] 


can be computed as 
Q = —_ (36.3-4) 
The implementation using pari/gp: 


[fxtbook draft of 2008-January-19] 


36.3: An iteration related to the Golay-Rudin-Shapiro sequence 697 


qa(y, N=8)= 
{ 


local(L, R, Lp, Rp); 

/* correct up to order 2**(N+1) */ 

L=1;  R=y; 

for(k=0,N, Lp=L+R; y*=y; Rp=y*(L-R); L=Lp; R=Rp); 
return( L + R ) 


} 


The following functional relations hold for Q: 


Qiy’) = OW) Fry) (36.3-5a) 
Qty) = Q(y*)+y¥Q(-y’) (36.3-5b) 
Q(-y) = Q(y’?)-yQ(-y’) (36.3-5c) 
Combining the latter two gives 
Qiy) = (ty) Q(y*) + (’-y*) Q(-y*) (36.3-6) 


Counting zeros and ones in the binary expansion of Q 


The number of ones and zeros in the first 4" bits of the constant Q can be computed via a string- 
substitution engine (see chapter [16]on page (331). The hexadecimal expansion can be obtained as: 


Number of symbols = 4 
Start: e 


ede2edid 
(#=16) 
ge eo aca 
a 
“ ede2edidede212e2ede2ed1d121ded1dede2ed1dede212e2121d12e2ede212e2 


A few lines of pari/gp code count the occurrences of the symbols (and thereby of zeros and ones): 


/* e-->ed ; d-->e2 ; 2--> id ; 1--> 12 */ 
/* ed ; oe 2 ; d 1; 2 1; */ 
mg= [1, 1, 0, 0; 1, 0, 1, 0; 0, 1, 0, 1; 0, 0, 4, 1]; 


mg=mattranspose (mg) 
{ for (k=0, 40, 
printi( k, ": "); 
mm=ng~k ; 
mv = mm*[1,0,0,0]~; 
t = sum(i=1,4, mv[il); 
and d have three ones and one zero */ 


/* e 
/* 1 and 2 have one one and three zeros */ 
nO = 3*(mv[3]+mv[4]) + (mv[1]+mv[1]); /* # of zeros */ 
ni = 3*(mv[i]+mv[2]) + (mv[3]+mv[4]); /* # of ones */ 
print( t, " a 
4 " #0=", nO, " #1=", ni, "  diff=", ni-nO, "| #1/#0=", 1.0*n1/n0 ); 


We obtain the data shown in figure|36.3-A| The sequence of the numbers of ones is entry|A005418 of [214]. 


It is identical to the sequence of numbers of equivalence classes obtained by identifying bit-strings that 
are mutual reverses or complements, see section |3.8.1.6]on page 


[fxtbook draft of 2008-January-19] 


698 Chapter 36: Synthetic Iterations * 


#e #d = = =6#2 = #1 
0: 1 { 1, 0, 0, 0] #0= 2 #1= 3 diff=1 #1/#0=1. 
1: 2 { 1, 1, 0, 0] #0= 2 #1= 6 diff=4 #1/#0=3. 
2: 4 { 2, 1, 1, 0] #0= 7 #1= 410 diff= 3 #1/#0=1. 
3: 8 { 3, 3, 1, 1] #0= 12 #1= 20 diff= 8 #1/#0=1. 
4: 16 { 6, 4, 4, 2] #0= 30 #1= 36 diff=6 #1/#0=1. 
5: 32 { 10, 10, 6, 6] #0= 56 #1= 72 diff=16 #1/#0=1. 
6: 64 [ 20, 16, 16, 12] #0= 124 #1= 136 diff=12 #1/#0=1. 
7: 128 [ 36, 36, 28, 28] #0= 240 #1= 272 diff=32 #1/#0=1. 
8: 256 [ 72, 64, 64, 56] #0= 504 #1= 528 diff=24 #1/#0=1. 
9: 512 [136, 136, 120, 120] #0= 992 #1=1056 diff=64 #1/#0=1. 
10: 1024 [272, 256, 256, 240] #0=2032 #1=2080 diff=48 #1/#0=1. 


{[--snip--] 
40: 1099511627776 


5000000 
0000000 
4285714 
6666666 
2000000 
2857142 
0967741 
1333333 
0476190 
0645161 
0236220 


(274878431232, 274877906944, 274877906944, 274877382656] 


#0=2199022731264 #1=2199024304128 diff=1572864 #1/#0=1.00000071525 


Figure 36.3-A: Number of symbols, zeros and ones with the n-th step of the string substitution engine 
for the GRS sequence. For long strings the ratio of the number of zeros and ones approaches one. 


36.4 Iterations related to the ruler function 


The ruler function r(n) can be defined to be the highest exponent e so that 2° divides n. Here we consider 
the function that equals r(n) +1 for n 4 0 and zero for n = 0. The partial sequences up to indices 2" — 1 


are 
RO = Q 
Ri = QO 1 
R2=0121 
R3=O1213121 
R4=O012131214121 2 
R5=O0O1213121412131215121312141213121 
R6=O012131214121312151213121412131216 


The limiting sequence is entry|A001511 of . Observe that Rp, = Ry—-1-.(Rn—1+[n,0,0,...,0]). Define 


the function R(y) as the limit of the iteration 


Ry = YU; Yi = Y 
Yn41 = Ye 
Rati = Rat Ynii [Rnt+(l+n)] — Rly) 
Implementation in pari/gp: 
r2(y, N=11)= 
{ /* correct to order = 27N-1 */ 
local (A); 
A=y; 


F A += y*(A +k); ); 
return( A ); 


} 


(36.4-1a) 
(36.4-1b) 
(36.4-1c) 


If one replaces in the statement A += y*(A + k); by A += y*(A + 1); then the iteration computes Ta 


For the function R we have 


WG) = dfe-om()seeoa 2) 


y y y 
Ry) = Ry’) + = Rw) +7 + = 
and so 
foe) or 
y 
Ry) - 1 9,2” 
n=0 y 
One further has 
co yr 
Ry) = Dh +2) ae 
n=0 


[fxtbook draft of 2008-January-19] 


(36.4-2a) 
(36.4-2b) 


(36.4-2c) 


(36.4-3) 


(36.4-4) 


36.4: Iterations related to the ruler function 699 


Define the ruler constant as R := R(1/2)/2, then 


R_ = 0.7019684139410891602881030370686046772688193807609450337...  (36.4-5) 
[base 2] = 0.10110011101101000011001110110100101100111011010000110011... 
[CF] = [0,1,2,2,1,4,2,1,1,1,2,2,1,3,3,4,5,6,1,5,1,1,9,49,1,8,1,1,5,1, 


6,5, 0,3, 90 4 Bl O24 DT, 138, 1.9 1s 11,18 25 13° 9 95 0, 
231,991,019 8 Sea 1s A OT eG. 113.1, 11a 6a] 


We will now compute the function 


co y? co yr 
RO) = Sao = te aoe (36.4-6) 
n=0 1 + y n=0 1— y 
The partial sequences of coefficients of the Taylor expansion are 
PO = Q 
Pi = 8 1 
P2 = 1Q1 
P3=Qi1iQi-11iQt1 
P4=O01iaQi-11Q1-2 Qi-t Qi 
Pp=901Q01-1101-2101-1101-31Q01-11012101-110Q1 
Po =O0101-1101 -2 01-1 0i-3101-1101-210i1-1101-41 
Observe that Pp, = Pn—1.(Pn—1 — [n — 2,0,0,...,0]). Compute P(y) by 
Pi Y; Yi = y (36.4-7a) 
Vian 3S: “¥? (36.4-7b) 
Patt = PrtYnii [PatQd-—n)] — Ply) (36.4-7c) 
Implementation in pari/gp: 
p2(y, N=11)= 
{ /* correct to order = 2°N-1 */ 
local (A); 
A=y; 


for(ke2,N, your y; Are ye Oc-2))7 5 
return( A ); 


One finds for P: 


P() = x |a+nP(2) +c 1) P( -)| (36.4-8a) 
p(2) = P(a) +5 (36.4-8b) 


Relations that involve both P and R are 


Ola) a i a) ae | (95 4-80) 
n() = 5 [a+r (4): a@+3)R(4)| (36.4-8d) 
Hf) = Eleone()oo-ne(8)} oe 
ese) _ —_ 7 yy (36.4-88) 
Uae, = RG?) (36.4-82) 
Ry) — Py) = RW?) (36.4-8h) 


[fxtbook draft of 2008-January-19] 


700 Chapter 36: Synthetic Iterations * 


36.5 An iteration related to the period-doubling sequence 


Define 
Ty) = 3 —_ = 2 (—1)" _v (36.5-1a) 
ere iy ~ AO Toe 
=) pea? tat eg tay! ta? ty ey ty? ty ey ey 4 (36.5-1b) 


The function can be computed by the iteration 


A, = 0, I, = y, R= y, Y= y (36.5-2a) 
Aya. = Tt Ry = Ty) (36.5-2b) 
Envi = Int+YnAn (36.5-2c) 
Kyat = Ry tY¥,An (36.5-2d) 
Yrui = Y¥- (36.5-2e) 


Implementation in pari/gp: 


t2(y, N=11)= 

{ /* correct to order = 2°N-1 */ 
local(A, L, R, t); 
A=0; L=y; R=y; 


return( A); 


The computed Taylor series can be obtained symbolically by starting with a single zero and applying the 
substitution rules 0 — 11 and 1 — 10. The evolution is: 


TO 0 


AIAIAHHH 
OOUBWNE 
BRRRERR. 
elelelele 
RAR RR 
RPRERHRO 
BRR 
lelelele) 
RRR 
lelole)= 


1 
1 
1 


lelele) 


111 
141 
1ii 


lelelo) 


1 
1 
1 


RRO 


10111Q01901Q01112Q0i1 
1Ooi1iiitioioirioiitoioitoii1... 

Observe that T, = L(Tn—1)-Tn—2-R(Tn-1)-Tn—2 where L and R denote the left and right half of their 
arguments. The limiting sequence is the so-called period-doubling sequence. It is entry A035263) of [214] 


where it is called the first Feigenbaum symbolic sequence. Define the period-doubling constant as T := 
T (1/2), then 


T = 0.7294270234949484057090662068940526170600269444658547417...  (36.5-3) 
[base 2] = 0.10111010101110111011101010111010101110101011101110111010... 
[CF] = (0,1,2,1,2,3,2,8,1,1,1,2,1,8,6,1,2,1,2,8,1,2,2, 1,1, 24,2, 2,2,1, 


es We Fe ora ee ec a ee 
6,61,9,1:9,5,4,2-9, 1,194.99. 918919 141,1,9 9 14165.) 


The transcendence of this constant is proved in [146]. A functional equation for T(y) is 


Tiy)+T(y’) = ig (36.5-4) 


The Taylor series of T(y?) has coefficients one where the series of T(y) has coefficients zero. 


[fxtbook draft of 2008-January-19] 


36.5: An iteration related to the period-doubling sequence 701 


pile_O pile_+ pile_- moved summary direction 
disk of move 

0: 1111 ee bates Pee 0000 

1: 111. srcuets goood wel 000 - 1 
2: i aAe ls ane .i. O0+- O 
3: os. ..it desis aac: Qoo0++ 1 
4: Wasa ..i1 rele adiaee O-++ 1 
5: 1 ead, ae ce Pare Oo-+0 1 
6: Decade oe rae ip i ase QO--0O 0O 
(3 leer fre .111 eee Oa Ss = 1 
8: ee dl ecsees .111 leer base = 0 
9: fae 1..1 -11. eee toe t 1 
10: 1. 1..1 gles sed +-QO+ 0O 
11: ..it cre oy ee Pedal +-00 1 
12: Pee pleas Stans een ++00 1 
13: eee Det 1 even ++0- 1 
14: Sais iii. el sd. ++ +- O 
15: 1111 aris) 8 1 ++ ++ 1 


Figure 36.5-A: Solution of the towers of Hanoi puzzle for 4 disks. The rightmost column corresponds 
to the direction of the move made, it is the period-doubling sequence. 


36.5.1 Connection to the towers of Hanoi puzzle 


The towers of Hanoi puzzle consists of three piles and n disks of different size. The initial configuration 
is that all disks are on the leftmost pile ordered by size (smallest on top). The task is to move all disks to 
the rightmost pile by moving only one disk at a time and never putting a bigger disk on top of a smaller 
one. 


The puzzle with n disks can be solved in 2” — 1 steps. Figure|36.5-A|shows the solution for n = 4 [FXT: 
bits/hanoi-demo.cc]. Here the piles are represented as binary words. Note that with each move the lowest 
bit in one of the three words is moved to another word where it is again the lowest bit. 

A simple solution can be obtained by observing that the disk moved with step k = 1, ..., 2” — 1 corre- 


sponds to the lowest set bit in the binary representation of & and the index of the untouched pile changes 
by +1 mod 3 for n even and —1 mod 8 for n odd. The essential part of the implementation is 


void 
hanoi(ulong n) 


ulong £[3]; 
f£[0] = first_comb(n); f£[1] = 0; £[2] = 0; // Initial configuration 
const int dr = (n&1 ? -1 : +1); // == +1 (if n even), else == -1 


// PRINT configuration 

int u; // index of tower untouched in current move 
if ( dr<O ) u=2; else u=1; 

ulong n2 = 1UL<<n; 

for (ulong k=1; k<n2; ++k) 


a 
ulong s = lowest_bit(k) ; 
ulong j = 3; while ( j-- ) f[j] “= s; // change all piles 
flu] “= s; // undo change for untouched pile 
u += dr; 
if ( u<O ) u=2; else if ( u>2 ) u=0; // modulo 3 
// PRINT configuration 
} 


} 


Now with each step the transferred disk is moved by +1 or —1 position (modulo 3). The rightmost 
column in figure |36.5-A] consists of zeros and ones corresponding to the direction of the move. It is the 


period-doubling sequence. A recursive algorithm for the towers of Hanoi puzzle can be given as [FXT: 
comb/hanoi-rec-demo.cc : 


ulong £[3]; // the three piles 
void hanoi(int k, ulong A, ulong B, ulong C) 
// Move k disks from pile A to pile C 


if ( k==0 ) return; 


[fxtbook draft of 2008-January-19] 


702 Chapter 36: Synthetic Iterations * 


// 1. move k-1 disks from pile A to pile B: 
hanoi(k-1, A, C, B); 

// 2. move disk k from pile A to pile C: 
ulong b = 1UL << (k-1); 

f£[A] “= b; 

f£[C] “= b; 

print_hanoi(b); // visit state 

// 3. move k-1 disks from pile B to pile C: 
hanoi(k-1, B, A, C); 


The piles are represented by the binary words f [A], £[B], and f[C], the variable k is the number of the 
disk moved. The routine is called as follows 

ulong n = 5; 

// Initial configuration: 


£[0] = first_comb(n); // n ones as lowest bits 
f[1] = 0; £[2] = 0; // empty 


// visit initial state 
hanoi(n-1, 0, 1, 2); // solve 


36.5.2 Generalizations of the period-doubling sequence 


? default (realprecision, 85) ; 
? tm(y,m,N=8)=sum(n=0,N, (-1) “n*(y* Gn*n)/(1-y* (m*(n))))) 
? for(m=2,9,print(m,": ",tm(1.0/10,m,4)) ;print(" "\tm(1.0/107m,m,4))) 


2: me lisse: Gr bee esas eee Deters (be ne ieee ee es ei ee ieee x ie aes be te: bree is eee bees eae 
sliasteledec the. wd lide cidade leeds ned eds edad. 


3: 11, 11,11111,11,11111,11,11,11,11,11111,11,11111,11,11,11,11,11111,11,11111,11,11111.1 
<4 ivvi sees ae Re ee 124 pesos eae es Eee decd sips it 


4: 111, tit, a 1111111, iit, tat, 1111111, nea tit, 1111111, are Ait, it, en aa Alt, 1111111,1 
pac sdssed dest. 004 s ans Si deselect cde sda cdee ck it 


5: | tiit, Ata) ine 111111111, 1111, aaa titt, 111111111, | i ee 111111111, fae 
pdsecaded cadets da omnacou.s Wire sccbscs ane Lees gee Monae sae tese Vide dieses ons: Like acces 5 ae 


Figure 36.5-B: Visual verification of the higher order analogues of the period-doubling sequence. In the 
output lines the leading ‘0.’ was removed and all zeros were replaced by dots. 


The functional equation for the period-doubling sequence, relation |36.5-4| can be generalized in several 
ways. For example, one can look for a function for which F3(y) + F3(y?) = z4j- It is given by 


co 3” 
BQ) > DO ae (36.5-5a) 
k=0 


= gira gage a ga gM a glee yea gt 4... (B05-5b) 
We can compute a constant: 
F3(1/2) = 0.8590997968547031049035725028419742026142399555594390874...  (36.5-6) 


But this is just the Thue constant, see section on page Large terms occur in the continued 
fraction expansion of this constant. Even larger terms occur in the continued fractions of F,,(1/2) for 
m > 8 (replace 3 by m in relation |36.5-5a). For example, the 45-th term of F5(1/2) has 565 digits. In 


[fxtbook draft of 2008-January-19] 


36.5: An iteration related to the period-doubling sequence 703 


contrast, the greatest of the first 1630 terms of the continued fraction of F2(1/2) = T(1/2) equals 288. 
Some sequences corresponding to the higher order analogues of the period-doubling sequence are shown 


in figure }36.5-B 


A different way to generalize is to search functions for which, for example, the following functional 
equation holds: 


Fy) + Fy?) + Fy?) = (36.5-7) 


The equation can be solved by writing F(y) = y/(1 — y) — F(y?) — F(y?) and using recursions that 
terminate when a prescribed order is reached. 


F(z, R)= 

{/* solve F(y) + F(y*2) + F(y73) = y/(1-y) */ 
local(s, y); 
y =ztR; 

= y/(1-y); 

if ( y°2!=R, s - 
if ( y°3!I=R, s - 
return(s) ; 


z-2, R) ); 
z~3, R) ); 
} 

We obtain 


? N=55; 
? default (seriesprecision,N) ; 
? s=F(y,O(y"N)) 


yry4+y5+yerty 7+ y79 + y1i - yo1i2 + y°13 + y°16 + y"17 - 
y°18 + y°19 + y°20 + y°23 + 2*y"24 + y°25 + y°28 + y°29 + y~30 + y731 + 
y°35 + 3*y736 + y°37 + y°41 + y°42 + y°43 + y°44 + y°45 + y47 - 
Qx*y"48 + y°49 + y752 + y753 + 2*y754 + O(y755) 
To verify that the function F actually satisfies the given functional equation we show the sequences of 
coefficients of the power series of F(y), F(y”), F(y%) and their sum: 
F(y)= [0, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0, 1,-1, 1, 0, 0, 1, 1,-1, 1, 1, 0, 0, 1, 2, 1, pel 
F(y*2)= [0, 0, 1, 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 0, 0, 0, 1, 0, 0, 0, 1, 0,-1, 0, ...] 
F(y*3)= [0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 1, 0, 0, 1, 0, 0, 1, 0, 0, 0, 0, ...] 
sum= [O,. Ws 2e sd, ds dy hs he hs dh hg gs, Ws chs ch he ha dy a nce) 
Fly) =ytyt+y>4 y? ty? ty $y! 4 yl 4 yl? 4 y!9 4 420 + y?3 + 2 + y8 4 29 4... 
F(y)= eA cTh 1.1.1.2. 111d. etd... e111. 11d. dD 111.11. 1.1 
F(y*2)= Vide ie Vids ws dowede vd sels s oes Ld Lideeians Diy oo Sees Weds odes ods 1.1 
F(y*3)= A chica tenia Aves cides: ur dete Ba West aes Vite hier De aushene eas Ds ecliseietonaes Dione As. st aacdcen 1 
F(y*6)= ...... secur ivan Se acectedne gestae Des nace: tose dl carb Ae ante tea Der spbes meqeesawts D series aah trey aa 
sum= 21411111111111111111111111111111111111111111111111111111111111111111111111 


Figure 36.5-C: Visual demonstration that F(y) satisfies the functional equation F(y) + F(y?) + F(y?) + 
F(y®) = y/(1—y). Dots are used for zeros. 


The Taylor series of F(y) where F(y) + F(y?) + F(y?) + F(y®) = y/(1—y) contains only ones and zeros. 
One has 


= ak —ljetes if f= 2&2 383 
Fly) = D7 R(k);—_ where R(k) = { ‘ ) es (36.5-8) 
k=1 


This is a Lambert series, it can be converted into a Taylor series by relation]35.1-20}on page It turns 
out that with k = u2° 3° (where neither 2 nor 3 divides uw), we have 


(36.5-9) 


ca 0 if either of e2 or e3 is odd 
" 7 1 else (i.e. both eg and e3 are even) 


[fxtbook draft of 2008-January-19] 


704 Chapter 36: Synthetic Iterations * 
36.6 An iteration from substitution rules with sign 


Substitution rules: 0 — L1, 1 — 10, and L — LO. 


DO = 1 

Di = 10 

D2 = i10L1 

D3 = 10L1L010 

D4 = 10L1L010LO1L10L1 

D5 = 10L1L010LO1L10L1L01L10L010L1L010 

D --> 10LiLO1OLOIL10OL1LO1L10LO10L1LO10LO1L10LO10L1LO1L10L1LO10LO1iL... 


Identify L with —1 and observe that for n > 1 one has Dy, = Dn—1.(—Dn—2)-Dn—2. The length of the 
strings is 2”. Define D(y) by the iteration 


Io = 1, Ro =1(40y), Yox=ry (36.6-1a) 
Ind. = Ry (36.6-1b) 
Rav. = RatY¥? (—LatYnln) — Dly) (36.6-1c) 
Fag = Ye (36.6-1d) 
Implementation in pari/gp: 
dd(y, N=7)= 
{ 
local(R, L, y2, t); 
/* correct up to order 2*(N) */ 
L= 1; 
R = 1 + O*y; 
for(k=1, N, 
/* (L, R) --> (R, R.(-L).L) */ 
y2 = y°2; 
t =R; 
R=R+ y2*(-L + y*L); /* R.(-L).L */ 
L=t; 
y = y2; 
return( R ) 
} 
We have 
Diy) = 1—y ty —yt 4+ y® —y8 + y!? — ylt 4 yl? — yt 4 yd — yo 4 y+... (36.6-2) 
and (see relation |36.1-4]on page |692) 
4 py) = Ky) = y+ytytty ty8tyt+... (36.6-3) 


l-y 


The coefficients are one where the Thue-Morse sequence equals minus one. Thereby the parity number 
can be computed as P = $ D (5). A functional equation for D is 


Diy) = y 3 (y?) + —— (36.6-4) 


36.7 Iterations related to the sum of digits 


The sequence of the sum of binary digits of the natural numbers starting with zero (entry |A035263 
of [214]) can be constructed as follows: 


2 
21 2 3 

2122312232334 

21 23122323341223233423343445 


Observe that S,, = S,-1.(Sn-1 + In_1) where I, is a sequence of n ones and addition is element-wise. 


[fxtbook draft of 2008-January-19] 


36.7: Iterations related to the sum of digits 705 


Define S(y) by 


Ii = 1, Ay = Y; Y, = Y (36.7-la) 
27-1 

fae = Inf +¥) = aay y* (36.7-1b) 

Yrur = ¥2 (36.7-1c) 

An+1 => An + Yr+1 (In41 + Ay) — S(y) (36.7-1d) 


Implementation in pari/gp: 
s2(y, N=7)= 
{ 

local(in, A); 


/* correct to order = 2°*N-1 */ 
in = 1; /* 1tyty*2t+y73+...+y7(27k-1) */ 


A= y; 

for (k=2, N, 
in *= (1+y); 
y *- y; 


A += y*(in + A); 


return( A); 


The Taylor series is 


S(y) = O+yty? +2y? + y* + 2y° + 2y° + By” + y® + 2y? + 2y?? + By"? 4+ 2y1? + 3y"? 4 (36.7-2) 
Define the sum-of-digits constant as S := S(1/2)/2, then 
S =  0.5960631721178216794237939258627906454623612384781099326... (36.7-3) 
[base 2) = 0.100110001001011110011000100101101001100010010111100110001... 
[CF] = [0,1,1,2,9,1,3,5,1,2,1,1,1,1,8,2,1,1,2, 1,12, 19, 24,1, 18,12,1,...] 
We have (see [221]) 
1 = y? 
Sty) = 7 (36.7-4) 
l-y 5 l+y 
and also 
foe) y? k-1 ; 
sy) = ar Il [1 +y? (36.7-5) 
k=0 j=0 
The last relation follows from the functional relation for S, 
Sy) = (+) SW)+ 5 (36.7-6) 


It is of the form F(y) = A(y) F(y?) + B(y) where A(y) = 1+ y and B(y) = y/(1 — y?) and has the 
solution 


co k-1 ; 
Fy) = >> |B") T] [Aw (36.7-7) 
k=0 j=0 
This can be seen by applying the functional equation several times: 

F(y) = A(y) F(y?) + B(y) (36.7-8a) 
= Aly) [A : F(y*) + B(y’)] + Bly) (36.7-8b) 
= Aly) [A(y’) [A(y*) a *) + Biy*)] + B(y”)] + By) = (36.7-8c) 
= Bly)+ AG) B(y’) + A(y) Aly?) B(y*) +. (36.7-8d) 


[fxtbook draft of 2008-January-19] 


706 Chapter 36: Synthetic Iterations * 


Weighted sum of digits 


Define W(y) by 


1 

h=5 A4&=1 Khay (36.7-9a) 
(1+ Yn) — 

Imi = I~ = = 2, v y (36.7-9b) 

Yao) = 32 (36.7-9c) 

An+ = An + Yn+1 n+ + An) a 2 W(y) (36.7-9d) 


Implementation in pari/gp: 
w2(y, N=7)= 
{ 


local(in, y2, A); 
/* correct to order = 2°N-1 */ 
in = 1/2; /* 1/27k * (1+yty72ty73+...+y7(27k-1)) */ 
= y/2; 
for(k=2, N, 
in *= (1+y)/2; 
y *= y; 
A += y*(in + A); 


return ( A); 


In the Taylor series 


t.. ts Ss 14 Se. Ba. ¥s 
= a | al 
W(y) Ot syt gy tay teu tay teu tey t (36.7-10) 
ls, 99, 5 13 4, 3 ye 11 33 7 yu! 15 45 
16° a6” 16! rat oY Tie tig’ tig’ tigy + 


1 16 17 17 | 9 18 2) (38 5 20 eee 2 2 a a 


327 32% "32% 7 39 304 © 39 32 32 
3 24, 19 95 | Wl 96 | 27 a7 | 7 8 | 23 99 | 15 30) 381 31 | 1 30 


39° a9" a9" "ga" Ti g9% apt “Tage V ag4  \ gae 


the coefficient of the y” is the weighted sum of digits w(n) = 772, 27+ b; where bo, bi, ... is the base-2 


a 
representation of n. Note that the numerator in the n-th coefficient is the reversed binary expansion of n. 


The corresponding weighted sum-of-digits constant or revbin constant is W := W(1/2). Then 


W = 0.4485265506762723789236877212545260976162788135384481336... (36.7-11) 
[base 2] = 0.0111001011010010101000101101001010001010110100101010001... 
[CF] = [0,2,4,2,1,4,18,1,2,6,5,17,2,14,1,1,1,2,1,1,2,1,3,1,29,4,1,...] 


For the function W we have the following functional relation: 
1 1 fl+q 1 q 
= .7-12 
w(i) | q A eee en 


36.8 Iterations related to the binary Gray code 


36.8.1 Series where coefficients are the Gray code of exponents 


We construct a function with Taylor series coefficients that are the mary Gray code of the exponent of 
y. A list of the Gray codes is given below (see section [I.15]on page 


[fxtbook draft of 2008-January-19] 


36.8: Iterations related to the binary Gray code 


707 


The sequence of Gray codes is entry |A003188 of [214]. Define the function G(y) as the limit of the 
iteration 


Fy = ¥Y, B, = 1, Y=¥Yy, i= 
y= Ye 4 

F, = (Fr-1 \+ Yn (Bn-1+2In-1) 
By, = (Pe-1+2in1)+¥ (Bri ) 
Ll, = iy) 


Implementation in pari/gp: 


gg(y, N=15)= 
{ 


} 


local(t, ii, F, B, Fp, Bp); 

/* correct up to order 2°N-1 */ 
F=O0+y; B=1+0; ii=l1ty; 

for (k=2,N, 


ii *= 2; /* delete for sum of digits */ 


Fp = ( ) + y * (B+ ii); 
Bp = (F + ii) + y * @ 5 
= Fp; B = Bp; 

ii *= (1+y); 


return( F ) 


1l+y 


— Gly) 


In the algorithm F contains the approximation so far and B contains the reversed polynomial: 


oy wy wom wy 


"ot 
! 
mI! 
< 
Vey 
ul 
a 


(ay B43y: *O4y) 
. eS 


(ay 74Ey: 6+7y~5+6y"4+2y"3+3y"2t+y) 
(y* ak 5+2y" 4+6y~3+7y*2+5y+4) 


We obtain the series 


+24y'® 4+ 25y"" + a7y'® + 26y"? + 30y7° + B1y7" + 2047? + 28479 + 
42057" + Dine 4.939"? ay 4 18g Oy + 17” 4 by +... 
We define the Gray code constant as G := G(1/2): 
G =  2.302218287787689301229333006391310761000431077704369505 . .. 
[base 2} = 10.01001101010111100010110101111110010011010001111000101.. 
[CF] = [2,3,3,4,4,1,4,4,1,2,1,1,1,2,24, 205, 1,4,2,2,1,1,4,10 BES oc: 


Gly) = O+1y+3y? + 2y* + 6y* + 7y° + 5y® + 4y” + 


41242 + 134° + 15y! + 14y"! + 10y!? + 11y!? + oy" + By!® + 


[fxtbook draft of 2008-January-19] 


] 


(8y* is+9y- 14+11y713+10y712+14y711+15y*10+13y*9+12y"8+4y~7+5y~6+7y~5+6y~4+2y~3+3y*2t+y) 
(y714+3y*13+2y712+6y~11+7y*10+5y~9+4y~8+12y~7+13y~6+15y"5+14y*4+10y"3+11y*2+9y+8) 


(36.8-2) 


(36.8-3) 


708 Chapter 36: Synthetic Iterations * 


La *)| (36.8-4a) 


For the function G we have 


a(a) 7 lari? 


Q 
a ™~ 
mO)e 
Soe 

II 

io 

+ 

io 

g ee 


q? 
(3) ao} (q? +1) (36.8-4b) 
Gy) = ee Gy?) 4 a= Aer (36.8-4c) 

1 au 1 @ 
o(-j) 7 a( le (q+ D(@+) (36.8-4d) 
Dy ts 22 +4) P(e +4et+4qt)) - 
o(;) ~ a(q-1) z)*t (f+) (P+) (q-) (36.8-4e) 

u — 1 f(t (q*+4q2+4¢4+1) 1 (q¢ +1) 1 ; 

a({) 7 2¢? | (q?2 + 1) c(=) (q—1) o( =)| (36.8 4f) 


The function G(y) can be expressed as 


y 
Gly) = = 36.8-5 
M = ln (36.8.5) 


36.8.2 Differences of the Gray code 


If one defines F'(y) = (1 — y) G(y) to obtain the successive differences of the Gray code itself, the Taylor 
coefficients are powers of two in magnitude: 


Fly) = O+y+2y?—y? + 4y* + y° — 29° —y7 + By? ty? + 2y — yt — Ay? + y+... (36.8-6) 


We have 


(36.8-7) 


Fiy) = r(<) = > ee ve (36.8-8) 


r= 


Thereby F'(y) can be computed everywhere except on the unit circle. The sum 


a oe (36.8-9) 


leads to a series with coefficients 
012141218121412116121412183134214121321... 


corresponding to the (exponential) version of the ruler function which is defined as the highest power of 
two that divides n. The ruler function (see section on page [698) 


~0102010301020104010201030102010501... 


is the base-2 logarithm of that series. 


[fxtbook draft of 2008-January-19] 


36.8: Iterations related to the binary Gray code 


36.8.3. Sum of Gray code digits 


The sequence of the sum of digits of the Gray code of k > 0 is (entry |A005811)in [214]): 
0121232123432321234345432343232123... 


709 


Omit the factor 2 in relations |36.8-1c] and |36.8-1d|on page That is, in the implementation simply 


remove the line 


ii *= 2; /* delete for sum of digits */ 


Let R(y) be the corresponding function, and define the sum of Gray code digits constant as R := R(1/2)/2, 


then 
R = _ 0.7014723764037345207355955210641332088227989861654212954 .. 
[base 2] = 0.1011001110010011101100011001001110110011100100011011000. . 
[CF] = [0,1,2,2,1,6,10,1,9,53,1,1,3,10,1,2,1,3,2,14,2,1,2,1,3,4,2, 
1,34,1,1,3,1,1,109,1,1,4,2,9, 1,642, 51,4,3,2,2,2,2,1,2,3,...] 
One finds: 


1 1 q 1 
R{(s = R 
(s) = aler 


i y?" 
R = 
(y) fay Lig 
Define the constant P as P = (R+1)/2 
P =  0.8507361882018672603677977605320666044113994930827106477 . . 
[base 2] = 0.1101100111001001110110001100100111011001110010001101100. . 
[CF] = [0,1,5,1,2,3,21,1,4,107,7,5,2,1,2,1,1,2,1,6,1,2,6,1,1,8, 1, 


2,17,3,1,1,3, 1,54, 3, 1,1, 1,2, 1,4, 2, 321, 102, 2,6,1,4,1,5,2,...] 


(36.8-10) 


(36.8-11a) 
(36.8-11b) 


(36.8-11c) 


(36.8-12) 


(36.8-13) 


Its binary expansion is the paper-folding sequence (or dragon curve sequence), entry A014577 of [214]. 


36.8.4 Differences of the sum of Gray code digits 


Now define E(y) = (1 — y) R(y) to obtain the differences of the sum of Gray code digits. From this 


definition (and relation |36.8-12) one sees that 


lore) y> 
Ey) = x 7 gk+T 
k=0 iy 


All Taylor coefficients (except for the constant term) are either plus or minus one: 


E¥y) = O+yty—ytytty—y—y ty ty? ty yh —yPtyPs... 


[fxtbook draft of 2008-January-19] 


(36.8-14) 


710 Chapter 36: Synthetic Iterations * 


We have 
1 1 
E (<) = # (=) ze a (36.8-16a) 
E(y) = E(y’)+ ae ; (36.8-16b) 
(use Fu = ai where gq = 7 for the latter relation), thereby 


eo) = e(=) (36.8-17) 


Io = 0, Ry = 1, Yo = y (36.8-18a) 
Inii = Int+YnRn — Ely) (36.8-18b) 
Roar = (Lnt+1)+Yn (Rn - 2) (36.8-18c) 
Ya =: (36.8-18d) 


Implementation in pari/gp: 
ge(y, N=7)= 
{ 


local(L, R, Lp, Rp); 

/* correct up to order 2°N-1 */ 

L=0; R=1; 

for(k=2, N, 
Lp = (L 


)5 
return( L + y*R ) 
F 


The symbolic representations of the polynomials L and R should make the underlying idea clear: 


O++-++-- 
t++--+-- 


O++-++--+++--+-- 
t+t—-+4+---+4+--4-- 


O+t+-t+--+t+4+--+--t44-44---44--4-- 
t4t—tt--t44—-4---t4-t4---t4--4-- 


QO+t-t+--tt4--t--t ttt Ht nt ntti ttt tanta nati tte nate nten 
FHP ttt ttt ttt ato nto tot bette nto nat ttn tte tae 


The limit of the sequence L is entry |A034947 of [214]. It is a signed version of the paper-folding sequence. 
The sequence after the initial zero is identical to the sequence of the Kronecker symbols (=) for n = 
0,1, 2, 3, ..., see section on page Quick verification: 


? for(n=1,88,print1 (if (-1==kronecker(-1,n),"-","+"))) 
Http tte tt tp ta tt att tt ta tt tpn tpn tt ttn ttt tnt ttn tnt ttt nn 


Barer a wo oe oe oe 


We note that the (divisionless) algorithm is fast in practice, we compute the constant R as R = E(1/2) 
to more than 600 thousand decimal digits: 


? N=21 ; \\ number of iterations 

? B=2°N-1 \\ precision in bits 
2097151 

? D=ceil(B * log(2)/log(10)) + 1 \\ precision in decimal digits 
631307 

? default (realprecision,D) ; 


[fxtbook draft of 2008-January-19] 


36.8: Iterations related to the binary Gray code 


N 


r=ge(1.0/2, N) 
0.701472376403734520735595521064 [... + > 600k digits] 


HH 
RK last result computed in 2,726 ms. 


NN 


r-ge(1.0/2, N+2) \\ checking precison 
-3.7441927084196955405267873193815837984 E-631306 


p=(1tr)/2 
0.850736188201867260367797760532 [... + > 600k digits] 


~_ 


36.8.5 Weighted sum of Gray code digits 


711 


Define H(y) by its Taylor series H(y) = )7?2, h(k)y* where h(k) is the weighted sum of digits of the 


Gray code: 
wgs (k)= 


local(g,t,s); s=0; g=gray(k); 
for(n=0,33, st=if(bittest(g,n),1/27(n+1),0)); 
return(s); 


for(k=1,33, print1(" ",wgs(k))) 


1/2 

3/4 1/4 

3/8 7/8 5/8 1/8 
3/16 11/16 15/16 7/16 5/16 13/16 9/16 1/16 


3/32 19/32 27/32 11/32 15/32 31/32 23/32 7/32 5/32 21/32 29/32 13/32 9/32 25/32 17/32 1/32 


3/64 35/64 ... 


An iteration for the computation of H(y) is: 


Fi = y/2, By = 1/2, Y; =U 
A ee oe 
Ky = In-1/2 
Fy = (Fr-i i Ye: (Baer t hy). at @) 
By = (Fr-1 Tr Kn) T Yn Bn-1 ) 
I, = Ky (1+Yn) 
Implementation in pari/gp: 
gw(y, N=11)= 
{ 
local(t, ii, F, B, Fp, Bp); 
/* correct up to order 2°N-1 */ 
F=O0+y; B=1+0; ii=lty; 
ii /= 2; F /= 2; B /= 2; 
for (k=2,N, 
y *- y; 
ii /= 2; 
Fp = (F ) + y * (B+ ii); 
Bp = (F + ii) + y * @ 53 
F = Fp; B = Bp; 
ii *= (1+y); 


return( F ) 


} 


We define the weighted sum of Gray code digits constant as H := H(1/2), then 


H = 0.5337004886392849919588804814821242858549193225456118911... 
[base 2] =  0.1000100010100000100110000110000010010000101000000111100... 
[CF] = [0,1,1,6,1,11,4,5,6,1,13, 1,3, 1,18,5,77,1,2,2,3,1,2,1,1,...] 


[fxtbook draft of 2008-January-19] 


36.8-19a 
36.8-19b 
36.8-19¢ 
36.8-19d 
36.8-19e 
36.8-19f 


SSF A WE RS NEE EE 


(36.8-20) 


712 Chapter 36: Synthetic Iterations * 


We have: 


1 
rer) 
g—1 q 
i ¢ 
'@-@+q-1 
1 1 |q-1 1 g | 
H(--) = H 
( ") | q (=) ae ee a 


36.9 A function that encodes the Hilbert curve 


a 
Ol rR 
So 
lI 
bo] rR 
a | 
iQ 
Q/+ 
a 
a ™~ 
3) 


We define a function H(y) by the following iteration: 


A, = +tiy+1ly—-iy? 

R, = +iy-1y-iy? 

M= y 
wo = ¥ 
Ans, = —tR,t+Y, 4i+ A,t+ Yn (41+ An t+ Yn (-i+iRn))) 
Ret = AY, GteRs y, Ale ah.s ¥(i 


(36.8-21a) 
(36.8-21b) 


(36.8-21c) 


As the real and imaginary parts are swapped with each step we agree on iterating an even number of 


times. The resulting function H(y) is 


A(y) = 


The coefficients of the series are +1 and 
of coefficients is interpreted as follows: 


QO := goto start ’0’ 
+1 := move right ’>’ 
-1 := move left <2 
+i := move up 2 one 
-i := move down ay? 


Then, symbolically: 


H = 0>°<7 7 >V> 7 SVV<V>> TOV >> TST OT KKK TTT VDD TS TOT KKK TOKO SVK 77K OL 


O+ytiyr—ytiyttiyrtyo—iy’+yotiyr ty? -—iytH... 


(36.9-2) 


i, except for the constant term which is zero. If the sequence 


Follow the signs to walk along the Hilbert curve, see figure|1.19-A]on page An implementation is 


hh(y, N=4)= 
{ 


/* correct to order = 4°N-1 */ 
local(H, R, tH, tR); 
H= +I*y + 1*y"2 -I*y73; R= +I*y - 1¥*y72 -I*y73; 
for (k=2, N, 

y=y"4; 
-I*R + yx(+I + H + y*(+1 + H + y*(-I + I*R))); 
+I*H + y*(4+I + BR + ye(-1 + R + ye(-I - I*H))); 
H=tH; R=tR; 
return( H ); 


} 


The value of H(y) for y < 1 gives the limiting point in the complex plane when the walk according 
to the coefficients is done with decreasing step lengths: step number k has step length y*. The least 
positive y where the real and imaginary part of the endpoint are equal is yj = 0.5436890126920.... 
It turns out that y, is the real solution of the polynomial y? + y? + y—1. On might suspect that 
M(y) := Re H(y) — Im H(y), the difference between the real and the imaginary part of H(y), has the 


factor y3+y”?+y-—1. Indeed, M(y) =y(y?t+y2?ty—-Dyrtyty?-l)--- 


[fxtbook draft of 2008-January-19] 


and a similar statement 


36.9: A function that encodes the Hilbert curve 713 


is true for the P(y) := Re H(y) + Im H(y). We use this observation for the construction of a simplified 
and quite elegant algorithm for the computation of H(y). 


36.9.1 <A simplified algorithm 


Define the function P(y) as the result of the iteration 


Yi = Y, P, =~ 1 (36.9-3a) 
Prat = Py (414+Y,4+Y2 -Y,) (36.9-3b) 
ia = 7 (36.9-3c) 
P,-1 > P(y) (36.9-3d) 
and the function M(y) by 

Y = Y, M, = i (36.9-4a) 
Mnii = My, (-14+Y,+Y2+Y,) (36.9-4b) 
La = (36.9-4c) 
yM, — M(y) (36.9-4d) 

Now the function H(y) can be computed as 

1 ; 

Hty) = 5 (Pw) + M(y)) +7(P(y) — M(y)) (36.9-5) 


The following implementations compute the series up to order 4% — 1: 


fpp(y, N=4)= 

{ 
local( t, Y ); 
t=1; Y=y; 


for (k=1, N, t *= (4+1+Y+Y°2-Y73); Y=Y74; ); 
return( t-1 ); 


} 
fmm(y, N=4)= 
{ 
local( t, Y ); 
t=1; Y=y; 
for (k=1, N, t= (-1+Y+Y72+Y73); Y=Y°4; ); 
return( t*y-Y ); 
} 


hhpm(y, N=4)= 
{ 


local( tp, tm ); 


tp = fpp(y); 
tm = fmm(y); 
return( ((tpt+tm) + I*(tp-tm))/2 ); 
} 
With a routine tdir() that prints a power series with coefficients € {—1, 0, +1} symbolically we obtain: 
? N=4; 
? tdir(fpp(y)) ;tdir(fmm(y)) ; 
Q+t—t ti tt tat tt titted ton t ttt patton at po tn ttt 
O+---- tt tite ttt ttt tea ta ttt pt pe ttt to tte 


? tdir((fpp(y)+fmm(y))/2) ;tdir((fpp(y)-fmm(y) )/2) ; 
Q+0-00+0+0+00-0++0+0++0-0+0--0-000+0++0-0+0--0-0--0+00-0-0-00+0-00 
00+0++0-0+0--0-00+0-00+0+0+00-0+++0-00+0+0+00-0+00-0--0+0-0++0+0++ 


The n-th coefficient of the Taylor series of P(y) equals the parity of the number of threes in the radix-4 
representation of n. This fact can be used for an efficient bit level algorithm, see section on page [51] 


The coefficients of the Taylor series of the function P can be obtained by a string substitution engine: 


[fxtbook draft of 2008-January-19] 


714 


Chapter 36: Synthetic Iterations * 


Number of symbols = 2 


Start: + 
ules: 
+ --> +4++- 
- --> ---+ 


t4tit4+4-F44----4+ 


0 

1 

23 (#=16 
3: =64 

‘i FEF EHH F4 $F itt ttt ton iH ttt titan nto ttt 


: (#=256) 
FHEPAF FEAF F HAHAH FEE PAF tPF tba RRP EPPO PEt ttn ptt FF tot tt tttott oo, 


Ot4-444+-444+--- HF ttt ttt toate ttt donb $F 4t-44+ == fpp() 


Similarly for M: 


Number of symbols = 2 


Start: + 
Rules: 

+ --> -+++ 
0 (#=1) 
1 (#=4) 

+++ 
2: (#=16) 

+----444-444-444 
3: (#=64) 

tt $4---4$--- 4 tt tat ttt tte nn ttt ttt tant tata t tt 
4 (#=256) 

Ham AHF titttattt ttt tnt ta tt tnt tt ttn ttt ttt te, 
Qt----+++-t4+-444+-+4+44---4---4----t44t4---4---4----tt44+---4+---4+---- == fmm() 


36.9.2 The turns of the Hilbert curve 


We compute a function with series coefficients € {—1,0,+1} that correspond to the turns of the Hilbert 
curve. We use +1 for a right turn, —1 for a left turn and zero for no turn. The sequences of turns starts 


as 


0--+0++--++0+--0-++-0--++--0-+4+00++-0--++--0-++-0--+0++--++0+--+ \ 
0++-0--++--0-++0+--+0++--++0+--00--+0++--++0+--+0++-0--++--0-++- \ 
-++-0--++--0-++0+--+0++--++0+--00--+0++--++0+--+0++-0--++--0-++0 \ 
+--+0++--+4+0+--0-++-0--++--0-+4+00++-0--+4+--0-++-0--+0++--+4+04-- 12. 


The computation is slightly tricky: 


hht(y, N=4)= 


{ 


/* correct to order = 4*N-1 */ 
local( t, Y, F, s, p ); 
t=1; Y=y; pe=1; 


F=yt+y2; 
for (k=2, N, 
Y= Y*4; 
t = -F + Y*F + Y°2*F - Y°3xF; 
p *= 4; 
if ( 0==(k%2), 
t t= y°(1*p-1); 
t t= y7(3*p); 
t -=  (yt1)*y* (2*p-1); 
, /* else */ 
t t= y7(1*p); 
t += y*(3*p-1); 
); 
F=t; 
Ds; 


if ( 1==N%Z2, F =-F ); \\ same result for even and odd N 
return( F ); 


[fxtbook draft of 2008-January-19] 


36.10: Sparse variants of the inverse 715 
36.10 Sparse variants of the inverse 


36.10.1 A fourth order iteration 


Define the function F'(y) as the result of the iteration 


Fo = 1, Yo = f (36.10-1a) 
Foot = yx(l1+Yn) — Fly) (36.10-1b) 
Ynui = Yj (36.10-1c) 


The terms of the continued fraction of F(1/10) grow doubly exponentially: 


1, 9, 1, 90, 110, 909000, 11001100000, 9090000090900000000000, 
11001 10000000000110011000000000000000000000, 
90800000909000000000000000000000909000009090000000000000000000000000000000000000000000 


Let [to,t1, t2,...] be the continued fraction of F(1/q), then 


f = 1 (36.10-2a) 
ti) = q-l (36.10-2b) 
tg = 1 (36.10-2c) 
ig = @-@ (36.10-2d) 
ta = @t+a (36.10-2e) 
tt = @®-g+¢-¢ (36.10-2f) 
t = g?t+@t+at+¢@ (36.10-22) 
tr = q?? _ gq? 4 q?° _ q) 4 git — q3 cn gi? — git (36.10-2h) 
tg = q’? ois qt ei. q? a q?" 4 | g?6 ie gq 4 Lg? a gt (36.10-2i) 
tg — ‘ia ig ge ge g? gq q® q® f (36.10-2)) 

a oe ges g a a g gq 
For j > 4 we have 
t; 
= = g@+q’ = qi (gq? +1) where J=27* (36.10-3) 
j-2 
A functional relation for F' is given by 
1 
F(y) F(y?) = ta (36.10-4) 


The relation is (mutatis mutandis) also true for the truncated product. The binary expansions of F'(y), 
F(y?) and their product for y = 1/2 are (dots for zeros): 
SU de Deva! at ey) Reston a ahs DD asia TA ace: sa arie desserts Gyice. Sines ats bl pees acca gta eae ayaa, aie fee atue eee Roe ts 


1,1 
CECE Ge EEE CESERGERE Ceo yeehe Gehk EGE EER ERG EERE ECEER SRG Ler ER GG eee 


Since the expansions are palindromes also their correlation is a sequence of ones. Now set Fy := F(y*) 


then, by relations |36.10-4] and |36.1-16e|on page (for k = 2, 3, and 5), 
0 


= FR-2F, hast (36.10-5a) 
= FPF3}-F3 Fs BFP FS -3F, +1) (36.10-5b) 
= FPF}-Fok (6 FF) -10F2 F3+10F2? FR -5 FR, R+1) (36.10-5c) 


We note that for power series over GF(2) relation |36.10-4| becomes F(y)? = 1/(1 — y). That is, F(y) = 
WV1l—y. In general, an iteration for the inverse (2 — 1)-st root is obtained by replacing relation |36.10-1c 
with Yin = fa 


[fxtbook draft of 2008-January-19] 


716 Chapter 36: Synthetic Iterations * 


36.10.2 A different fourth order iteration 

To define the function F(y) we modify the third order iteration for _ 
inv3m(y, N=6)= /* third order --> 1/(1+y) */ 

{ /* correct to order 3°N */ 


local (T); 
T= 1; 
for(k=1, N, 
T*= (1-yty2); 
y= y3; 
return( T ); 
} 
to obtain a fourth-order iteration: 
£43(y, N=6)= 


{ /* correct to order 4°N */ 
local(T, yt); 
T= 41; 
for(k=1, N, 
T*= (1-yty2); 
yaya; /* 1 */ 


return( T ); 


} 
That is, 

Fo = 1, Yo = Yy (36.10-6a) 

Four = Fhl-Yyt+Y2) - Fly) (36.10-6b) 

Yrui = Y (36.10-6c) 


The first few terms of the power series are 


Fly) = l-yty?-ytty—yP ty —yP ty — St yl — 8 4 y® — y+... (36.10-7) 


Let [to,t1, t2,...] be the continued fraction of F(1/q), then 


ie (36.10-8a) 
2 (36.10-8b) 
fo = q (36.10-8c) 
is = q (36.10-8d) 
ig = -¢@ (36.10-8e) 
tj = @+q-q-1 (36.10-8f) 
te = @-qt+¢-+e-¢ (36.10-8g) 
tp = Petqhe—-qhtg t+qe-@-q+-G-¢ (36.10-8h) 
For j > 6 we have 
a = tht @ td =P tYNO*- +H" +) (36.10-9) 


where J = 2/~°. The terms of the continued fraction of F(1/q) for integer q grow doubly exponentially: 


? contfrac(f43(0.5)) 
(0, 1, 2, 2, 2, 21, 180, 92820, 3032435520, 26126907554432455680, 
240254294248527099500117907463345274880, 
164001256750215347067944129734442019102853751066678216639025390799096507 269120, 


/* number of decimal digits of the terms in the CF: */ 
[-, 1, 1, 1, 1, 2, 3, 5, 10, 20, 39, 78, 154, 309, ... ] 


[fxtbook draft of 2008-January-19] 


36.10: Sparse variants of the inverse 717 


By construction, 


Fly) = (l-y+y’) F(y’) (36.10-10a) 
F-y) = (lt+yty’) Fy’) (36.10-10b) 


The equivalent forms with y = 1/q are 


1 Page. 71 
F (<) ae eee | ( | (36.10-11a) 
q q q 
1 24 q4+1_/1 
F (-<) ee es F( | (36.10-11b) 
q q q 
Now q?-—qt+1=p?—p+1 if p=1-4q,s0 
1 eco ic" 
F (1 = -) - 1 i" "p ((: = -) where g>1 (36.10-12a) 
q q q 
1 eer ea i? 
F (1 a ) = fT P ((: af ) where q<—l (36.10-12b) 
q q q 


Adding relations ax (36.10-1la) and Gx (36.10-12a) and simplifying gives 


aF(y)+6F(—y) 


2 

= —y+1 where a,GEC 36.10-13 
aFw) tardy) ~ %Y oer 

36.10.3 <A sixth order iteration 

Define the function F'(y) by the iteration 

RF = 1, %NY=y (36.10-14a) 
Fray = Fr(l\t+Y¥nt¥2) — Fly) (36.10-14b) 
ag = (36.10-14c) 


Let [to, ti, t2,...] be the continued fraction of F(1/q), then 


t = 1 (36.10-15a) 
th = q-il (36.10-15b) 
ig = gl (36.10-15c) 
ig = g-@ (36.10-15d) 
tr = G°+P+P@t+ P+ PtH (36.10-15e) 
ts = @-q'+q-¢ (36.10-15f) 
te = ie sie gf es a? at go 1 gt ale gre ae, q" ae gt 4 ge ae (36.10-15g) 
a q-’ g” q? gq or” mad 4 a” 4 eo 
ty _ en qo g "lah g go i ge (36.10-15h) 
tg = GPrg??+...4g°7 +9 (36.10-15i) 
For j > 4 we have 
: J J/2 A 7 
a = { Tao +B + gt! +g) +74) /(q? +1) =e oe (36.10-16) 


where J = 6/~4, 


[fxtbook draft of 2008-January-19] 


718 Chapter 36: Synthetic Iterations * 
36.11 An iteration related to the Fibonacci numbers 


The so-called rabbit constant is 


A = 0.7098034428612913146417873994445755970125022057678605169... (3611-1) 
[base 2} = 0.1011010110110101101011011010110110101101011011010110101... 
[CF] = [0,1,2,2,4,8, 32, 256, 8192, 2097152, 17179869184, 


36028797018963968, 618970019642690137449562112, ...] 

[OP eo oP ea OP | 
The sequence of zeros and ones after the decimal point is referred to as rabbit sequence or infinite Fibonacci 
word, entry A005614 of [214]. The rabbit sequence can be obtained by starting with a single zero and 


repeated application of the following substitution rules: simultaneously replace all zeros by one (0 — 1, 
‘young rabbit gets old’) and all ones by one-zero (1 — 10, ‘old rabbit get child’). The evolution is: 


Sree rrrr> 
NOORWNRO 
Vv 


BRRERRHHHO 
CDOOCOOO 


QO1 
01101101011011010110101... 


The crucial observation is that each element A, can be obtained by appending A,_2 to An_j, that 
is A, = A,_1.An_2. To compute the value of the rabbit constant in base 2 to N bits precision the 
whole process requires only copying N bits of data is the minimal conceivable work for a (non-sparse) 
computation. 


We define a function A(y) that has the special value 


A = 54 (5) (36.11-2) 


by the equivalent operation for power series. We obtain the iteration 


Ion = 0 R=1 bh=1 m=y (36.11-3a) 
Li = ty Sy (36.11-3b) 
hig = tly ay (36.11-3c) 
Inti = Rp (36.11-3d) 
Rast = Rattniilin = Raty?™'Ln — Aly) (36.11-3e) 


Here F;, denotes the n-th Fibonacci number (sequence |A000045) of ): 
n 012 3 4 5 6 7 8 9 10 11 12 13 14 1B: Spc 
Fn O 1 1 2 3 5 8 13 21 34 55 89 144 233 377 610... 
After the n-th step the series in y is correct up to order F;,,2—1. That is, the order of convergence 


equals “+! =~ 1.6180. The function A(y) has the power series 


A(y) _ l+ytytyty tytylstytsty ns gh ea gy? a gO get (36.11-4) 
The sequence of exponents of y in the series is entry |A022342 of [214], the Fibonacci-even numbers. A 
pari/gp implementation is 
fa(y, N=10)= 


local(t, yl, yr, L, R, Lp, Rp); 
/* correct up to order fib(N+2)-1 */ 
L=0; R=1; yl=1;  yr=y; 


1No sex, no death. 


[fxtbook draft of 2008-January-19] 


36.11: An iteration related to the Fibonacci numbers 719 


for(k=1, N, 
t=yr; yr*=yl; yl=t; 
Lp=R; Rp=R+yr*L; L=Lp; R=Rp; 


return( R ) 


36.11.1 Fibonacci representation 


p aaeeO apt ea nOR GOR Seo nBb Tae seannG( aah eeesne (aay eanoel Pa saorbe rear ereereey 


B. 
rae 
pare 
fae 
pare 
B. 
b. 
ae 
ae 
fae 
Bb. 
ae 
fare 
ae 
fare 
pare 
ae 
rae 
fae 
fae 
pare 
-NWOT00 


. 
fae 
. 
. 
fae 
. 
b. 
fae 
a 
ae 
fa 
fae 
. 
. 
. 
fae 
ae 
. 
fae 
. 
RNWOTOWE BOT 


splined ods selves desde id scdacidecada alo kbeds oo pdeakes ade howe dog ead cwde 
Adela ei eee ol ae ede ea a a 
.11121221222312223233122232332333412223233233342333434412223233233342333434423334 
TA As cde A1 oe Ad eh ed ed ddd ed. oS 2 


wn 


Figure 36.11-A: Fibonacci representations of the numbers 0...80. A dot is used for zero. The two 
lower lines are the sum of digits and the sum of digits modulo two, the Fibonacci parity. 


The greedy algorithm to obtain the Fibonacci representation (or Zeckendorf representation) of an integer 

repeatedly subtracts the largest Fibonacci number that is greater or equal to it until the number is zero. 

The Fibonacci representations of the numbers 0...80 are shown in figure|36.11-A 

The sequence of lowest Fibonacci bits is 
01001010010010100101001001010010010100101001001010010100100101001... 


Interpreted as the binary number x = 0.10010100100102 ... = 0.5803931... it turns out that A = 1—a/2 
(that is, ¢ = 2 — A(1/2)). Alternatively, one can compute the number as x = A[1,0,1, 1/2]. 


The sequence of numbers of digits in the Fibonacci representations (second lowest row in figure|36.11-A) 
is entry A007895 of [214]. This sequence modulo two gives the Fibonacci parity, it can be computed by 
initializing Zo = 1 and changing relation |36.11-3e]on the facing page to 


Revit = Ra-—tatiln = Ra-—y™ Ln — Aply) (36.11-5) 
Let the corresponding function be A,(y). We define the Fibonacci parity constant Ap as 


Ap = 1-—A,(1/2)/2 (36.11-6a) 
=  0.9105334708635617638046868867710980073445812290069376454... (36.11-6b) 
0.11101001000110001011100010110111010001011011100111010010... 
[CF] = [0,1,10,5,1,1,1,3,4,2,6,25,4,5,1,1,3,5,1,3,2,1,1,1,3, 1,3, 22,1, 
10, 1,2, 3, 2, 73, 1, 111, 46, 1,51, 2,1,1,5, 1,65, 3, 1,3,2,5,6,1,4,1,2,..] 


The sequence of bits in the binary expansion of A, is entry A095076)of [214]. 
The sequence of the Fibonacci representations interpreted as binary numbers is 


0, 1, 2, 4, 5, 8, 9, 10, 16, 17, 18, 20, 21, 32, 33, 34, 36, 37, 40, 
41, 42, 64, 65, 66, 68, 69, 72, 73, 74, 80, 81, 82, 84, 85, 128, 129, 


This is entry A003714)of [214], where the numbers are called Fibbinary numbers. Define F2(y) to be the 
function that has the same sequence of power series coefficients: 


o 
% 
fo} 

— 

I 


F(y) = O4+1y+2y?+4y3+5y4+8y°4+9y%+10y? +16y8 + 17y? +18y!94... (36.11-7) 


[fxtbook draft of 2008-January-19] 


720 Chapter 36: Synthetic Iterations * 


A slightly more general function F,(y) (which for b = 2 gives the power series above) can be computed 
by the iteration 


In = 0, Ro = Y; lo = Y, ro = Y (36.11-8a) 

Ap = 1, Bo = 1, b=2 (36.11-8b) 
Ani1 = OBn (36.11-8c) 
Baar = 6[Battn An] (36.11-8d) 
Ingt = m = yo (36.11-8e) 
Tat = Tala = (36.11-8f) 
Inyit = Rn (36.11-8g) 
Raat = Ratna [Int Anti] — Fly) (36.11-8h) 


A pari/gp implementation is 


ffb(y, b=2, N=13)= 

{ /* correct up to order fib(N+3)-1 */ 
local(t, yl, yr, L, R, Lp, Rp, Ri, Li); 
L=0; R=0+1*y; 


Li=1; Ri=1; 
yl=y; yr=y; 
for (k=1, N, 


Lix=b; Ri*=b; 
Lp=Ri; Rp=Rityr*Li; Li=Lp; Ri=Rp; 
tyr; yr*=yl; yl=t; 
Lp=R; Rp=Rtyr*(L+Li); L=Lp; R=Rp; 
)5 
return( R ) 


} 
The sequence of coefficients 
1, 6, 14, 35, 90, 234, 611, 1598, 4182, 10947, 28658, 75026, 196419, 514230, ... 


coincides (disregarding the initial one) with entries |A032908) and A093467 of [214]. Let B(x) be the 


function with power series coefficients equal to one if the exponent is a Fibbinary number and zero else: 


Bia) = 1tatattattah + co + e2 to 4 ope eB po +... © (3611-9) 
Then a functional equation for B(a) is (see entry A003714) of [214]) 
B(«) = 2 B(x*)+ B(2?) (36.11-10) 


We turn the relation into an recursion for the computation of B(x) correct up to the term 2%: 
fibbi(x, N=25, nr=1)= 
{ 

if ( nr>N, return( 1) ); 

return( x*fibbi(x*4,N,4*nr)+fibbi(x°2,N,2*nr) ); 


We check the functional relation: 


? N=30; R=O(x*(N+1)); \\ R is used to truncate terms of order >N 
? t=fibbi(x,N)+R 
1+x+ x72 + x°4 + x75 + x78 + x79 + x710 + x716 + x717 + x718 + x°20 + x721 + O(x731) 
? t2=fibbi(x*2,N)+R 
1+ x72 + x°4 + x78 + x710 + x716 + x718 + x720 + O(x731) 
? t4=x*fibbi(x*4,N)+R 
x + x75 + x79 + x717 + x721 + O(x731) 
? t-(t4+t2) 
0(x731) 


36.11.2 Digit extract algorithms for the rabbit constant 


The spectrum of a real number x is the sequence of integers |k-a| where & = 1,2,3,.... As mentioned 
in [240], the spectrum of the golden ratio g = v5+1 = 1.61803... gives the exponents of y where the 
series for y A(y) has coefficient one: 


[fxtbook draft of 2008-January-19] 


36.11: An iteration related to the Fibonacci numbers 721 


bt(x, n=25)= 


local (v); 

v = vector(n); 

for (k=1, n, v[k]=floor(x*k)); 
return ( v ); 


g=(sqrt (5)+1)/2 
1.618033988749894848204586834365638117720309179805762862 


bt(g, n) 
[1, 3, 4, 6, 8, 9, 11, 12, 14, 16, 17, 19, 21, 22, 24, 25, 27, 29, 
30, 32, 33, 35, 37, 38, 40, 42, 43, 45, 46, 48, 50, 51, 53, 55, 56, 
58, 59, 61, 63, 64] 


t=taylor(y*fa(y) ,y) 


yry3s3+y4+y6et+y 8+ y79 + y"1il + y°12 + y°14 + y7"16 + y7"17 + 

y19 + yo2i + y~22 + y"24 + y= 25 + y°27 + y°29 + y~30 + y~ 32 + y~33 + 
y°35 + y°37 + y°38 + y°40 + y°42 + y°43 + y°45 + y°46 + y"48 + y750 + 
y°51 + y°53 + y755 + y7*56 + y~58 + y°59 + y~61 + y~63 + y~64 + OCy*66) 


The sequence [1, 3, 4, 6, ...] of exponents where the coefficient equals one is sequence A000201) of [214]. 
There is a digit extract algorithm for the binary expansion of the rabbit constant. We use a binary search 
algorithm: 


bts(x, k)= 
{ /* return 0 if k is not in the spectrum of x, else return index >=1 ¥*/ 
local(nlo, nhi, t); 
if ( 0==k, return(0) ); 
t = 1+ ceil(k/x); \\ floor(t*x)>=k 
nlo = 1; nhi = t; 
while ( nlo!=nhi, 
t = floor( (nlo+nhi)/2 ); 
if ( floor(t*x) < k, nlo=t+i, nhi=t); 


); 
if ( floor(nhi*x) == k, return(nhi), return (0)); 
} 


g=(sqrt (5)+1)/2 
for (k=1,65,if (bts(g,k) ,print1("1") ,print1i("0")));print() ; 
10110101101101011010110110101101101011010110110101101011011010110 


The algorithm is very fast, we compute 1000 bits starting from position 1,000,000,000,000: 


g=(sqrt (5)+1)/2 

dd=10°12; /* digits starting at position dd... */ 

for (k=dd,dd+1000,if (bts(g,k) ,printi("1") ,print1("0")));print() ; 
a aaa aa 
--snip-- 
EK last result computed in 236 ms. 


The connection between the sequence of lowest Fibonacci bits and the rabbit constants allows even more. 


Subtracting the Fibonacci numbers > 1 until zero or one is reached, gives the complement of the rabbit 
sequence: 


fpn=999; 
vpv=vector(fpn, j, fibonacci(j+2)); /* vpv=[2,3,5,8,...] */ 
t=vpv[length(vpv)]; 
log (t) /log(10) 
208.8471... /* ok for range up to >10°200 (!) */ 


flb(x)= 
{ /* return the lowest bit of the Fibonacci representation */ 
local(k, t); 
k=bsearchgeq(x, vpv); 
while ( k>0, 
t = vpv[k]; 
if (x>=t, x-=t); 
k-— ); 
return ( x ); 


dd=0; 

for (k=dd,dd+40,t=f1b(k) ;print1(1-t)) 
10110101101101011010110110101101101011010 

/* 0.10110101101101011010110110101101101011010 rabbit constant */ 


[fxtbook draft of 2008-January-19] 


722 Chapter 36: Synthetic Iterations * 


The routine bsearchgeq() does a binary search (see section [3.2] on page |117) for the first element that 
is greater or equal to the element sought: 


bsearchgeq(x, v)= 
{ /* return index of first element in v[] that is >=x, return 0 if x>max(v[]) ¥*/ 
local(nlo, nhi, t); 
nlo = 1; nhi = length(v); 
while ( nlo!=nhi, 
t = floor( (nlo+nhi)/2 ); 
if ( v[t] < x, nlo=t+1, nhi=t); 


); 
if ( v[mhi] >= x, return(nhi), return (0)); 
} 


We compute the first 1000 bits starting from position 1017: 
dd=107100-1; 
for (k=dd, dd+1000, t=flb(k); print1(1-t)) 
a ene 
--snip-- 
EK last result computed in 1,305 ms. 


36.12 Iterations related to the Pell numbers 


Replacement rules: simultaneously replace all zeros by one (0 — 1) and all ones by one-one-zero (1 — 110). 


101 

1011101101110110111011... 

Now the construction is B, = By_-1.By_1.By_—2. The length of the n-th string is 
Pn = 1, 1, 3, 7, 17, Al, 99, 239, nas Pk= 2Pr-1 + Pr—2 


This sequence is entry A001333) of [214], the numerators of the continued fraction of 2. The sequence 
B of zeros and ones is entry A080764, The Pell numbers are the first differences (and the denominators 
of the continued fraction of 2), sequence A000129 


0, 1, 2, 5, 12, 29, 70, 169, 408, 985, 2378, 5741, ... 


Now define the function B(y) by the iteration 


Lo 1, Ro = 1+4+y, lo = Y, ro = Y (36.12-1a) 
Lo ey (36.12-1b) 
iat = Tl, (36.12-1c) 
Lig th cer (36.12-1d) 
Rngt = Ratrngi Rnt7r24,ln — Bly) (36.12-1e) 


After the n-th step the series in y is correct up to order py. That is, the order of convergence is /2 +1 
~~ 2.4142. Implementation in pari/gp: 


fb(y, N=8)= 
{ 


local(t, yr, yl, L, R, Lp, Rp); 
L=1; R=it+y; yl=y; yr=y; 
for (k=1,N, 

t=yr; yr*=yr*yl; yl=t; 

Lp=R; Rp=R+yr*R+yr72*L; L=Lp; R=Rp; 
); 


return( R ) 


[fxtbook draft of 2008-January-19] 


36.12: Iterations related to the Pell numbers 723 


We obtain the series 


By) = 1l4yty ty tyicy ty tyr ty ty? ty ty ty ey ty +... (8612-2) 


Define the Pell constant B as B = 5 B(5), then 


B = 0.858267656461002055792260308433375148664905 1900835067786...  (36.12-3) 
[base 2} = 0.11011011101101110110110111011011101101101110110111011011... 
[CF] = [0,1,6,18, 1032, 16777344, 288230376151842816, 


139379657490816394634598239204272 1617379328, . . .] 


For the terms of the continued fraction we note 


6 == 272+ 271 
18 == 2°4+ 271 
== 2710 + 273 
16777344 == 2724+ 2°7 
288230376151842816 == 2°58 + 2°17 
1393796574908163946345982392042721617379328 == 27140 + 2741 
36.12.1 Pell palindromes 
Define the function P(y) by 
Io = 1, Ro = 14+’, lo = Y, m= y (36.12-4a) 
Ingt = Tr (36.12-4b) 
ra = Fly, (36.12-4c) 
Lntit = Rn (36.12-4d) 
Rngt = Ratrnatlnattntilnsgi hn — Ply) (36.12-4e) 


Note that Ro is a palindrome and in relation |36.12-4e]the combination of the parts gives a palindrome. 


For Ro =14+y+y? the iteration computes = 


Define the Pell palindromic constant as P = P(1/2)/2, then 


P = _ 0.7321604330635328371645901871773044657272986589604112390... (36.12-5) 
[base 2} = 0.1011101101101110110111011011101101101110110111011011011... 
[CF] = [0,1,2,1,2,1,3,17,1, 7, 2063, 1, 63, 268437503, 1, 8191, 590295810358974087167, 


1, 1073741823, 374144419156711147060143317175958748842277436653567, 1, ...] 


By construction, the binary expansion is a palindrome up to lengths 1,3, 7,17, 41,99, 239,.... 


The sequence of zeros and ones in the binary expansion of P is entry A104521)of . It can be obtained 
by the replacement rules (0 — 1) and (1 — 101): 


WIUVVUVUUU 
OIRBWNFO 
Vv 


RBRRRRHO 
lelelelele) 
BREE 
RRR 
RRR 
lelelele} 
PeeR 


10111011011011101101... 


36.12.2 Pell representation 


To obtain the Pell representation of a given number n, set t = n repeatedly subtract from t the largest 
number p; € {1, 3, 7, 17, 41, 99, 239,...} that is not greater than t. Stop when t = 0. The number of 
times that pz, has been subtracted gives the k-th digit of the representation. The resulting digits are 0, 
1, or 2. If the k-th digit equals 2 then the (k — 1)-th digit will be zero. 


[fxtbook draft of 2008-January-19] 


724 Chapter 36: Synthetic Iterations * 


Be caeSG Peo Saanne Gey sees sor aes Seoee O71 Seb eesen tary sae sser eas paospe reat eesoerery 


Rana 
RRS 
ee 
a 
Ne, 
Nore: 
NI 
PR 
aoa 
FRE 
NBR 
NBR 
NBR 
Ne 
NOR 
Ne 
Ne 
NR: 
Ne 


EE Ds be ?5? > eee es es Eck bs 222 1111111222...,... 1 
. 1112. Dis eae ate 1492. 1992. DIT ee 1112. 
112712. 2412712. 212112712. 112.12.212112.12. 212.12. 212.12. °12112.12. 212.127 °12)12.12 


. 12123212323432341232343234345434523434541232343234345434523434543454565456345456 


.1212.212.2.1.2.112.2.1.2.1.121.122.1.12112.2.1.2.1.121.122.1.121.1212.212..1212. S%3 
dade d ltd etd LL tld ttl eA ell ded Ale 2d tle Sef 2 


ae 
a 
anne 
a 


Figure 36.12-A: Pell representations of the numbers 0...80 (dots for zeros). The three lower lines are 
the sum of digits and the sum of digits modulo three and two. 


The function S(y) that has Taylor series coefficients corresponding to the sum of Pell digits 


S(y) = O+1y+2y? + ly? + 2y* + 3y° + 2y° + 1y” + 2y® + 3y° + 2y?? + 38y"? + 4y’? 4 (36.12-6) 
can be computed via the iteration (see section [36.7] on page 
Io = QO, Ro = 0+ y+2y’, lo = 9, r= Y (36.12-7a) 
Ap = 1, Bo = 1lt+yt+y* (36.12-7b) 
Ingt1 = Tn (36.12-7c) 
iy SP le (36.12-7d) 
Deda = Be (36.12-7e) 
Rngt = Ratrngi (Rn + Bn) +724, (Ln+24n) = S(y) (36.12-7f) 
Anti = Br (36.12-7¢) 
Brat Bn +Tn41 Bn +7241 An (36.12-7h) 


Implementation in pari/gp: 
fs(y, N=8)= 
{ 


local(t, yr, yl, L, R, Lp, Rp, Li, Ri); 
L= 0; R= O+y+2¥y72; 


Li = 1; Ri = ityty"2; 
yl=ys; yr=ys 
for (k=1,N, 


t=yr; yr*x=yr*yl; yl=t; 
Lp=R; Rp=Rt+yr*(R+Ri)+yr*2*(L+2*Li); L=Lp; R=Rp; 
Lp=Ri; Rp=Rit+tyr*Rityr 7 2*Li ; Li=Lp; Ri=Rp; 

)5 

return( R ) 


} 


The series coefficients grow slowly, so the first few of them can nicely be displayed as 


s(35) =  0.1212321232343234123234323434543452343454123234323434543... (36.12-8) 


36.12.3 Pell Gray code 


Figure [36.12-B] gives a Gray code for the Pell representations. The Gray code can be constructed recur- 
sively as shown in figure[36.12-C] In the algorithm each block is split into a left and a right part (indicated 
by the ‘*’. The next block is created by appending to the current block its reverse with ones on top and 
appending the left part with twos on top. The iteration can actually be started with a block of a single 


[fxtbook draft of 2008-January-19] 


36.12: Iterations related to the Pell numbers 725 


Bees sneT ell Leet COR tee RO (Oot cea O ie Peano Lou pt ae ener pda Lescpe eel dzone tees 


BEA arose cue at etctate sheccvan oe danas tBcle Saouatanns satuaas Seles b arsauiey avert celaepse cia seuisn ejenabecttage otaja. iseade tt cstays woken oy tiate aire sedec eeu eas 2 
bccn eae td 21d ye Me Astns Ghd wed tes Sak gad O eae yea tes bela Pa ae aN ie CAN doe ate as eth sw Tec ac game taledats 2a Macias at NV Gie ns 9 
ope BES, tata Ge aeewtc ede Spe seca aha? fay iets ae aad Manakinayn eal 1 11111111111111111 7 

v4 


111111 
111411 ap a es Bi eee a eee 
C RepOMACaRREN | 11112222221111111...... 
asi tai 43 : 


FAP 


». 211122 3 
.1221.... 1 
. 12321232343212345432345434323432123454345456543234543454565434565432345434323432 : 

S 


rae 


212.212.2.1.212.121.2.121.1.2.1.212.121.1212.21.2.121.1212.21.12.21.2.121.1.2.1.2 
eh sisde tel Adee eT ee ed Ted ted Pee Te hehe Pde olde ted 1 


3 
1 


Figure 36.12-B: A Gray code for Pell representations. A dot is used for zero. The three fol- 
lowing lines are the sum of digits and the sum of digits modulo three and two. The sequence is 
0,1,2,5,4,3,6,13,10,11,12,9,8,7,14..., the difference between successive elements is a Pell number. 
The lowest block gives the Pell representations of the (absolute) differences, the Pell ruler function. 


12 
-e. 1112 
142 31.7 
hie 1111111222 

“S44id 2111.0 747 

422177 771201) 542 
adcheares nates ste Dia 141411111111111112222222 
ENG iiiiiii22d 2297111111. 
Ba Ki) bib Laem eres 11120141. 123: ii 
$4997.77 .1221! 12 94:141097.77. 1221: 21221." 


Figure 36.12-C: Construction for a Gray code for Pell representations. 


zero (the left part being also a single zero). This is done in the following algorithm. 


bye Sy, Sy BR, pe (36.12-9a) 
fo Sy Ff St, Yoag,. Yoreoce (36.12-9b) 
or ae 6a-= 2b. (36.12-9c) 
Py = )+¥n (Ba tobnIn) + Y¥? (Fitenti) 7 Gly) (36.12-9d) 
Bnav = (Bi t+enl)+Y, (Fat bn In) + ¥f Yn (Bn ) (36.12-9e) 
Dig. = dey Yedach Ye (36.12-9f) 
Veit 0 (36.12-9¢) 
Paige Ee Dendy a la (36.12-9h) 
pane — aes ior Voi Sin (36.12-9i) 


Implementation in pari/gp: 
per(y, N=11)= /* Pell Gray code */ 
{ 


local(iir, iil, yl, yr, Fl, F, Bl, B, b, c); 
local(t, tf, tb); 

/* correct up to order pell(N+1)-1 */ 

F=0; F1=0; B=0; B1=0; 

iil=1; iir=1; yl=y; yr=y; 


for(k=1, N, 
b = 4°(k-1);\ c = 2b; /* b = pell(k) ;*/ 
ti = (F ) + yr * (B + b*iir) + yr*yr * (Fl + c¥*iil); 
tb = (Bl + c¥iil) + yl * (F + beiir) + yl*yr * (B ); 
Fl = F; Bl = B; 
F = tf; B = tb; 
t= iir; iir += yr*(iir + yr*iil); iil =t; 
t=yr; yr *= (yrtyl); yl =t; 


[fxtbook draft of 2008-January-19] 


726 Chapter 36: Synthetic Iterations * 


fl 
“~ 
BRS 
we 
x 
KR 
fl 
oN 
x 
we 


> 
u 
+R 


Y 
+ 
< 
VY 


> N 


y°15 + y°14 + y°13 + y712 + y°1i + y710 + y"9 
yr+y6+y 5+ y4ty 3+ y2+y + 1) 

z “At y 3+ y2+y + 1) 

32 y714 

+ 18 y°11 + 22 y"10 + 21 y°9 + 20 y"8 + 24 y°7 
y4+6y°3+2y2+ y) 
3+ 
2 

) 


rq 


5 y°i2 + 4 y"11 + 8 y~10 
1 y°7 + 22 y6+ 18 y°5 + 17 y°4 + 16 y°3 


w 
i] 
oo. 
< 
B 
WNOORS 


return( F ) 


} 
It is instructive to look at the variables in the first few steps of the iteration, see figure ]36.12-D 
The Taylor series for G'2(y) is 
Ga(y) = O+1y+4+ 2y? + Gy? + 5y* + 4y® + 8y° + 24y” + 20y® + 21y? + 22y"° + 18y7? + (36.12-10) 


417y"? r 16y"* 4 32y"4 ae 33y2° a 34y16 4. g8y!" ro g7y'8 ig. 96y'9 a 802° Bly! 
82y22 86y23 ca 85y24 84y® 88y76 72y?" a 68y78 7 69429 70y*° 66y2" 


The coefficients corresponds to the Pell representations interpreted as binary numbers, each Pell-digit 
occupying two bits (figure |36.12-B). 


When relation |36.12-9c}on the previous page is changed to b,, = P,, (indicated in the code, the function 
can be defined as pell (k)=if (k<=1, 1, return(2*pell(k-1)+pell(k-2)));) then the function Gp(y) 
which has the Pell Gray code sequence as coefficients is computed: 


Gr(y) = O+1y+ 2y? + 5y? + 4y* + 3y° + 6y® + 13y” + 10y® + 11y? + 12y*° + gy" + (36.12-11) 
+8y'? + Ty? + 14y"* + 15y7> + 16y7S + 33y"” + 32y7® + 31y?? + 24y?? + 25y?" 4 
+26y"? 4 20y79 + 9By* + 27y7® + 30y® + 23y"" + 20y7® + 219°? 4+ 29y°° + 19y7* +... 


Section on page [288] gives a recursive algorithm to compute the words of the Pell Gray code. 


Define the Pell Gray code constant as 


1 
Gp = Gp (5) (36.12-12a) 
=  2.245567348365072195720956572438998819867495229140192012... (36.12-12b) 
[base 2] = 10.00111110110111011000000001110010001100011000010000111... (36.12-12c) 
[CF] = [2,4,13,1,5,1,1,1,27,1,9,1,3,8,1,2,1,1,3,14,1,8,1,1,6,3,1, 


1,1;2,1, 7,210, 1,4; 8,2; 1,1,.10, 151, 6, 1, 1,3,1,9,1,4,6, 19; 1.1.4 


[fxtbook draft of 2008-January-19] 


36.12: Iterations related to the Pell numbers 


727 


Setting b, = 1, cn = 2 in the algorithm gives a function whose series coefficients are the sum of Pell Gray 


code digits: 


1 
Gin] (=) =  0.1232123234321234543234543432343212345434545654323454345 . .. 


Using b, = 1, c, = 0 counts the ones in the Pell Gray code: 


1 
Git,0] (=) =  0.1012101232121010121232343212321210101210123212123234323... 


while b, = 0, c, = 1 counts the twos: 


1 
Gio,1] (=) =  0.01100110011001122110011001100110011221122112211001100110.. 


The continued fraction of this constant has very large terms: 


[0, 90, 1, 8, 1, 5501100164, 8, 5, 3, 2, 19, 2, 1, 2, 2, 1, 1, 5, 1, 
54, 6, 1, 5, 22, 2, 6, 2, 2, 1, 22445, 1, 45, 2, 2, 5, 1, 5, 1, 8, 
54460945555446094447167274, 1, 5, 2, 2, 7, 1, 1, 1, 2, 1, 27, 2, 2, 
1, 17, 1, 1, 1, 1, 4, 2, 1, 4, 3, 3, 3, 1, 3, 1, 2, 1, 1, 29, 1 


(36.12-13) 


(36.12-14) 


. (36.12-15) 


Finally, (1 — y) Gp(y) gives the (signed) Pell ruler function, the first 100 series coefficients are: 


OL) Fie t3 S113 aol te eS ed a ee ad td A ee tl a 
43-4. -10 430-7 --3. +1 41. -3. 1-217 +1041 430-1 -1 +3 441 3041 +1 
<O2F1- Self ad el 43. sh Hlt3 47 38 al aD 3 Sd Slee aL th Sir et 
=b fetid tl t3, Sh Sl 857 3 le ae 38d ad ad tit 3-1 S143 
he 3) th aS Shs See ed 99) 


[fxtbook draft of 2008-January-19] 


728 Chapter 36: Synthetic Iterations * 


[fxtbook draft of 2008-January-19] 


Part V 


Algorithms for finite fields 


[fxtbook draft of 2008-January-19] 


729 


731 


Chapter 37 


Modular arithmetic and some 
number theory 


This chapter introduces some basic concepts of number theory. We start by implementing the arithmetical 
operations modulo m. Basic concepts of number theory, like the order of an element, quadratic residues 
and primitive roots are introduced. Selected algorithms such as the Rabin-Miller compositeness test and 
several primality tests are presented. The chapter ends with recreational material, such as multigrades 
and solutions of certain Diophantine equations. 


Modular arithmetic and the concepts of number theory are fundamental for many areas like cryptography, 
error correcting codes, and signal processing. 


37.1 Implementation of the arithmetic operations 


The first part in the implementation of modular arithmetics consists of the implementing the operations 
addition, subtraction, multiplication, powering and division. However, for a practically useful C++ class 
one also has to implement several other routines like the determination of the order of an element (which 
involves integer factorization and computation of Euler’s y) computation of square roots and elements of 
given order. 


37.1.1 Addition and subtraction 
Addition and subtraction modulo m can easily be implemented as [FXT: mod/modarith.h: 


inline umod_t sub_mod(umod_t a, umod_t b, umod_t m) 


if ( a=b ) return a-b; 
else return m- b+ a; 


} 


inline umod_t add_mod(umod_t a, umod_t b, umod_t m) 


if ( 0==b ) return a; 
// return sub_mod(a, m-b, m); 


b=m-b; 
if ( a=b ) return a-b; 
else return m- b+t+a; 


} 


The type umod_t is an unsigned 64-bit integer. Care has been taken to avoid any overflow of intermediate 
results. A ‘set’-, increment-, decrement- and negation function will further be useful: 


[fxtbook draft of 2008-January-19] 


732 Chapter 37: Modular arithmetic and some number theory 


inline umod_t set_mod(umod_t x, umod_t m) 
{if ( x>=m ) x %=m; return x; } 


inline umod_t incr_mod(umod_t a, umod_t m) 
{ at+; if ( a==m) a=0; return a; } 


inline umod_t decr_mod(umod_t a, umod_t m) 
{ if ( a==0 ) a=m-1; else a--; return a; } 


inline umod_t neg_mod(umod_t b, umod_t m) 
{ if ( 0==b ) return 0; else return m - b; } 


Two addition tables for the moduli 13 and 9 are shown in figure 


012 3 4 5 6 7 8 9 10 11 12 012 3 4 5 6 7 8 
0 0 12 3 4 5 6 7 8 9 10 11 12 0 012 3 4 5 6 7 8 
1 12 3 4 5 6 7 8 910 1112 0 1 12 3 4 5 6 7 8 0 
2 23 4 5 6 7 8 9101112 0 1 2 23 4 5 67 8 0 1 
3 3 4 5 6 7 8 9101112 0 1 2 3 3 45 6 7 8 0 1 2 
4 4 5 6 7 8 9101112 0 1 2 3 4 45 6 78 0 1 2 3 
5 5 6 7 8 9101112 0 12 3 4 5 5 6 7 8 0 12 3 4 
6 6 7 8 9101112 0 12 3 4 5 6 6 7 8 0 12 3 4 5 
7 7 8 9101112 012 3 4 5 6 7 7 8 0 12 3 4 5 6 
8 8 9101112 012 3 4 5 6 7 8 8 012 3 4 5 6 7 
9 9101112 012 3 4 5 6 7 8 
10 101112 012 3 45 6 7 8 9 
11 $1112 012 3 4 5 6 7 8 9 10 
12 12 012 3 4 5 6 7 8 9 10 11 


Figure 37.1-A: Addition modulo 13 (left) and modulo 9 (right). 


37.1.2 Multiplication 


Multiplication is a bit harder: if one would use something like 
inline umod_t mul_mod(umod_t a, umod_t b, umod_t m) 


return (a * b) 4m; 


Then the modulus would be restricted to half of the word size. 


One can use almost all bits for the modulus if the following trick is used. The technique also works if the 
product a-b does not fit into a machine integer. 


Let (x), denote x modulo y, let |x| denote the integer part of x. For 0 < a,b <m: 


-b 
a:b = [| -m-+ (a- bd), (37.1-1) 
m 
Rearranging and taking both sides modulo z > m (where z = 2* on a k-bit machine): 
a:b 
-b— |——]. = -b 1-2 
(a5-|2|-m) = ((a-d,). (37.1-2) 


The right hand side equals (a -b),,, because m < z. 


eile, atl) ert) 


The expression on the right can be translated into a few lines of C-code. The code given here assumes 
that one has 64-bit integer types int64 (signed) and uint64 (unsigned) and a floating point type with 
64-bit mantissa, float64 (typically long double). 


[fxtbook draft of 2008-January-19] 


37.1: Implementation of the arithmetic operations 733 


uint64 mul_mod(uint64 a, uint64 b, uint64 m) 


uint64 y = (uint64) ((float64) a*(float64)b/m+(float64)1/2); // floor (a*b/m) 


yry *n; // m*floor(a*b/m) mod z 
uint64 x =a * b; // a*b mod z 
uint64 r=x- y; // a*b mod z - m*floor(a*b/m) mod z 
if ( (int6é4)r <0) // normalization needed ? 
r=r+m; 
yz=y-i1; // (a*b)/m quotient, omit line if not needed 
} 
return 1; // (a*b)%m remnant 


} 
The technique uses the fact that integer multiplication computes the least significant bits of the result 


(a-b), whereas float multiplication computes the most significant bits of the result. The above routine 


works if 0 <= a,b < m < 2° = 3. The normalization is not necessary if m < 2° = 4. 


When working with a fixed modulus the division by p may be replaced by a multiplication with the 
inverse modulus, that only needs to be computed once: 


precompute: float64 i = (float64)1/m; 
and replace the line uint64 y = (uint64) ((float64) ax (float64) b/m+(float64) 1/2) ; 
by uint64 y = (uint64) ((float64) ax (float64) b*i+(float64) 1/2) ; 


so any division inside the routine is avoided. Beware that the routine cannot be used for m >= 2°?: it very 
rarely fails for moduli of more than 62 bits, due to the additional error when inverting and multiplying 


as compared to dividing alone. This technique is ascribed to Peter Montgomery. An implementation in 
is [FXT: mod/modarith.h]: 


inline umod_t mul_mod(umod_t a, umod_t b, umod_t m) 


umod_t x =a ¥*b; 
umod_t y = m * (umod_t)( (ldouble)a * (ldouble)b/m + (ldouble)1/2 ); 
umod_t r= x - y; 


if ( (smod_t)r <0) rt=n; 


} 

012 3 4 5 6 7 8 9 10 11 12 0 12 3 4 5 6 7 8 
0 000000 0 00 0 0 0 0 0 000000 0 0 0 
1 0 12 3 4 5 6 7 8 9 10 11 12 1 012 3 4 5 6 7 8 
2 0 2 4 6 81012 13 5 7 9 11 2 02468 13 5 7 
3 0 3 6912 2 5 811 1 4 7 10 3 03 60 3 60 3 6 
4 0 4 812 3 711 2 610 1 5 9 4 04838 3 7 2 6 1 5 
5 0 510 2 712 4 9 1 611 3 8 5 05162 73 8 4 
6 0 612 511 410 3 9 28 i1é=+7 6 063 063 0 6 3 
7 0 7 18 2 9 310 411 512 6 7 07 5 3 18 6 4 2 
8 0 8 311 6 19 412 7 210 5 8 0 8 765 43 2 1 
9 0 9 5 110 6 211 7 312 8 4 
10 010 7 4111 8 5 212 9 6 3 
11 0119 7 5 3 11210 8 6 4 2 
12 0121110 9 8 7 6 5 43 2 1 


Figure 37.1-B: Multiplication modulo 13 (left) and modulo 9 (right). 


Two multiplication tables for the moduli 13 and 9 are shown in figure|37.1-B} Note that for the modulus 
9 some products a- 6 are zero though neither of a or b is zero. The tables can be obtained with [FXT: 


mod/modarithtables-demo.cc). 


[fxtbook draft of 2008-January-19] 


734 Chapter 37: Modular arithmetic and some number theory 


37.1.3. Exponentiation 


The algorithm used for exponentiation (powering) is the binary exponentiation algorithm shown in sec- 
tion on page [537] 


inline umod_t pow_mod(umod_t a, umod_t e, umod_t m) 
// Right-to-left scan 


if ( O==e ) { return i; } 


else 

umod_t Zz =; 

umod_t y = 1; 

eile (1) 
if ( e&1 ) y = mul_mod(y, z, m; // y *= Z; 
e >>= 1; 
if ( 0==e ) break; 
z= sqr_mod(z, m); // z *= Z; 


return jy; 


37.1.4 Inversion and division 


Subtraction is the inverse of addition. In order to subtract an element b from another element a one can 
add the additive inverse —b:= m-— 6b to a. Each element has an additive inverse. 


Division is the inverse of multiplication. In order to divide an element a by another element b one 
can multiply a by the multiplicative inverse. But not all elements have a multiplicative inverse, only 
those elements b that are coprime to the modulus m (that is, gcd(b,m) = 1). These elements are called 
invertible (modulo m) or units. For a prime modulus all elements except zero are invertible. 


The computation of the GCD uses the Euclidean algorithm [FXT: mod/ged.h): 


template <typename Type> 
Type gcd(Type a, Type b) 
// Return greatest common divisor of a and b. 


{ 
if (a<b) = swap2(a, b); 
if ( b==0 ) return a; 
Type r; 
do 
{ 
r=ai%b; 
a=b; 
b=7; 
} 
while ( r!=0 ); 
return a; 
} 


A variant of the algorithm that avoids most of the (expensive) modular reductions is called the binary 


GCD algorithm [FXT:|mod/binaryged.h!: 


template <typename Type> 

Type binary_ugcd(Type a, Type b) 

// Return greatest common divisor of a and b. 
// Version for unsigned types. 


{ 
if (a<b) = swap2(a, b); 
if ( b==0 ) return a; 
Typer=aiZ%hb; 
a=b; 
b=Y; 
if ( b==0 ) return a; 
ulong k = 0; 


os ( !'((alb)&1) ) // both even 


[fxtbook draft of 2008-January-19] 


37.2: Modular reduction with structured primes 735 


k++; 
a >>= 1; 
b >>= 1; 


} 


while ( !(ak&1) ) a >>= 1; 
while ( !(b&1) ) b >>= 1; 


while ( 1 ) 
{ 


if ( a==b ) return a << k; 


if (a<b) swap2(a, b); 
Type t = (a-b) >> 1; // t>0 
while ( !(t&1) ) t >>= 1; 
a=t; 


} 


The complexity of this algorithm for N-bit numbers is O(N?). We note that an O(N log(N)) algorithm 
is given in |220). 


The least common multiple (LCM) of two numbers is 


a-b a 
Iem(a, b) = sala. 0) = ( ). (37.1-4) 


The latter form avoids overflow when using integer types of fixed size. 


For modular inversion one can use the extended Euclidean algorithm (EGCD), which for two integers a 
and 6 finds d = gcd(a, b) and u, v so that au+bv = d. Applying EGCD to b and m where gced(b, m) = 1 
one obtains u and vu so that mu+bvu=1. That is: bv =1 (mod m), so v is the inverse of b modulo m 
and d/bt= ab += an: 


The following code implements the EGCD algorithm as given in [155]: 


template <typename Type> 

Type egcd(Type u, Type v, Type &tul, Type &tu2) 
// Return u3 and set ui,vi so that 

//— gcd(u,v) == u3 == utul + veu2 

// Type must be a signed type. 

{ 


Type ul = 1, wu2 = 0; 
Type vi = 0, v3 =V; 
Type u3 =u, v2 = 1; 


while ( v3!=0 ) 
{ 


Type q = u3 / v3; 


u2 = v2; v2 = t2; 
} 
tul = ul; tu2 = u2; 
return u3; 


} 


Another algorithm for the computation of the modular inversion uses exponentiation. It is given only 
after the concept of the order of an element has been introduced (section on page |739). 


37.2 Modular reduction with structured primes 


The modular reduction with Mersenne primes M = 2* — 1 is especially easy: let u and v be in the range 
0< u,v < M = 2* —1, then with the ordinary (non-reduced) product written as uv = 2" r+ s (where 
0<r,s <M =2* —1) the reduction is simply uv =r+s (mod M). 


[fxtbook draft of 2008-January-19] 


736 Chapter 37: Modular arithmetic and some number theory 


2°64-2°32+1 == 2° (32*2)-27 (32*1) +1 2°80-2°48+1 == 27 (16*5)-27 (16*3) +1 
2°96-2°32+1 == 2° (32*3)-2° (32*1)+1 2°176-2°48+1 == 2° (16*11)-27 (16*3) +1 
2°224-2°96+1 == 2° (3247) -2° (3243) +4 2°176-2°80+1 == 27(16*11)-27 (16*5) +1 
27320-2°288+1 == 2° (32*10)-27 (32*9)+1 2°368-2°336+1 == 2° (16*23)-27 (16*21)+1 
2°512-2°32+1 == 27 (32*16)-27 (321) +1 2°384-2°80+1 == 27 (16*24)-27 (16*5) +1 
27512-2°288+1 == 2° (32*16)-27 (32*9)+1 2°400-27160+1 == 27 (16*25)-27 (16*10)+1 
2°544-2°32+1 == 2° (32*17)-27 (32*1) +1 2°528-2°336+1 == 27 (16*33)-27 (16*21)+1 
2°544-2°96+1 == 27 (32*17)-27 (32*3) +1 2°544-2°304+1 == 27 (16*34)-27 (16*19)+1 
2°576-2°512+1 == 2° (64*9)-27 (64*8) +1 2°560-27112+1 == 27 (16*35)-27 (16*7) +1 
2°672-2°192+1 == 2° (32*21)-27 (32*6)+1 2°576-2°240+1 == 27 (16*36)-27 (16*15)+1 
2°832-2°448+1 == 2° (64*13)-27 (64*7)+1 2°672-2°560+1 == 27 (16*42)-27 (16*35) +1 
2°992-2°832+1 == 2° (32*31)-27 (32*26) +1 2°688-2°96+1 == 2° (16*43)-27 (16*6) +1 
2°71088-2°608+1 == 27 (32*34)-27 (32*19)+1 2°784-2°48+1 == 2° (16*49)-2° (16*3) +1 
2°71184-2°768+1 == 27 (32*37)-27 (32*24) +1 2°832-2°432+1 == 2° (16*52)-27 (16*27)+1 
2°1376-2°32+1 == 27 (3243) -27 (32*1)+1 2°880-2°368+1 == 27 (16*55)-27 (16*23)+1 
2°1664-2°256+1 == 27 (128*13)-27 (128*2) +1 2°912-2°32+1 == 2° (16*57)-27 (16*2) +1 
2°1856-271056+1 == 27 (32*58)-2* (32*33) +1 2°944-2°784+1 == 27 (16*59)-27 (16*49) +1 
271920-2°384+1 == 2° (128*15)-2* (128*3)+1 2°71008-27144+1 == 2° (16*63)-27 (16*9) +1 
2 = 


2°1984-27°544+1 == 27 (32*62)-2° (32*17) +1 *1024-2°880+1 27 (16*64) -2* (16*55) +1 


Figure 37.2-A: The complete list of primes of the form p= x* — 2 + 1 where « = 2°, G = 2’, G > 32 
and p up to 2048 bits (left), and the equivalent list for = 21° and p up to 1024 bits (right). 


? M=x720-x715+x710-x75+1; 
? n=poldegree(M) ; 
? P=sum(i=0,2*n-1,eval(Str("p_"i))*x7i) 
p_39*x*39 + p_38*x~38 + [--etc--] + p_3*x73 + p_2*x72 + p_1*x + p_0O 


? R=PY%M; 

? for(i=0,n-1,print(" ",eval(Str("r_"i))," = ",polcoeff(R,i))) 
r_0 = p_O + (-p_20 - p_25) 
r_1 = p_1 + (-p_21 - p_26) 
r_2 = p_2 + (-p_22 - p_27) 
r_3 = p_3 + (-p_23 - p_28) 
r_4 = p_4 + (-p_24 - p_29) 
r_5 = p_5 + (p_20 - p_30) 
r_6 = p_6 + (p_21 - p_31) 
r_7 = p_7 + (p_22 - p_32) 
r_8 = p_8 + (p_23 - p_33) 
r_9 = p_9 + (p_24 - p_34) 
r_10 = p_10 + (-p_20 - p_35) 
r_11 = p_i1 + (-p_21 - p_36) 
r_12 = p_12 + (-p_22 - p_37) 
r_13 = p_13 + (-p_23 - p_38) 
r_14 = p_14 + (-p_24 - p_39) 
r_15 = p_i5 + p_20 
r_16 = p_16 + p_21 
r_17 = p_i7 + p_22 
r_18 = p_18 + p_23 
r_19 = p_19 + p_24 


Figure 37.2-B: Computation of the reduction rule for the 640-bit prime Y59(237). 


[fxtbook draft of 2008-January-19] 


37.2: Modular reduction with structured primes 737 


A modular reduction algorithm that uses only shifts, additions and subtractions can be found also for 
structured primes (called generalized Mersenne primes in [216]). Let the modulus M be of the form 


M = Sims" (37.2-1) 

1=0 
where x = 2" and the leading coefficient m,, equal to one. For simplicity we further assume that m; = +1 
and m,n_1 = —1 (so that the numbers fit into n bits). The reduction algorithm can be found using 


polynomial arithmetic. Write the non-reduced product P as 


2n-1 
i=0 
where 0 < p; < x. Then the reduced product R is 
n-1 
R= r,z° := P (mod M) (37.2-3) 
i=0 


where 0 <r; < x. A script that will print the rule for moduli of the form x* — 2 + 1 is 


M=x*k - x*j + 1 \\ modulus as polynomial 

n=poldegree(M) ; 

P=sum(i=0, 2*n-1, eval(Str("p_" i)) * x*i) \\ unreduced product 
R=P%M; \\ reduced product 

\\ print rules: 

for (i=0, n-1, print(" ",eval(Str("r_" i)), "=", polcoeff(R, i))) 


With & = 3 and j = 2 we obtain the reduction rules (last three lines) 


? k=3;5=2; 
? M=x"k-x7jt+t 
x°S = x°2) 4.1 
? n=poldegree(M) ; 
? P=sum(i=0,2*n-1,eval(Str("p_"i))*x7i) 
p_5*x75 + p_4*x74 + p_3*x73 + p_2*x72 + p_1*x + p_O 
? R=P%M; 
? for(i=0,n-1,print(" ",eval(Str("r_"i))," = ",polcoeff(R,i))) 
r_O = p_O + (-p_3 + (-p_4 - p_5)) 
r_1 = p_1 + (-p_4 - p_5) 
r_2 = p_2 + (p_3 + p_4) 


A list of primes of the form p = «* — a/ +1 where x = 2°, G a power of two and G > 16 is shown 


in figure |37.2-Al The equivalent list with i a multiple of 8 is given in [FXT: 
poate 


. The primes allow radix-2 number theoretic transforms up to a length of 2x’. 


Structured primes that are evaluations of cyclotomic polynomials are given in section |37.11.4.7] on 
page [768] The reduction rule for the 640-bit prime M = Y59(237) is shown in figure |37.2-B] There 


is a choice for the ‘granularity’ of the rule: the modulus also equals Yi9(2?*), so we can obtain the 
reduction rule for groups of 5 machine words 


? M=x74-x73+x72-x71+1; 


[--snip--] 
? for(i=0,n-1,print(" ",eval(Str("r_"i))," = ",polcoeff(R,i))) 
r_0 = p_O + (-p_4 - p_5) 
r_1 = p_i+ (p_4 - p_6) 
r_2 = p_2 + (-p_4 - p_7) 
r_3 = p_3 + p_4 


However, the rule in terms of single words seems to be more appropriate as it allows for easier code 
generation. 


[fxtbook draft of 2008-January-19] 


738 Chapter 37: Modular arithmetic and some number theory 
37.3. The sieve of Eratosthenes 


Several number theoretic algorithms can take advantage of a precomputed list of primes. A simple and 
quite efficient algorithm, called the sieve of Eratosthenes computes all primes up to a given limit. It uses 
a tag-array where all entries > 2 are initially marked as potential primes. The algorithm proceeds by 
searching for the next marked entry and deleting all multiples of it. 


An implementation that uses the bitarray class (see section on page is given in [FXT: 
mod/eratosthenes-demo.cc’: 


void 
eratosthenes(bitarray &ba) 
{ 
ba.set_all(); 
ba.clear(0); 
ba.clear(1); 
ulong n = ba.n_; 
ulong k = 0; 
while ( be. next_set(k+1)) <n ) 


for (ulong j=2, i=j*k; i<n; ++j, i=j*k) ba.clear(i); 


} 
} 
The program prints the resulting list of primes (code slightly simplified): 
int 
main(int argc, char **argv) 
{ 


ulong n = 100; 

NXARG(n, "Upper limit for prime search") ; 
bitarray ba(n); 

eratosthenes (ba) ; 


ulong k = 0; 
ulong ct = 0; 
while ( (k=ba.next_set(kt+1)) <n ) 


++ct ; 
cout << "" << k; 
cout << endl; 
cout << "Found " << ct << " primes below " << n << "." << endl; 
return 0; 
} 
The output for the default (n = 100) is: 


235 7 11.13 17 aise ee ee 88 ee OE BE Te i eee ae 
Found 25 primes below 100. 


A little thought leads to a faster variant: when deleting the multiples k - p of the prime p from the list 
we only need to care about the values of & that are greater than all primes found so far. Further, values 
k-p containing only prime factors smaller than p have already been deleted. That is, we only need to 
delete the values {p?, p? + p, p? + 2p, p? + 3p, ...}. If we further extract the loop for the prime 2 then 
for the odd primes, we need to delete only the values {p, p? + 2p, p? + 4p, ...}. 


The implementation is 


void 
eratosthenes_opt(bitarray &ba) 
{ 
ba.set_all(); 
ba.clear(0); 
ba.clear(1); 
ulong n = ba.n_; 
for (ulong k=4; k<n; kt+=2) ba.clear(k); 
ulong r = isqrt(n); 
ulong k = 0; 
while ( (k=ba. next_set(k+1)) <n ) 


if (k>rxr) _ break; 


[fxtbook draft of 2008-January-19] 


37.4: The order of an element 739 


for (ulong j=k*k; j<n; j+=k*2) ba.clear(j); 
} 
The routine is included in the demo, the second argument chooses whether the optimized routine is used. 
When computing the primes up to a limit N then about N/p values are deleted after finding the prime p. 
If we slightly overestimate the computational work W by 
1 
wreN SO = (37.3-1) 
p<N, prime - 


then W = N log(log(V)) which is almost linear. Practically, much of the time used with larger values 
of N is lost waiting for memory access. Thereby, further improvements should rather address machines 
specific optimizations than additional algorithmic refinements. 


The described algorithmic improvement can be deduced from the series acceleration of the Lambert series 
(ie = Se > yee 37.3-2 
De = Doe = DD = De (37.3.2) 

k>0 k>0 k>0j>0 k>0 


where d(k) is the sum of the divisors of k. We note a relation from p.644, ex.27]: 


k 
pee: “ oe = Dd ba® (1 a") (1—a*) (1—a*'9)... (37.3-3) 
k>0 k>0 


One can save half of the space by recording only the odd primes. A C++ implementation of the modified 


algorithm is [FXT: make_oddprime_bitarray() in mod/eratosthenes.cc|. The corresponding table is 


created upon startup of programs linking the FXT-library. The data can be used to verify the primality 
of small numbers [FXT: is_small_prime() in . The function next_small_prime() in the 


same file uses the data to return the next prime greater or equal to its argument or zero if the argument 
is too big. 


37.4. The order of an element 


0 12 3 4 5 6 7 8 9 10 11 12 <--= exponent 


-------- = [order] 
0 100000000000 ~0 [ --] 
££ £4244 £4 Pf tt 2 4 1 [ 4] 
2 12 4 8 3 61211 9 510 7 1 (CF 12] 
3 1391232291329 «183209 1 [ 3] 
4 1 4 312 910 1 4 312 910 1 [ 6] 
5 1 512 8 1512 8 1512 8 1 #(€ 4] 
6 1 6108 9 212 7 3 5 411 1 €[ 12] 
7 1 710 5 91112 6 3 8 42 1— € 12] 
8 1 812 5 1812 5 1 812 5 1 (€[ 4] 
9 19319319 3109 3 41 [ 3] 

10 110 912 3 4110912 3 41 +#:[ 6) 

141 111 4 5 3712 29 810 6 1 = 12) 

12 112 112 112 112 112 112 1 #([ 2) 


Figure 37.4-A: Powers and orders modulo 13, the maximal order is R(13) = 12 = y(13). 


The (multiplicative) order r = ord(a) of an element a is the smallest positive exponent so that a” = 1. 
For elements that are not invertible (gcd(a,m) # 1) the order is not defined. Figure |37.4-A| shows the 


[fxtbook draft of 2008-January-19] 


740 Chapter 37: Modular arithmetic and some number theory 


0 12 3 4 5 6 7 8 <--= exponent 0 12 3 4 5 6 <--= exponent 

---------------------- = [order] 2-55 --- == [order] 
0 100000000 =L£--] 1d£iaiaa4.44 { 1] 

1 414444 44¢4¢é4~«+(€C 4) 2124875 1 [ 6] 
2124875 12 4 € 6] 4 14714741 [ 3] 
3 13 0000000 =[--] 5 15 78 421 { 6] 
4 147147 14 7 ~«[ 383i 7 17 44174 1 [ 3] 
5 15 78 4215 7 € 6) 8 1818181 {[ 2] 
6 160000000 [ --] 

7 17 441 7 441 7 4 «FT 38) 

8 18181818 1 €[ 2] 


Figure 37.4-B: Powers and orders modulo 9 (left), the maximal order is R(9) = 6 = y(9). The order 
modulo m is defined only for elements a where gcd(a,m) = 1. The table of powers for the group of units 
(Z/9Z)* (right) is obtained by dropping all elements for which the order is undefined. 


powers of all elements modulo the prime 13. The rightmost column gives the order of those elements that 
are invertible. 


An element a whose r-th power equals one is called an r-th root of unity: a” = 1. Modulo 9 both elements 
2 and 4 are a 6th roots of unity, see figure |37.4-B 


If a” = 1 but a® F 1 for all x < r then a is called a primitive r-th root of unity. Modulo 9 the element 
2 is a primitive 6th root of unity; the element 4 is not, it is a primitive 3rd root of unity. An element of 
order r is an r-th primitive root of unity. 


The maximal order R(m) is the maximum of the orders of all elements for a fixed modulus m: 


Rim) := oe (ord(a)) (37.4-1) 


For prime modulus p the maximal order equals R(p) = p—1. When it cannot cause confusion we omit 
the argument to the maximal order in what follows. 


An element of maximal order is a R-th primitive root of unity. Roots of unity of an order different from 
R are available only for the divisors d; of R: if g is an element of maximal order R then g”/“ has order 
d, (is a primitive d,-th root of unity): 


ord (o?/#) = of, (37.4-2) 


This is because (g®/4)4 = g® = 1 and (g®?/%)* 41 for k < dj. 


The factor by which the order of an element falls short of the maximal order is sometimes called the 
index of the element. Let 7 be the index and r the order, then i-r = R. 


The concept of the order comes from group theory. The invertible elements modulo m with multiplication 
form a group. The neutral element is one. The order defined above is the order in this group, it tells us 
how often one has to multiply the element a to one to obtain one. We restrict orders to positive values, 
else every element would have order zero. 


With addition things are simpler: all elements with addition form a group with zero as neutral element. 
The order of an element a in this group tells us how often one has to add a to zero to obtain zero. The 
order here is simply m/gced(a,m). All elements coprime to m (and especially 1 and —1) are generators 
of the additive group. 


The maximal order R of all elements of a group is sometimes called the exponent of the group. Elements of 
maximal order are also called primitive elements of the group, primitive roots of the group, or generators 
of the group. 


[fxtbook draft of 2008-January-19] 


37.5: Prime modulus: the field Z/pZ = F, = GF(p) 7Al 


37.5 Prime modulus: the field Z/pZ = F, = GF(p) 


If the modulus is a prime p then Z/pZ is the field F, = GF(p): all elements except 0 have inverses and 
thereby division is possible in GF(p). The maximal order R equals p—1. Elements of order R are called 
primitive roots modulo p. 


If g is a generator, then every element in GF(p) different from 0 is equal to some power g® (1 < e < p) 
of g and its order is R/e. To test whether g is a primitive n-th root of unity in GF(p) one does not need 
to check whether g* ¥ 1 for all k < n. It suffices to do the check for exponents k that are prime factors 
of n. This is because the order of any element divides the maximal order. 


To find a primitive root in GF(p) proceed as indicated by the following pseudo code: 


function primroot(p) 


if p==2 then return i 
f£(] := distinct_prime_factors(p-1) 
for r:=2 to p-1i 


£ 
x := TRUE 
foreach q in f[] 


if r**((p-1)/q)==1 then x:=FALSE 
} 
if x==TRUE then return r 


error("no primitive root found") // p cannot be prime ! 


} 


The algorithm is a simple search and might seem ineffective. In practice the root is found after only a 
few tries. Note that the factorization of p—1 must be known. An element of order n in GF(p) is returned 
by the following function: 


function element_of_order(n, p) 


R := p-1 // maxorder 
if (R/n)*n != R then error("order n must divide maxorder p-1") 
r := primroot(p) 


x := r**(R/n) 
return x 


37.6 Composite modulus: the ring Z/mZ 


nip(n) | mgln) | me(n) | moeln) | myln) | moelr) | myln) | mol) 
1: 1 13: 12 25: 20 37: 36 49: 42 61: 60 73: 72 85: 64 
2: 1 14 6 26: 12 38: 18 50: 20 62: 30 74: 36 86: 42 
3: 2 15 8 27: 18 39: 24 51: 32 63: 36 79: 40 87: 56 
4:5 2 16 8 28: 12 40: 16 52: 24 64: 32 76: 36 88: 40 
db: OU 17: 16 29: 28 41: 40 53: 52 65: 48 77: 60 89: 88 
6: 2 18: 6 30: 8 42: 12 54: 18 66: 20 78: 24 90: 24 
7: 66 19: 18 31: 30 43: 42 50: 40 67: 66 79: 78 91: 72 
8: 4 20: 8 32: 16 44: 20 56: 24 68: 32 80: 32 92: 44 
9: 6 21: 12 33: 20 45: 24 57: 36 69: 44 81: 54 93: 60 
10: 4 22: 10 34: 16 46: 22 58: 28 70: 24 82: 40 94: 46 
11: 10 23: 22 35: 24 47: 46 59: 58 71: 70 83: 82 95: 72 
12: 4 24 8 36: 12 48: 16 60: 16 72: 24 84: 24 96: 32 


Figure 37.6-A: Values of y(n), the number of integers less than n and coprime to n, for n < 96. 


[fxtbook draft of 2008-January-19] 


742 Chapter 37: Modular arithmetic and some number theory 


In what follows we will need the function y, the totient function (or Euler’s totient function). The 
function y(m) counts the number of integers coprime to and less than m: 


gm) = So | (37.6-1) 
1<k<m 
gcd(k,m)=1 


The sequence of values y(n) is entry |A000010 in [214). The values of y(n) for n < 96 are shown in 
figure |37.6-A| For m = p prime one has y(p) = p— 1. For m composite y(m) is always less than m — 1. 


For m = p” a prime power 
g(p*) = p*—p** = p®* (p-1) (37.6-2) 


The totient function is a multiplicative function: one has y(pi pz) = y(pi) y(p2) for coprime pi, pe: 
gcd(p1, po) = 1 but pi, p2 are not necessarily prime. Thereby, if the factorization of n into distinct prime 
powers is n = [[, p;*, then 


g(r) = J] vp) (37.6-3) 
An alternative expression for y(n) is 
1 ; 
y(n) = nf (1 - ~) where n=] [px (37.6-4) 
Pi : i 


We note a generalization: the number of s-element sets of numbers < n whose greatest common divisor 
is coprime to n equals 


1 
ys(n) = n> II (1 - =) where n= [[* (37.6-5) 


Pi 


Pseudo code to compute y(m) for arbitrary m: 
function euler_phi(m) 


{n, p[], x[]} := factorization(m) // m==product(i=0..n-1, p[i]**x[i]) 
h:= 1 
for i:=0 to n-1 


k = := x[i] // exponent 
ph := ph * (pl[i]**(k-1)) * (p[i]-1) // ==ph * euler_phi(p[i] **x[i]) 
} 
us 


The multiplicative group (consisting of the invertible elements, or units) is denoted by (Z/mZ)*. The 
size of the group (Z/mZ)* equals the number of units: 


|(Z/mz)" = y(m) (37.6-6) 
If m factorizes as m = 2° - pit +... + Da where p; are pairwise distinct primes then 
|(Z/mzy"| = 9(2")- eve) +... olf) (37.6-7) 


Further, the group (Z/mZ)* is isomorphic to the direct product of the multiplicative groups modulo the 
prime powers: 


(Z/mZ)*" ~ (Z/2°Z) x (Z/p'Z) x --» x (Z/peZ) (37.6-8) 


That is, instead of working modulo m we can do all computations modulo all prime powers in parallel. 
The Chinese remainder theorem (section on page |747) tells us how to find the element modulo m 
given the results modulo the prime powers. The other direction is simply modular reduction. 


[fxtbook draft of 2008-January-19] 


37.6: Composite modulus: the ring Z/mZ 743 


012 3 4 5 6 7 8 910 11 12 13 14 0123 4 
0 1000000000000 0 0 [ --] 1 2 da4 2 4 { 4] 
1 4144444 2444¢i%4i%4¢«i%4 «i%1 i411 ~=+(¢c 4) 2 12 481 € 4] 
2124812481248 12 4 [ 4] 4 14141 € 2) 
3 1 3 912 6 3 912 6 3 912 6 3 9 [ --] 7 1 7 413 1 [ 4] 
4 14%14%1 44%1 441 441 4«41 4 1 ~€ 2) 8 18 421 € 4] 
5 1 510 510 510 510 510 510 510 [--] 141 12141 4141 14 #C 2) 
6 1 66 6666666666 6 6 [ --] 13 113 4 7 1 [ 4] 
7 1 7 413 17 413 17 413 17 4 «C[ 4) 14 #114 114 1 #+(C Qj 
8 18 4218 4218 4218 4 [ 4] 
9 196969696969 69 6 [--] 
10 1410101010 10101010101010101010 ([ --] 
41 42141 441 14141 1141 14141 1411 1411 14 «+ 2) 
12 112 9 3 612 9 3 612 9 3 612 9 (O[--] 
13 #113 4 7 113 4 7 113 47 113 4 «[ 4) 
14 #114 114 114 114 114 114 114 1 #+[ 2) 


Figure 37.6-B: Powers and orders modulo 15 (left). The ring Z/15Z is noncyclic: there are y(15) = 8 
invertible elements but no element generates all of them as the maximal order is R(15) = 4 < y(15). The 
table of powers for the group of units (Z/15Z)* (right) is obtained by dropping all elements that are not 
invertible. 


37.6.1 Cyclic and noncyclic rings 


If the maximal order R if equal to |(Z/mZ)*| = y(m) then the ring (Z/mZ)* is then called a cyclic ring, 
else we call the ring noncyclic. The term cyclic reflects that in those rings the powers of any element of 
maximal order ‘cycle through’ all elements of (Z/mZ)*. An element of maximal order in cyclic rings is also 
called a generator as its powers ‘generate’ all elements. Strictly spoken, the terms cyclic and noncyclic 
refer to the group of invertible elements (with multiplication as group operation). As the additive group 
(of all elements, with addition as group operation) is always cyclic (one is always a generator) there is 
no ambiguity when speaking of a cyclic ring. 


Figure |37.6-B| shows the powers and orders of the noncyclic ring Z/15Z where no element generates all 


units. The rings Z/13Z and Z/9Z are cyclic, see figure |37.4-A] on page and figure |37.4-B] on page 
[740] 


For prime modulus m = p the group (Z/mZ)* contains all nonzero elements and any element of maximal 
order is a generator of the group. 


For m a power p* of an odd prime p the maximal order R in (Z/mZ)* is 
R(p") = 9(p*) (37.6-9) 
For m a power of two a tiny irregularity occurs: 


1 fork =1 
RQ”) = 2 fork =2 (37.6-10) 

2°-* fork 3 
That is, for powers of two greater than 4 the maximal order deviates from y(2") = 2*~! by a factor of 2. 
ky 
1 


For the general modulus m = 2"0 - pf! +... pa! the maximal order is 


R(m) = lem (R(2"*), R(pi*), ..., R@E)) (37.6-11) 


where lcm denotes the least common multiple. The maximal order R(m) of an element in Z/mZ can be 
computed as: 


[fxtbook draft of 2008-January-19] 


744 Chapter 37: Modular arithmetic and some number theory 


function maxorder(m) 
{n, p[], k[]} := factorization(m) // m==product(i=0..n-1,p[i]**k[i]) 
R := 1 
for i:=0 to n-1i 
t := euler_phi_pp(pl[i], k[i]) // ==euler_phi(p[i] **k[i]) 
if pliJ==2 AND k[i]>=3 then t :=t / 2 


R := lcm(R, t) 
} 


return R 


Now we can see for which moduli m the ring (Z/mZ)* will be cyclic (the maximal order equals the 
number of units y(m)): 


(Z/mZ)* is cyclic for m= 2, 4, p*, 2- p* where p is an odd prime (37.6-12) 
If the factorization of m contains two different odd primes p, and pp then 


R(m) = I|ecm(..., y(pa), ---; Y(po),---) 


is at least by a factor of two smaller than 


pm) =... + p(Pa) +. (Ps) <+ 


because both y(pa) and y(pp,) are even. Thereby (Z/mZ)* cannot be cyclic in that case. The same 
argument holds for m = 2" . p* if kg > 1. For m = 2* the ring (Z/mZ)* is cyclic only for k = 1 and 
k = 2 because of the mentioned irregularity of powers of two (relation |37.6-10}on the preceding page). 


Pseudo code for a function that returns the order of a given element x in (Z/mZ)*: 


function order(x, m) 


if gcd(x,m)!=1 then return 0 // x not a unit 
h := euler_phi(m) // number of elements of ring of units 


e:=h 
{n, p[], k[]} := factorization(h) // h==product(i=0..n-1,p[i]**k[i]) 
for i:=0 to n-1 


f := pli)**k([i] 
e:=e/f 
gl := x**e mod m 
while gi!=1 
{ 
gl := gi**p[i] mod m 
e :=e * pli] 
} 
} 
return e 


Pseudo code for a function that returns an element «# in (Z/mZ)* of maximal order: 


function maxorder_element (m) 


R := maxorder(m) 
for x:=1 to m-1 


if order(x, m)==R then return x 


// never reached 


[fxtbook draft of 2008-January-19] 


37.6: Composite modulus: the ring Z/mZ 745 


Again, while the function does a simple search it is efficient in practice. For prime m the function returns 


a primitive root. A C++ implementation is [FXT: maxorder_element_mod() in . Note 


that for noncyclic rings the returned element does not necessarily have maximal order modulo all factors 
of the modulus. We list all elements of (Z/15Z)* together with their orders modulo 15, 3, and 5: 


1: yr=1 r3=1 r5=1 
2: r=4 r3=2 rb=4 
4: yr=2 r3=1 r5=2 
7: r=4 r3=1 rb=4 <--= 
8: r=4 r3=2 rb=4 
41: r=2 r3=2 rbdb=1 
13: r=4 r3=1 rb=4 <--= 
14: r=2 r3=2 rb=2 


The two elements marked with an arrow have maximal order modulo 15 but not modulo 3. An element of 
maximal order modulo all factors of a composite modulus (equivalently, maximal order in all subgroups) 
can be found by computing a generator for all cyclic subgroups and applying the Chinese remainder 
algorithm given in section [37.7] 


37.6.2 Generators in cyclic rings 


Let G be the set of all generators in a cyclic ring modulo n. Then the number of generators is given by 

IG] = (y(n) (37.6-13) 
Let g be a generator, the g” is a generator exactly if gcd(k, y(n)) = 1 as there are y(y(n)) numbers k 
that are coprime to y(n). 


Let g be a generator modulo a prime p. Then g is a generator modulo 2 p* for all k > 1 if g is odd. If g 
is even then g + p* is a generator modulo 2 p*. 


Further, g is a generator modulo p* if g?~! mod p? 4 1. The only primes below 2°° = 68 - 10° for which 
the smallest primitive root is not the a generator modulo p? are 2, 40487 and 6692367337. Such primes 


are called non-generous primes, see entry A055578| of [214]. 


The only known primes p below 32 - 10!* where 2?~! = 1 modulo p? are 1093 and 3511 (such primes are 
called Wieferich primes, see entry A001220) of [214]). As 2 is not a generator modulo either of the two 
we see that whenever 2 is a generator modulo p < 32-10!? then it is also a generator modulo p”. 


37.6.3 Generators in noncyclic rings 


When the ring is cyclic an element of maximal order generates all invertible elements. With noncyclic 
rings one needs more than one generator. Pari/gp’s function znstar() gives the complete information 
about the multiplicative group of units. The help text reads: 


znstar(n): 3-component vector v, giving the structure of (Z/nZ)“*. 
v[1] is the order (i.e. eulerphi(n)), 

v[2] is a vector of cyclic components, and 

v[3] is a vector giving the corresponding generators. 


Its output for 2 <n < 25 is shown in figure |37.6-C 


The ring is cyclic when there is just one generator. In general, when znstar(n) returns 
[My Wi Pasteas Tels (Ots Gay 2< sel (37.6-14) 
then the y invertible elements u are of the form 
i = OF os i (37.6-15) 
where 0 < e; < r; for 1 <i<k. For example, with n = 15: 


[fxtbook draft of 2008-January-19] 


746 Chapter 37: Modular arithmetic and some number theory 


? for(n=2,25,print(n," ",znstar(n))) 
2D» Os (1) /* read: [1, [1], [Mod(1,2)]] */ 
3 [2, [2], [Mod(2, 3)]] 
4 [2, [2], ([Mod(3, 4)]] 
5 (4, [4], ([Mod(2, 5)]] 
6 [2, [2], [Mod(5, 6)]] 
7 (6, [6], [Mod(3, 7)]] 
8 [4, [2, 2], [Mod(5, 8), Mod(3, 8)]] 
9 [6, [6], [Mod(2, 9)]] 
10 (4, [4]. [Moa(7. 10)7] 
11 [10, [10], ([Mod(2, 11)]] 
12 (4, [2, 2], [Mod(7, 12), Mod(5, 12)]] 
13 (12, [12], [Mod(2, 13)]] 
14 [6. [6], [Moa(3, 14)]] 
15 [8, [4, 2], ([Mod(8, 15), Mod(ii, 15)]] 
16 (8, [4, 2], [Mod(5, 16), Mod(7, 16)]] 
17 (16, [16], [Mod(3, 17)]] 
18 (6, [6], ([Mod(11, 18)]] 
19 [18, [18], [Mod(2, 19)]] 
20 [8, [4, 2], [Mod(3, 20), Mod(11, 20)]] 
21 [12, [6, 2], [Mod(5, 21), Mod(8, 21)]] 


[Mod (13, 22)]] 
[Mod(5, 23)]] 
24 [8, [2, 2, 2], [Mod(13, 24), Mod(19, 24), Mod(17, 24)]] 
25 [20, [20], [Mod(2, 25)]] 


Figure 37.6-C: Structure of the multiplicative group modulo n for 2 <n < 25, as reported by pari/gp’s 
function znstar(). 


~_ 


znstar (15) 

[8, [4, 2], [Mod(8, 15), Mod(11, 15)]] 
gi=Mod(8, 15); g2=Mod(11,15); 

for (e1=0,4-1,for(e2=0,2-1,print(e1," ",e2,"  ",gi~el*g2~e2))) 
Mod(1, 15) 

Mod(11, 15) 

Mod(8, 15) 

Mod(13, 15) 

Mod(4, 15) 

Mod(14, 15) 

Mod(2, 15) 

Mod(7, 15) 


NON 


WWNHNRFRRFOO 
FOROrROFRO 


Generators modulo n = 2* 


The ring modulo n = 2" is cyclic only for k < 2: 


? for(i=1,6,print(i,": ",znstar(27i))) 
1: 1, O, O) 
2: [2, [2], [Mod(3, 4)]] 
3: [4, [2, 2], [Mod(5, 8), Mod(3, 8)]] 
4: [8, [4, 2], [Mod(5, 16), Mod(7, 16)]] 
5: (16, [8, 2], [Mod(5, 32), Mod(15, 32)]] 
6: [32, [16, 2], [Mod(5, 64), Mod(31, 64)]] 


For k > 3 the multiplicative group is generated by the two elements 5 and —1. 


37.6.4 Inversion by exponentiation 


For a unit u of order r = ord(u) one has u” = 1. As r divides the maximal order R also u® = 1 holds and 
thereby u®-!-u=1. That is, the inverse of any invertible element u equals u to the (R — 1)-st power: 


ut = yf} (37.6-16) 


1 


In fact, one has also u~! = u?(™ 1 which may involve slightly more work if the ring is noncyclic. 


[fxtbook draft of 2008-January-19] 


37.7: The Chinese Remainder Theorem (CRT) 747 


37.7 The Chinese Remainder Theorem (CRT) 


Let m1, m2, ..., my be pairwise coprime (that is, ged(m;,m,;) = 1 for alli # j). If x =a; (mod m,) for 
7=1,2,..., f then x is unique modulo the product M = m,-mz2---my. This is the Chinese remainder 
theorem (CRT). Note that it is not assumed that any of the m, is prime. 


The theorem tells us that a computation modulo a composite number M can be split into separate 
computations modulo the coprime factors of M. To evaluate a function y := f(x) mod M where M = 
M1 +My (with gcd(m1, mz) = 1), proceed as follows 

1. Splitting: compute 7; = x mod m, and x2 = x mod m2. 

2. Separate computations: compute y1 := f(a1) mod my, and yp := f(a2) mod m2 

3. Recombination: compute y from y, and y2 using the CRT 
For example, when computing the exact convolution of a long sequence via number theoretic transforms 
(see section on page |514) the largest term of the result must be smaller than the modulus. Assume 
that (efficient) modular arithmetic is available for moduli of at most word size. Now choose several 


coprime moduli whose product / is greater than the largest element of the result, compute the transforms 
separately and only at the very end compute the elements modulo M. 


Efficient computation 


For two moduli m ,, mz compute x with « = x, (mod m,) and x = x2 (mod mz) as suggested by the 
following pseudo code: 


function crt2(xi, mi, x2, m2) 


mi**(-1) mod m2 // inverse of m1 modulo m2 
((x2-x1)*c) mod m2 
return xi+s * ml 


Cc: 


s : 


For repeated CRT calculations with the same moduli one will use precomputed values c = my" mod m2. 
With more than two moduli use the above algorithm repeatedly. Pseudo code to perform the CRT for 
several moduli: 


function crt(x[0,...,f-1], m[0,...,f-1], f) 
{ 
x1 := x[0] 
mi := m[0] 
i214 
do 
{ 
x2 := x[il 
m2 := m[il 
x1 := crt2(xi, mi, x2, m2) 
mi := mi * m2 
} i:s=it+il 


while i<f 
return x1 


} 
A C++ implementation is given in [FXT: |mod/chinese.cc): 
umod_t 


chinese(const umod_t *x, const factorization &f) 
// Return R modulo M where: 
// £0) is the factorization of M, 
//  x{] :=R modulo the prime powers of f[]. 
{ 
const int n = f.nprimes(); 
// (omitted test that gcd(m_0,...,m_{n-1})=1 ) 


const umod_t M = f.product(); 
umod_t R = 0; 
for (int i=0; i<n; ++i) 


[fxtbook draft of 2008-January-19] 


748 Chapter 37: Modular arithmetic and some number theory 


// Ti = prod(@mk) (where k!=i); Ti==M/mi: 
const umod_t Ti = M / f.primepow(i); // exact division 
// ci = 1 / Ti: 
umod_t ci = inv_modpp(Ti, f.prime(i), f.exponent(i)); 
// here: O <= ci < mi 
// Xi = x[i] * ci_* Ti: 
umod_t Xi = ci * Ti; // 0 <= Xi <M 
Xi = mul_mod(Xi, x[i], M); 
// add Xi to result: 
R = add_mod(R, Xi, M); 
} 


return R; 


The underlying construction 


We derive the algorithm for CRT recombination from a construction for k coprime moduli. Define T; as 


T, c= [[™ 


k#i 
and c; as 
C= ie, mod ™; 
Then for X; defined as 
X; := 424,¢,T; 
one has 
X; modm; = { “ ee ak 
else 
Therefore 
7 3S SO = 2 mod m; 
k 
For the special case of two moduli m1, mz one has 
T, = mg, Tz = my, 
cq = m5! mod mj, C= m,! mod m2 
The quantities are related by 
CyMg+cgm = 1 
and 
Lo= So Xr = 7107, 4+ 422 To 


k 
= @1C,M2+ %QoCQM), 
= (1 — com) + 4c. m4 


= «1+ (#2 —- 21) (m;* mod m2) m4 
The last equality is used in the code. 


[fxtbook draft of 2008-January-19] 


(37.7-1) 


(37.7-2) 


(37.7-3) 


(37.7-4) 


(37.7-5) 


(37.7-6a) 
(37.7-6b) 


(37.7-7) 


(37.7-8a) 


(37.7-8b) 
(37.7-8c) 
(37.7-8d) 


37.8: Quadratic residues 749 


37.8 Quadratic residues 


Let p be a prime. The quadratic residues modulo p are those values a so that the equation 

2? = a _ (modp) (37.8-1) 
has a solution. If the equation has no solution then a is called a quadratic non-residue modulo p. A 
quadratic residue is a square (modulo p) of some number, so we can safely just call it a square modulo p. 


Let g be a primitive root (the particular choice does not matter), then every nonzero element x can 
uniquely be written as 2 = g° where 0 < e < p. Rewriting equation [37.8-1 as a2 = (g°)” = g?* =a it is 
apparent that the quadratic residues are the even powers of g. The non-residues are the odd powers of 
g. All generators are non-residues. 


Let us compute f(x) := «—/? for both residues and non-residues: With a quadratic residue g?° we 
get f(g?°) = g?e-Y)/2 = 1° = 1 where we used g?~! = 1. With a non-residue a = g", k odd, we get 
f(a) = f(g") = g*-Y/? = —1 where we used g'?—)/? = —1 (the only square root of 1 apart from 1 is 
—1) and —1* = —1 for k odd. 


Apparently we just found a function that can tell residues from non-residues. In fact, we rediscovered 
the so-called Legendre symbol usually written as ooh surprising result (proved by Gauss) about the 


Legendre symbol is the law of quadratic reciprocity: let p and q be distinct odd primes, then 


(2) — (-1' (2) (37.8-2) 


Moreover, 
Sty) = pst of +1 if p=1 (mod 4) 
}) = ee { —1 if p=3 (mod 4) (37.8-3) 
and 
2 _ p2-1 _ +1 if p=+l (mod 8) 
() i aan { -1 if p=+3 (mod 8) (37.8-4) 
Further, 
3 
.) = 1 <} p=+lmod 12 (37.8-5) 
and 
—3 
(=) : p=2, p=3, orp=1mod3 (37.8-6) 


If a is a quadratic residue modulo p then the polynomial «x? — a factors as (x — r1)(a — re) where r? =a 
and r3 =a. Modulo 41 = 4-10 +1 minus one is a quadratic residue and we have x? +1 = (a —9)(a—32). 
The polynomial x? + 1 with coefficients modulo 43 = 4-10 +3 is irreducible. 


The relation between the Legendre symbols of positive and negative arguments is 
—a p=1 (a +(£) if p=4k+1 
aa — (-1)2 a) = eS 37.8-7 
( D ) (—1) (2) { = if p=4k+3 ( ) 
Modulo a prime p = 4k +38, if +a is a square then —a is not a square. The orders of any two elements 


+a and —a differ by a factor of two. Non-residues can easily be found: the number —(b7) is a non-residue 
for all b. 


[fxtbook draft of 2008-January-19] 


750 Chapter 37: Modular arithmetic and some number theory 


Modulo a prime p = 4k +1, if +a is a square then —a is also a square. The orders of two non-residues 
+a and —a are identical. The orders of two residues +a and —a can be identical or differ by a factor of 
two. 


A special case are primes of the form p = 2” +1, the Fermat primes. Only five Fermat primes are known 
today: 2'+1=3, 2?+1=5, 244+1=17, 22 +1 = 257 and 2!© + 1 = 65537. To be prime the exponent 
x must actually be a power of two. The primitive roots are exactly the non-residues: the maximal order 
equals R = y(p) = 2”. There are y(y(p)) = 2”~! primitive roots. There are (p — 1)/2 = 2*~! squares 
which all have order at most R/2. Remain 2*~' non-residues which must all be primitive roots. 


b\a 0 2 4 6 8 10 12 14 16 18 20 22 24 26 28 30 32 34 36 
0: 0+00000000000000000000000000000000000 
1d: +e e¢ + ¢ + ¢¢+ ¢+¢+ ¢+4¢+ ¢+4¢ + ¢ + ¢¢+ ¢¢¢¢ ¢+ ¢ 4+ ¢¢+ ¢¢+ ¢ 4+ ¢+ 44+ 4+ 
2: O0+0-0-0+0+4+0-0-0404+0-0-040+0-0-0+0+0-0 
3: 0+ =| OF = OF > 0 F—-0F =] 0-04-04 -04 =0 47-04 —-0 4-0 
4,5 0+04+0+4+0+404+0+0+40404+04040+0404+0+0+04+0+4+0 
5: OF --+04--4+04+--4+04+--4+0+4+--4+04+--+04+--+0+H 
6: O0+0004+0+000+4+0-000-0-000-0+00040+000+40 
7: OF Fo 4+] 20 $4 24+ +--+ 0 Foe HS 0 +e] 75-0 F4¢ 24+ -=04+ 
8: O0+0-0-0+0+4+0-0-0404+0-0-04+0+0-0-0+0+0-0 
9: O+F+0474+04+404F+4F+04F+F4+04+F7+04404+4F04F4F04+7+04+4+04++40 

10: O0+0+000-0+0-04+000-0-0-0-000+0-04+0-000 
114: OF -+t4+4+---4+-04+-4+4+4+---4+-04F+-4+4+4+---4+-04+-4 
12: 0+000-04000-04000-04000-04000-04+000-0 
13° 0+ =] 44 2 =92 2 4-4 Sb OF Soe SS Se ED ES SS Sh 
144: O04+0+0+4+000+4+0-040+4+0-04000+4040+4+0-0-0-000 
15: O+F+0+00-4+00-0--0+4++4+0+4+00-+4+00-0--04+40+4+00 
16: O+F0+0+4040+0+40404+0404+0+0+40404+0+4+04+0+0+0 
17s 044 SS So eS ee Ol oS eS eee ek 
18: 0+000-0+4+000-0-000+0-000+4+04+000-0+4+000-0 
19: O+t--+4+4+4+-4+-4+->---t+4+-04+--4+4+4+4+-4+-4+----4+ 4 
20: 0+0-000-0+4+0+0-000-0+0+0-000-0+0+0-000 


Figure 37.8-A: Kronecker symbols (+) for small positive a and b. 


We will not pursue the issue, but it should be noted that there are more efficient ways than powering to 
compute f and the concept of quadratic residues can be carried over to composite moduli: the so-called 


Kronecker symbol generalizes the Legendre symbol. An efficient implementation for its computation 
(following [83] p.29]) is given in [FXT: kronecker() in'mod/kronecker.cc|: 

int 

kronecker(umod_t a, umod_t b) 


// Return Kronecker symbol (a/b). 
// Equal to Legendre symbol (a/b) if b is an odd prime. 


{ 
static const int tab2[] = {0, 1, 0, -1, 0, -1, 0, 1}; 
// tab2. a & 7] := (-1)7((a72-1)/8) 
if ( 0==b ) return (1==a); 
if ( 0==((alb)&1) ) return 0; // a and b both even ? 
int v = 0; 
while ( 0==(b&1) ) f{ ++v;  b>>=1; } 
int k; 
if ( 0==(v&1) ) k= 1; 
else k = tab2[.a&7]; 
mel (1) 
if ( 0==a ) return ( b>1?70: k); 
v=0; 
while ( 0==(ak1) ) { ++v; a>>=1; } 
if ( 1==(ve1) ) k *= tab2[ b& 7]; // k *= (-1)**((b*b-1)/8) 
if (a&b&2) k=-k; // k = ke(-1)**((a-1)*(b-1)/4) 
umod_t r = a; // signed: r = abs(a) 
a=bi4r; 
b=Y7; 
} 
} 


A table of Kronecker symbols (4) for small a and 6 is shown in figure |37.8-A| It was created with the 


[fxtbook draft of 2008-January-19] 


37.9: Computation of a square root modulo m 751 


program [FXT: mod/kronecker-demo.cc). 
Whether a given number a is a square modulo 2” can be determined via the simple routine [FXT: 


is_quadratic_residue_2ex() in mod/quadresidue.cc : 


bool is_quadratic_residue_2ex(umod_t a, ulong x) 
// Return whether a is quadratic residue mod 2**x 


{ 
if ( x==1 ) return true; 
if ( (%>=3 ) && (1==(ak7)) ) return true; 
if ( (x==2 ) && (1==(ak&3)) ) return true; 
return false; 

} 


A curious observation regarding quadratic residues is that exactly for the 29 moduli 


2, 3, 4, 5, 8, 12, 15, 16, 24, 28, 40, 48, 56, 60, 72, 88, 112, 120, 
168, 232, 240, 280, 312, 408, 520, 760, 840, 1320, 1848 


all quadratic residues are non-prime. This sequence is entry A065428 of [214]. It can be generated using 
the program [FXT: mod/mod-residues-demo.cc). 


See any textbook on number theory for the details of the theory of quadratic residues, [160] and [83] 
for the corresponding algorithms. A method for watermarking that uses quadratic residues is discussed 


in PT]. 


37.9 Computation of a square root modulo m 


37.9.1 Prime modulus 


The square root of a square a modulo a prime p = 4k + 3 can be computed as 


Ja = +ale+d/4 (37.9-1) 


Write (a+))/4)? = qt)/2 — g(e-1)/2+1 — 41.4 = a, if a is not a square then the square root of 
—a is obtained. Similar expressions for square root modulo p are developed in [3]. An algorithm for the 


computation of a square root modulo a prime p (without restriction on the form of p) is given in [83} 
p.32]. We just give a C++ implementation [FXT: sqrt_modp() in mod/sqrtmod.cc): 


umod_t 

sqrt_modp(umod_t a, umod_t p) 

// Return x so that x*x==a (mod p) 

// p must be an odd prime. 

// If a is not a quadratic residue mod p then return 0. 


{ 


if ( 1!=kronecker(a,p) ) return 0; // not a quadratic residue 
// initialize q,t so that p ==q * 2°t+1 

umod_t q; int t; 

n2qt(p, q, t); 

umod_t z=0, n=0Q; 

for (n=1; n<p; ++n) 


{ 
if ( -1==kronecker(n, p) ) 
{ 
Z = pow_mod(n, q, p); 
break; 
} 
} 
if ( m=p ) return 0; 
umod_t y = Z; 
uint r =t; 
umod_t x = pow_mod(a, (q-1)/2, p); 
umod_t b = 


x; 
x = mul_mod(x, a, p); 


[fxtbook draft of 2008-January-19] 


752 Chapter 37: Modular arithmetic and some number theory 


b = mul_mod(b, x, p); 
male CA) 
if ( 1==b ) return x; 
uint m; 
for (m=1; m<r; ++m) 
if ( 1==pow_mod(b, 1ULL<<m, p) ) break; 
} 
if ( m==r ) return 0; // ais not a quadratic residue mod p 


umod_t v = pow_mod(y, 1ULL<<(r-m-1), p); 


y = mul_mod(v, v, p); 
r= m; 

x = mul_mod(x, v, p); 
b = mul_mod(b, y, p); 


37.9.2 Prime power modulus 


For the computation of a square root modulo a prime power p* the Newton iteration can be used (see 


section |28.1.5] on page (543). The case p = 2 has to be treated separately [FXT: sqrt-modpp() in 
mod/sqrtmod.cc]: 


umod_t 

sqrt_modpp(umod_t a, umod_t p, long ex) 
// Return r so that r~2 == a (mod p*ex) 
// return 0 if there is no such r 


umod_t r; 
if ( 2==p ) // case p== 
{ 


if ( false==is_quadratic_residue_2ex(a, ex) ) return 0; // no sqrt exists 
else r=1; // (1/r)*2 =amod 2 


else // case p odd 
{ 


umod_t z=a ip; 
r = sqrt_modp(z, p); 
if ( r==0 ) return 0; // no sqrt exists 


} 
// here r~2 == a (mod p) 


if ( 1==ex ) return fr; 


umod_t m = ipow(p, ex); 
if ( 2==p ) // case p== 
{ 


long x = 1; 
while ( x<ex ) // Newton iteration for inverse sqrt, 2-adic case 
{ 


umod_t z = a; 


z = mul_mod(z, r, m); // ax*r 
z = mul_mod(z, r, m);\ // a*r*r 
z = sub_mod(3, z, m); // 3 - axr*r 
r = mul_mod(r, z/2, m);\ // r*(3 - a*r*r)/2 = r*(1 + (1-a*r*r)/2) 
x *= 2; // (1/r)*2 == a mod 27x 
} 
r = mul_mod(r, a, m); 
} 
else // case p odd 
{ 
umod_t h = inv_modpp(2, p, ex); // 1/2 
long x = 1; 
while ( x<ex ) // Newton iteration 
umod_t ri = inv_modpp(r, p, ex); // 1/r 
umod_t ar = mul_mod(a, ri, m); // a/v 
r = add_mod(r, ar, m); // rta/r 
r = mul_mod(r, h, m); // (rta/r)/2 


[fxtbook draft of 2008-January-19] 


37.10: The Rabin-Miller test for compositeness 753 


x *= 2; // 4x72 == a mod p*x 
} 


return TY; 


37.9.3 Arbitrary modulus 


The square root modulo an arbitrary number can be computed from the square roots of its prime 
power factors using the Chinese remainder theorem (see section on page [FXT: sqrtmodf () 
in mod/sqrtmod.cc : 


umod_t 
sqrt_modf(umod_t a, const factorization &mf) 
// Return sqrt(a) mod m, given the factorization mf of m 


{ 
ALLOCA(umod_t, x, mf.nprimes() ); 


for (int i=0; i<mf.nprimes(); ++i) 


// x{il=sqrt(a) modulo i-th prime power: 
x[i] = sqrt_modpp( a, mf.prime(i), mf.exponent(i) ); 
if ( x[il=-0 ) return 0; // no sqrt exists 


return chinese(x, mf); // combine via CRT 


37.10 The Rabin-Miller test for compositeness 


We describe a probabilistic method to prove compositeness of an integer. 


37.10.1 Pseudoprimes and strong pseudoprimes 


For a prime p the maximal order of an element equals p— 1. That is, for all a 4 0 
a®’-' = 1 modp (37.10-1) 


If for a given number n one succeeds to find an a > 1 so that a®~! 4 1 mod p the compositeness of n 
has been proven. Composite numbers n for which a"~! = 1 mod n are called pseudoprime to base a (or 
a-pseudoprime). For example, for n = 15 one finds 


a: 2 3 4 5 6 7 8 9 10 11 12 138 «14 
a4; 4 9 1 10 6 4 4 610 1 9 4 «1 


We found that 15 is pseudoprime to the bases 4, 11 and 14 which we also could have read off the rightmost 


column of figure |37.6-B]on page 


The bad news is that some composite numbers are pseudoprime to very many bases. The smallest such 
example is number 561 which is pseudoprime to all bases a with gcd(a,n) = 1. Numbers with that 
property are called Carmichael numbers. The first few are 561, 1105, 1729, 2465, 2821, 6601, 8911, ..., 
this is sequence A002997 of [214]. There are infinitely many Carmichael numbers as proved in [7]. Finding 
a base that proves a Carmichael number composite is as difficult as finding a factor. 


A significantly better algorithm can be found by a rather simple variation. We use the numbers q and 
t so that n — 1 =: q- 2* and examine the values b := a4, b?, b+, ..., 6?) = al™-)/2, We say that n is 
a strong pseudoprime to base a if either b = 1 or b* = —1=n-—1 for some e where 0 < e < t. We 
abbreviate strong pseudoprime as SPP. If neither of the conditions holds then n is proven composite. 
Then n is either not a pseudoprime to base a or we found a square root of 1 that is not equal to n — 1. 


[fxtbook draft of 2008-January-19] 


704 


With two different square roots s1,52 modulo n of s 


Chapter 37: Modular arithmetic and some number theory 


ome number z (here z = 1) one has 


si-z = 0 modn (37.10-2a) 
si—-z = 0 modn (37.10-2b) 
si—s2 = (8; +89) (81-82) = 0 modn (37.10-2c) 


So both s; + s2 and s, — Sg are nontrivial factors of n 


if s; A n— sg. Thereby a square root s # —1 of 1 


proves compositeness because both gcd(s + 1,n) and gcd(s — 1,n) are nontrivial factors of n. 


Let B= 2. b2,b4,...,b?'|, then for n prime the sequence B must have one of the following forms: either 
B= LA He (37.10-3a) 
B = (kx,...,*,-1,1,...,1] (37.10-3b) 


where an asterisk denotes any number not equal to 4 
sequence B can also be of the form 


B 
B 


1] (foun 


If one of the latter two forms is encountered then n 


(a"~* £1) or 


t1 mod n (notation as in [160]). For n composite the 


(37.10-4a) 


d square root of 1 not equal to —1) (37.10-4b) 


must be composite. 


With our example n = 15 we have n—1=7-2!, thereby g = 7 and t= 1. We only have to examine the 
value of b. Values of a for which 6 is not equal to either +1 or —1 prove the compositeness of 15. 


a2 3 4 5 6 7 8 9 10 11 12 13 #14 
b:8 12 4 5 6 18 2 9 10 11 3 #7 -!1 
In our example all bases 4 14 prove 15 composite. As n is always a SPP to base a = n—1= —1 we 


restrict our attention to values 2<a<n-—2. 


A pari/gp implementation of the test whether n is a SPP to base a: 


sppq(n, a)= 
{ /* Return whether n is a strong pseudoprime to 
local(q, t, b, e); 
q=n-1; 
t=0; 
while ( 0==bitand(q,1), q/=2; t+=1 ); 
/* here n==2°t*qt1 */ 


b = Mod(a, n)“q; 
if ( 1==b, return(1) ); 
e=1; 
while ( ext, 
if( (b==1) || (b==n-1), break(); ); 
b *= b; 
ett; 
); 
return( if ( b!=(m-1), 0, 1) ); 
} 


base a */ 


The Carmichael number 561 (561 — 1 = 35 - 24, so g = 35 and t = 4) is a SPP to only 8 out of the 558 


interesting bases, and not a SPP for any 2 < a < 20 


as shown in figure |37.10-A] Note that with a = 4 we 


found s = 67 where s? = 1 mod 561 and thereby the factors gcd(67+1, 561) = 17 and gcd(67—1, 561) = 33 


of 561. 


37.10.2 The Rabin-Miller test 


The Rabin-Miller test is an algorithm to prove compositeness of a number n by testing strong pseudo- 


primality with several bases: 


[fxtbook draft of 


2008-January-19] 


37.10: The Rabin-Miller test for compositeness 755 


a=2: b=263 b°2=166 b°4= 67 

a=3: b= 78 b°2=474 b7~4=276 

a=4: b=166 b°2= 67 b°-4= 1 all SPP basis: 
a=5: b= 23 b72=529 b7~4=463 a=50: b=560 
a=6: b=318 b72=144 b7~4=540 a=101: b=560 
a=7: b=241 b°2=298 b~4=166 a=103: b= 1 
a=8: b=461 b°2=463 b~4= 67 a=256: b= 1 
a=9: b=474 b°2=276 b~4=441 a=305: b=560 
a=10: b=439 b72=298 b~4=166 a=458: b=560 
a=11: b=209 b°2=484 b7~4=319 a=460: b= 1 
a=12: b= 45 b72=342 b7~4=276 a=511: b= 1 
a=13: b=208 b°2= 67 b°4= 1 

a=14: b=551 b72=100 b°~4=463 

a=15: b=111 b°2=540 b74=441 

a=16: b= 67 b°2= 1 

=17: b=527 b°2= 34 b°4= 34 

a=18: b=120 b°72=375 b74=375 

a=19: b= 76 b°2=166 b°~4= 67 

a=20: b=452 b°2=100 b~4=463 


Figure 37.10-A: The Carmichael number 561 = 35-24 + 1 is a strong pseudoprime to 8 out of 558 
bases a (right) and no basis 2 < a < 20 (left). 


rm(n, na=20)= 
{ /* Rabin Miller test */ 
local (a); 
for (a=2, nat2, 
if ( a>n-2, break() ); 
if ( 0==sppq(n, a), return(0) ); /* proven composite */ 


)5 
return(1); /* composite with probability less than 0.25*na */ 
} 


It can be shown that for a composite number the probability to be a SPP to a ‘random’ base is at 
most 1/4. Thereby the compositeness of number can in practice quickly be proven. While the algorithm 
does not prove primality, it can be used to rule out compositeness with a very high probability. 


Bases tested: 2 3 5 6 7 10 11 12 13 14 15 17 
91: ] 10 12 17 


133: [2] 11 12 

145: [2] 12 17 
276: [2] 11 13 

286: [2] 3 17 
703: [2] 3 7 

742: [2] 15 17 
781: [2] 5 17 
946: [2] 7 15 
1111: [2] 6 17 
1729: [2] 10 12 
2047: [2] 2 11 
2806: [2] 5 13 
2821: [2] 12 17 
3277: [3] 2 14 15 
4033: [2] 2 17 
4187: [2] 10 17 
5662: [2] 5 17 
5713: [2] 6 14 
6533: [2] 6 10 
6541: [2] 14 15 
7171: [2] 14 17 
8401: [2] 3 10 
8911: [3] 3 12 13 
9073: [2] 12 14 

Figure 37.10-B: All numbers < 10,000 that are strong pseudoprimes to more than one base a < 17 


(omitting bases that are perfect prime powers). 


A list (created with the program [FXT: mod/rabinmiller-demo.cc ) of composites n < 10,000 that are 
SPP to more than one base a < 17 is shown in figure]37.10-B} ‘Uhe table indicates how effective the Rabin- 
Miller algorithm actually is: it does not contain a single number pseudoprime to both 2 and 3. The first 
few odd composite numbers that are SPP to both bases a = 2 and a = 3 are shown in figure 


There are 104 such composite n < 2°”, given in [FXT: data/pseudo-spp23.txt|. This sequence of numbers 


[fxtbook draft of 2008-January-19] 


756 Chapter 37: Modular arithmetic and some number theory 


1,373,653 == 1+ 2°2 * 3°3 * 7 * 23 * 79 

== 829 * 1657 == (1 + 2°2 *3°2 *23) * (1 + 2°73 *3°2 *23) 
1,530,787 == 1+ 2 * 3 * 103 * 2477 

== 619 * 2473 == (1 + 2 *3 *103) * (1 + 273 *3 *103) 
1,987,021 == 1+ 2°2 * 3°2 * 5 * 7 * 19 * 83 

== 997 * 1993 == (1 + 2°72 *3 *83) * (1 + 273 *3 *83) 
2,284,453 == 1+ 2°72 * 3°2 * 23 * 31 * 89 

== 1069 * 2137 == (1 + 2°72 *3 *89) * (1 + 273 *3 *89) 
3,116,107 == 1+ 2 * 3°2 * 7°2 * 3533 

== 883 * 3529 == (1 + 2 *3°2 *7°2) * (1 + 2°73 *3°2 *7°2) 
5,173,601 == 1+ 275 * 5°2 * 29 * 223 

== 929 * 5569 == (1 + 2°75 ¥*29) * (1 + 276 *3 *29) 
6,787,327 == 1+2%* 3 * 7 * 13 * 31 * 401 

== 1303 * 5209 == (1 + 2 *3 *7 *31) * (1 + 2°3 *3 *7 *31) 
11,541,307 == 1+2%* 3 * 7 * 283 * 971 

== 1699 * 6793 == (1 + 2 *3 *283) * (1 + 273 *3 *283) 
13,694,761 == 1+ 273 * 3°2 * 5 * 109 * 349 

== 2617 * 5233 == (1 + 273 *3 *109) ¥* (1 + 274 *3 *109) 


Figure 37.10-C: The first composite numbers that are SPP to both bases 2 and 3. 


25,326,001 == 1+ 2°4 * 3°3 * 5°3 * 7 * 67 
== 2251 * 11251 == (1 + 2 *3°2 *5°3) * (1 + 2 *3°2 *5°4) 
161,304,001 == 1+ 2°6 * 3 * 5°3 * 11 * 13 * 47 
== 7333 * 21997 == (1 + 2°2 *3 *13 *47) * (1 + 2°72 *3°2 *13 *47) 
960,946,321 == 1+ 2°4 * 3 * 5 * 29 * 101 * 1367 
== 11717 * 82013 == (1 + 2°72 *29 *101) ¥* (1 + 2°2 *7 *29 *101) 
1,157,839,381 == 1+ 2°72 * 3°3 * 5 * 401 * 5347 
== 24061 * 48121 == (1 + 2°72 *3 *5 *401) ¥* (1 + 2°73 *3 *5 *401) 
3,215,031,751 == 1+ 2 * 3°4 * 5°3 * 7 * 37 * 613 


== 151 * 751 * 28351 

== (1 + 2 *3 *57°2) * (1 + 2 *3 *5°3) * (1 + 2 *3°74 *5°2 *7) 
3,697,278,427 == 1+ 2 * 373 * 31 * 563 * 3923 

== 30403 * 121609 == (1 + 2 *3°3 *563) * (1 + 273 *3°3 *563) 


Figure 37.10-D: The first composite numbers that are SPP to all bases 2, 3 and 5. 


is entry A072276 of , entry |A001262 gives the base-2 SPPs, and entry|A020229 the base-3 SPPs. We 


note the uneven distribution modulo 12: 
(n%12: num) (1: 75) (5: 9) (7: 18) (11: 2) 


Composites that are SPP to the three bases 2, 3 and 5 are quite rare, figure [37.10-D] shows all 6 such 
composite numbers smaller than 2%? (values taken from [192] which lists all such numbers < 25 - 10°). 
Thereby one can speed up the Rabin-Miller test for small values of n (say, n < 2°?) by only testing the 
bases a = 2,3,5 and, if n is a SPP to these bases, look up the composites in the table. The smallest odd 
composites that are SPP to the first k prime bases up to k = 8 are determined in [140], they are given as 


sequence A006945) of [214]. 


composite SPP to base 
2047 2 
1373653 2, 3 
25326001 2, 3, 5 
3215031751 2, 3, 5, 7 
2152302898747 2, 3, 5, 7, 11 
3474749660383 2, 3, 5, 7, 11, 13 
341550071728321 2, 3, 5, 7, 11, 13, 17 [and 19] 
341550071728321 2, 3, 5, 7, 11, 13, 17, 19 


Note that if the probability of a base not proving compositeness was exactly 1/4 we would find much 
more entries in figure Slightly overestimating the number of composites below N as N, there 
should be about (1/4)? N = N/64 entries, that is 27° ~ 6-10" for N = 2°?, but we have only 6 entries. 
Thereby the Rabin-Miller test is in practice significantly more efficient than one may initially assume. 
Let px, be the probability that a k-bit composite ‘survives’ t passes of the Rabin-Miller test. Then we 


[fxtbook draft of 2008-January-19] 


37.10: The Rabin-Miller test for compositeness 757 


have, as shown in [95], 


Pei < Ke4-VE for k>2 (37.10-5) 


For large numbers, the probability bound on the left hand side is much smaller than 1/4: for example, 
Pi000,1 < 2~8°. Other bounds given in the cited paper are 


Pioo,10 << 27 “4 (37.10-6a) 
p300,5 < 2-°° (37.10-6b) 
Peo. < 2°” (37.10-6c) 


The last bound is stronger than that of relation|37.10-5| Even stronger bounds are given in , especially 
the relation py; <4~* for all k > 2 and t>1. 


Bases nee 2 ° 5 6 10 11 12 13 14 


5 17 
5 5 17 
5 17 
17 


w 


14 
15 


~“N 
D 
o1 
~“N 
cs) 
o 
NNNN ON NN N 
be 
O° 
Bb 
BR 


17 


14 15 
14 
17 


14 15 
14 15 


= 
o 
Ww 
ce} 
~“N 
© 
~“ 
NN 
WwW WwW WWW WwW WwW 
OOo 
BPRERBRBBRP BRRERRRBRRE 
NNNMNNNY NNNNMNNMNMNNY 


10 13 
11 14 15 17 <--= 
11 


15 


ol 
_ 
~“N 
w 
(o>) 
oO 
fre 
ie) 
Www 


2 

2 

2 13 14 
2 

2 14 17 
2 


13 15 
6 10 17 


oO 
~“N 
00 
AJ 
w 
NO 
~“ 
NO 
ao mo 
[op) 
RPRERRRR 


9863461: 2 


Figure 37.10-E: Composites < 10" that are SPP to at least four bases. 


The composites < 10” that are SPP to four or more bases a < 17 are shown in figure [37.10-E] We omit 
values of a that are perfect powers because if n is a base-a SPP then it is also a base-a* SPP for all k > 1. 
The entry for n = 4224533 (marked with an arrow) shows that a number that is not a SPP to two bases 
a, and ag may still be a SPP to the base a; - ag (here a; = 2, a2 = 3). This indicates that one might 
want to restrict the tested bases to primes. All odd composite numbers < 10’ that are SPP to four or 
more prime bases a < 17 are 


Bases tested: 2 3 5 7 11 13 17 


1152271: [4] 3 7 11 «13 
1314631: [4] 5 7 11 13 
2284453: [4] 2 3 7 11 


Note that a number that is a SPP to bases a; and ag is not necessarily SPP to the base a;- ag. An 
example is n = 9,006,401 which is a SPP to bases 2 and 5 but not to base 10: 


9006401: 2 4 5 8 16 18 
All composites < 107 that are SPP to bases 2 and 3 are also SPP to base 6, same for bases 2 and 5. Out 
of six composites < 10” that are SPP to bases 2 and 7 three are not SPP to base 14: 


2 6 7 9 18 


14 
6 9 11 12 18 
13 


14 
14 


Pips 


NNNMDND! 
Ss 
NWNAN 
00000000000 
Re 
MAMNMNANO 


[fxtbook draft of 2008-January-19] 


758 Chapter 37: Modular arithmetic and some number theory 
37.10.35 Implementation of the Rabin-Miller test 


A C++ implementation of the test for pseudoprimality is given in [FXT: mod/rabinmiller.cc’: 


bool 
is_strong_pseudo_prime (const umod_t n, const umod_t a, const umod_t q, const int t) 


// Return whether n is a strong pseudoprime to base a. 
// q and t must be set so that n == q * 2°*t +1 


{ 
umod_t b = pow_mod(a, q, n); 
if ( 1==b ) return true; // passed 
// if ( n-1==b ) return true; // passed 
int e = 1; 
ea ( (b!=1) && (b!=(n-1)) && (e<t) ) 
b = mul_mod(b, b, n); 
ett; 
} 
if ( b!=(m-1) ) return false; // =--> composite 
return true; // passed 
} 


It uses the routine 

void 

n2qt(const umod_t n, umod_t &q, int &t) 

// Set g,t so that n == q * 2°*t+1 

// 1 must not equal 1, else routine loops. 


. qgq=n-1; t=0; 
while ( 0==(q & 1) ) {q >>= 1; ++t; } 
} 


Now the Rabin-Miller test can be implemented as 


bool 

rabin_miller(umod_t n, uint cm/*=0*/) 

// Rabin-Miller compositeness test. 

// Return true of none of the bases <=cm prove compositeness. 

// If false is returned then n is proven composite (also for n=1 or n=0). 
// If true is returned the probability 

// that n is composite is less than (1/4)*cm 


{ 
if ( n<=1 ) return false; 
if ( n < small_prime_limit ) return is_small_prime( (ulong)n ); 
umod_t q; 
int 3 
n2qt(n, q, t); 
if ( 0O==cm ) cm = 20; // default 
uint c = 0; 
while ( ++c<=cm ) 
umod_t a=ct+1; 
// if n is a c-SPP then it also is a c**k (k>1) SPP. 
// That is, powers of a non-witness are non-witnesses. 
// So we skip perfect powers: 
if ( is_small_perfpow(a) ) continue; 
if (a>=n ) return true; 
if ( !is_strong_pseudo_prime(n, a, q, t) ) return false; // proven composite 
} 
return true; // strong pseudoprime for all tested bases 
He 


The function is_small_perfpow() [FXT: mod/perfpow.cc) returns true is its argument is a (small) 


perfect power. It uses a lookup in a precomputed bit-array. 


A generalization of the Rabin-Miller test applicable when more factors (apart from 2) of n— 1 are known 
is given in [40]. Another generalization (named extended quadratic Frobenius primality test) is suggested 


in (96). 


[fxtbook draft of 2008-January-19] 


37.11: Proving primality 759 
37.11 Proving primality 


We describe several methods to prove primality. Only the first, Pratt’s certificate of primality, is applicable 
for numbers of arbitrary form but not practical in general because it relies on the factorization of n — 1. 
The Pocklington-Lehmer test only needs a partial factorization of n —1. We give further tests applicable 
only for numbers of a special forms: Pepin’s test, the Lucas-Lehmer test, and the Lucas test. 


As already said, the Rabin-Miller test can only prove compositeness. Even if a candidate ‘survives’ many 
passes, we only know that it is prime with a high probability. 


37.11.1 Pratt’s certificate of primality 


Only with a prime modulus p the maximal order equals R = p—1. To determine the order of an element 
modulo p one needs the factorization of p—1. Now if the factorization of p—1 is known and we can find 
a primitive root then we do know that p is prime. Thereby it is quite easy to prove primality for numbers 
of certain special forms. For example, let p := 2 - 32° + 1 = 411,782, 264,189,299. One finds that 3 is a 
primitive root and so we know that p is prime. 


eee [2, 3, 8, 199, 1949]] 
2. || 
(3, [2], [2]] 
[ wow] 


[S, (2), [2]] 
2 


[2, 

(5, [2], [2]] 

2 el | 

[1949, [2], [2, 487]] 
2, woo 

(487, [3], [2, 3]] 
[2, 

(3, [2], [2]] 

[2 ] 


Figure 37.11-A: A certificate for the primality of p = 314,159,311. 


In general, the factorization of p— 1 can contain large factors whose primality needs to be proven. 
Recursion leads to a primality certificate in the form of a tree which is called Pratt’s certificate of 
primality. 

A certificate for the primality of p = 314,159,311 is shown in figure |37.11-A| The first line says that 3 
is a primitive root of p = 314159311 and p— 1 has the prime factors 2,3,5,199,1949 (actually, p—1= 
2-3+-5-199-1949 but we can ignore exponents). In the second level (that is, indented by 4 characters) 
appear the prime factors just determined together with their primality certificates: the prime 2 is trivially 
accepted, all other primes are followed by their (further indented) certificates. 

The certificate was produced with the following pari/gp code: 

indprint(x, ind)= 

{ /* print x, indented by ind characters */ 


for (k=1, ind, printi(" ") ); 
print (x); 


pratt(p, ind=0)= 


local( a, pi, f, nf, t ); 


[fxtbook draft of 2008-January-19] 


760 Chapter 37: Modular arithmetic and some number theory 


[314159265358979323846264338327950288419716939937531, [3], \ 
[2, 3, 5, 67, 89, 151, 39829177707048956693, 292001794929603845621939] ] 


(151, [6], (2, 3, 5]] 
[39829177707048956693, [2], [2, 9957294426762239173] ] 
[9957294426762239173, [6], [2, 3, 7, 11, 14153, 385109, 1977139]] 
[14153, [3], [2, 29, 61]] 
[385109, [2], [2, 43, 2239]] 
[2239, [3], [2, 3, 373]] 
(373, [2], [2, 3, 31]] 
[1977139, [3], [2, 3, 109841]] 
[109841, [3], [2, 5, 1373]] 
(1373, [2], [2, 7]] 
[292001794929603845621939, [2], [2, 13, 3157127, 3557296955910619] ] 
[3157127, [7], [2, 7, 225509]] 
[225509, [2], [2, 56377]] 
(56377, [5], [2, 3, 29]] 
[3557296955910619, [3], [2, 3, 47, 673, 6247908971]] 
[673, [5], [2, 3, 7]] 
[6247908971, [2], [2, 5, 624790897]] 
[624790897, [5], [2, 3, 13016477]] 
[13016477, [2], [2, 11, 29, 101]] 
[101, [2], [2, 5]] 


Figure 37.11-B: A shortened certificate for the primality of first prime greater than a -10°°. Here all 
primes smaller than 100 are considered trivially verifiable and not listed. 


if ( p<=2, \\ 2 is trivially prime 
indprint([p, "--"], ind); 
return(); 


\\ p-1i is factored here: 
a = component (znprimroot(p) ,2); 
\\ but we cannot access the factorization, so we do it "manually": 
pi = p-1; 
f = factor(p1); 
nf = matsize(f) [1]; 
t = vector(nf,j, f[j,1] ); f= +t; \\ prime factors only 
indprint([p, [a], t], ind); 
\\ recurse on prime factors of p-1: 
for (k=1, nf, pratt(f[k], ind+4)); 
return(); 
} 
p=nextprime (Pi*1078) 
pratt (p) 


The routine has to be taken with a grain of salt as we rely on the fact that znprimroot(p) will fail for 
composite p: 


? pratt (1000) 
*** primitive root does not exist in gener 


The routine has an additional parameter ind determining the indentation used with printing. This 
parameter is incremented with the recursion level, resulting in the tree-like structure of the output. This 
little trick is often useful with recursive procedures. 


With a precomputed table of small primes (see section [37.3] on page |738) the line 
if ( p<=2, \\ 2 is trivially prime 
can be changed to something like 
if ( (p<=ptable_max) && (ptable[p]==1), \\ trivial to verify 
which will shorten the certificate significantly. A certificate for the smallest prime p greater than 7 - 10°° 


and ptable_max=100 is shown in figure |37.11-B| the output of ‘trivial’ primes is suppressed. We note 
that p = [7 - 10°°] + 20. 


[fxtbook draft of 2008-January-19] 


37.11: Proving primality 761 


Once a certificate is computed it can be verified extremely quickly. Note that this type of primality 
certificate needs the factorization of p— 1 and thus may not be feasible for large values of p. 


37.11.2 The Pocklington-Lehmer test 


Let p—1=F-U where F > U and all prime factors of F' are known. If, for each prime factor q of F, 
we can find ag so that eee = 1 mod p and gcd (anos — 1p) = 1, then p is prime. 


The following implementation removes entries from the list of prime factors q of F' until the list is empty: 


pocklington_lehmer(F, u, c=10000)= 
{ /* Pocklington-Lehmer test for the primality of p=f*utl. 
* Return last successful base, else zero. 
* F must be the factorization of f. 
* Test bases a=2...c 
* Must have u<f. 
*/ 
local(n, f, C, p, t, ct); 
n = matsize(F) [1]; 
f = prod(j=1, n, FLj,1]°F[j,2]); 
if ( f<=u, return(0) ); 
p = f*u + 1; 
C = vector(n, j, (p-1)/F[j,1]); 
ct =n; \\ number remaining prime divisors of f 
for (a=2, c, 
if ( 1==Mod(a,p)*(p-1), 
for (j=1, n, 
if ( C[j]!=0, \\ skip entries already removed 
t = component( Mod(a,p)*C[j], 2); 
if( 1==gcd(t-1, p), 
CLj] = 0; \\ remove entry 
ct -= 1; \\ number of remaining entries 


); 
Ne: 
ds; 


‘ if ( ct==0, return(a) ); 
3 


return( 0); 


We search all primes of the form p = F'-U +1 where F = 100!, U = F —d, and d lies in the range 
1,..., 1000. Only candidates that are strong pseudoprimes to both bases 2 and 3 are tested: 


£=100!; 
F=factor(f); 
{ for (d=1, 1000, 
u=f-d; 
p = f*uti; 
if ( sppq(p, 2) && sppq(p,3), 
q2 = pocklington_lehmer(F, u); 


printi(d, ": "); 
printi(" ", q2); 
print(); 

)5 

) } 
We find five such primes © 8.70978248908948 - 10°1° (in about 10 seconds): 
d: last a 

45: 103 

£18: ret 

B46: 101 

884: 103 


The returned value a, is the one that did lead to the removal of the last entry in CL]. The value is 


smaller with less prime factors of F. Using F = 2°°° we find primes ( 1.07150860718626 - 10°°1) of the 
form p= F-U +1 where U = F—dand 1 <d< 3000 for the following d and maximal aj: 


last a 


[fxtbook draft of 2008-January-19] 


762 Chapter 37: Modular arithmetic and some number theory 


e 5 2481: 3 


111 
132 17 


The search takes about 20 seconds. Discarding candidates that have small prime factors (p < 1,000) gives 
a four-fold speedup. The prime 2°%4° (23949 — 1633) + 1 = 7.59225935 - 107°!° is found within 5 minutes. 


A further refinement of the test is given in [83], see also [67]. 


37.11.3 Tests for n=k2'+1 
37.11.3.1 Proth’s theorem and Pepin’s test 


For numbers of the form p = q-2'+1 with g odd and 2° > q primality can be proven as follows: If there is 


an integer a so that a‘—)/2 = —1 then p must be prime. This is Proth’s theorem. The ‘FFT-primes’ are 
natural candidates for Proth’s theorem. For example, with p := 2°7-29+1 = 4,179, 340, 454, 199, 820, 289 
one finds that a‘-!)/2 = —1 for a =3 so p must be prime. 


Note that Proth’s theorem is the special case F = 2° > k = U of the Pocklington-Lehmer test. 


Numbers of the form 2¢+1 are composite unless ¢ is a power of two. The candidates are therefore restricted 


to the so-called Fermat numbers F,, := 22” +1. Here it suffices to test whether 3 = — 1 mod F,, where 
ee 
pepin(tx)= 
{ 
local(t, F, x); 
t = 2°tx; 
F = 27t+1; 
x = 2°(t-1); 
return( (-1==Mod(3,F)*x) ); 


} 


This test is known as Pepin’s test. As shown in section on page all non-residues are primitive 
roots modulo prime F;,. Three is just the smallest non-residue. 


for (tx=1,12, print(tx," ", pepin(tx))) 
1 1 \\ F_1=5 
2 1 \\ F_2=17 
3 1 \\ F_3 = 257 
4 1 \\ F_4 = 65537 
5 OQ 
... 0 
i2° 0 


No Fermat prime greater than Fy = 65537 is known today and all F,, where 5 < n < 32 are known to be 
composite. 


Note that F,41 has (about) twice as many bits as F,. Further the number of squarings involved in 
the test (t — 1) is (about) doubled. If we underestimate the cost of multiplying N-bit numbers with N 
operations we get a lower bound for the ratio of the costs of testing F,,,, and Ff, of four. Assuming the 
computer power doubles every 18 month and Pepin’s test of F;, is just feasible today we’d have to wait 
three years (36 month) before we can test F;,41. The computation that proved F24 composite is described 


in (Oi). 


37.11.3.2 What to consider before doing the Pepin’s test 


As 24 = —1 mod F, = 2'+1 we see that the order of two equals 2t = 2"+!. The same is true for factors 
of composite Fermat numbers. When searching factors of F;, one only needs to consider candidates of 
the form 1+k2"+?. A routine that searches for small factors of f, can be implemented as: 


ord2pow2(p)= 
\\ Return the base-2 logarithm of the order of two modulo p 
\\ Must have: ord(2)==2*k for some k 


local(m, rx); 


[fxtbook draft of 2008-January-19] 


37.11: Proving primality 763 


rx = 0; 

m = Mod(2,p); 

while ( m!=1, m*=m; rxt++; ); 
return( rx ); 


} 


ftrialx(n, mm=1075, brn=0)= 
\\ Try to find small factors of the Fermat number F_n=27(2°n)+1 


\\ Try factors 1+ps, 1+2*ps, ... , 1+mm*ps where ps=2*(n+2) 
\\ Stop if brn factors were found (zero: do not stop) 
{ 


local(p,ps,ttx,fct) ; 
ps = 2°(n+2); \\ factors are of the form 1+k*ps 
p = psti; \\ trial factor 
ttx = 2*(m+1); \\ will test whether Mod(2,p) “ttx== 
fct = 0; \\ how many factors were found so far 
for (ct=1, mm, 
if ( (Mod(2,p)*(ttx)==1) \\ order condition 
&& ( (rx=ord2pow2(p)) == nt1 ) \\ avoid factors of smaller Fermat numbers 
, /* then */ 
printi(n, ": "); 
printi(p); 
printi(" p-1=",factor(p-1)); 
print(); 
fctt++; 
if ( fct==brn, break() ); 
bite pa; 


return(fct); 


We create a list of small prime factors of F,, for 5 < n < 32 where the search is restricted to factors 
f <1+10°2”*? and stopped when a factor was found: 


for(n=5,32, ftrialx(n, 10°75, 1); ); 
5: 641 p-1=[2, 7; 5, 1] 
6: 274177 p-1=[2, 8; 3, 2; 7, 1; 17, 1] 
9: 2424833 p-1=[2, 16; 37, 1] 
10: 45592577 p-1=[2, 12; 11131, 1] 
11: 319489 p-1=[2, 13; 3, 1; 13, 1] 
12: 114689 p-1=[2, 14; 7, 1] 
15: 1214251009 p-1=[2, 21; 3, 1; 193, 1] 
16: 825753601 p-1=[2, 19; 3, 2; 5, 2; 7, 1] 
18: 13631489 p-1=[2, 20; 13, 1] 
19: 70525124609 p-1=[2, 21; 33629, 1] 
23: 167772161 p-1=[2, 25; 5, 1] 
32: 25409026523137 p-1=[2, 34; 3, 1; 17, 1; 29, 1] 


A list for 5 < n < 300 is given in [FXT: data/small-fermat-factors.txt). Note that an entry 


201: 124569837190956926160012901398286924947521176078042100592562667521 \ 
p-1=[2, 204; 3, 1; 5, 1; 17, 1; 19, 1] 


asserts the compositeness of the number F459, where Pepin’s test is out of reach by far. Indeed, its binary 
representation could not be stored in all existing computer memory combined: F 1 is a logs(Fho1) © 
2701 — 3.9138 - 10°° -bit number. 


The status of the (partial) factorizations of Fermat numbers is given in [149]. 


37.11.4 Tests for n= k2°-1 


37.11.4.1 The Lucas-Lehmer test for Mersenne numbers 


Define the sequence H by Hp = 1, Hy := 2 and H; = 4 H;_, — Hj_2. The Mersenne number n = 2° — 1 
is prime exactly if Hy--2 =0 mod n. The first few terms of the sequence H are 


k: O 1 2 3 4 5 6 7 8 9 10 11 12 
Hk: 1 2 7 26 97 362 1351 5042 18817 70226 262087 978122 3650401 


[fxtbook draft of 2008-January-19] 


764 Chapter 37: Modular arithmetic and some number theory 


The numbers Hy, can be computed efficiently via the index doubling formula H2, = 2 H, : —1. Starting 
with the value H; = 2 and computing modulo n the implementation is a s simple as 


LL(e)= 

{ 
local(n, h); 
n = 2°e-1; 
h = Mod(2,n); 


for (k=1, e-2, h=2*h*h-1) ; 
return( 0==h ); 


} 

? LL(521) 

1 \\ 2°521-1 is prime 

? LL(239) 

O \\ 2°239-1 is composite 
? LL(9941) 

1 \\ 2°9941-1 is prime 

7 


HH 
EK last result computed in 4,296 ms. 
The algorithm is called the Lucas-Lehmer test. 


Note that most sources use the sequence V = 2,4, 14,52, 194, 724, 2702,... that satisfies the same recur- 
rence relation. We have H;, = 4 V, (H is half of V). The index doubling relation becomes V2, = V2 — 2. 


37.11.4.2 What to consider before doing the Lucas-Lehmer test 


The exponent e of a Mersenne prime must be prime, else n factors algebraically as 


[[%@) (3711-1) 


d\e 


where Y;,(2) is the k-th cyclotomic polynomial. For example, for 27 — 1 = 2097151: 


? m=1; fordiv(21,d,y2=subst (polcyclo(d,x) ,x,2) ;m*=y2;print(d,": ",y2)); m 


The factors found are not necessarily prime: here 2359 factors further into 7 - 337. More information on 
the multiplicative structure of b° + 1 can be found in {68}. 


Before doing the Lucas-Lehmer test one should do a special version of trial division based on the following 
observation: any factor f of m = 2° —1 has the property that 2° = 1 mod f. That is 2° —-1=0 mod f, 
so m = 0mod f and f divides m. We further use the fact that factors are of the form 2ek+1 and 
f= + 1 mod 8. The following routine does not try assert the primality of a candidate factor f as this 
would render the computation considerably slower. 


mers_trial(e, mct=10°7, bnf=0)= 

\\ try to discover small factors of the Mersenne number 27e-1 
\\ e@ : exponent of the Mersenne number 

\\ mct : how many factors are tried 

\\. pfq : stop with the factor found (zero: do not stop) 


local(f, fi, ct, fct); 
print ("exponent e=",e); 
print ("trying up to ", mct, " factors"); 
ts \\ factors are of the form 2*e*k+1 
ct=0; 
fct=0; \\ how many factors where found so far 
while (ct < mct, 
f += fi; 
m8 = bitand(f, 7); \\ factor modulo 8 
if ( (1!=m8) && (7!=m8), next(); ); \\ must equal +1 or -1 
if ( Mod(2, f)"e == Mod(1, f), 
print(f, " ", isprime(f)); \\ give factor and tell whether it is prime 
Lotutts: 


[fxtbook draft of 2008-January-19] 


37.11: Proving primality 765 


if ( fct==bnf , break(); ); 


oar 
5 
} 


For m = 210907 _ 1 (3013 decimal digits) we find three factors of which all are prime: 


? e=10007; mers_trial(e,,3); 
exponent e=10007 
trying up to 10000000 factors 
240169 4 
60282169. 1 
py0205513 1 
EK last result computed in 44 ms. 
? ceil((e*xlog(2.0)/log(10.0))) 
3013 \\ m=2*e-1 has 3,013 decimal digits 


Sometimes one is lucky with truly huge numbers: 


? e=2°31-1; mers_trial(e,,1); 
exponent e=2147483647 

trying up to 10000000 factors 
99°257526626031 1 


RK last result computed in 583 ms. 
? ceil((e*xlog(2.0)/log(10.0))) 
646456993 \\ m=2*e-1 has 646,456,993 decimal digits 


? 


Note that we found that m = 2° — 1 is prime if and only if there is no prime f < m where the order of 
two equals e. A special case is sometimes given as follows: if both p=4k+3 and q=2p-+1 are prime 
then q divides 2? — 1 (because the order of 2 modulo g equals p). 


By the way, if both p= 4k+1 and gq =2p+1 are prime then q divides 2? + 1 (because the order of 2 
modulo g equals 2p and 27? — 1 = (2? + 1) (2? —1)). 


37.11.4.3 Lucas-Lehmer test with floats * 


Using the formula cosh(27) = 2 cosh(x)? — 1 we can give a criterion equivalent to the Lucas-Lehmer 
condition as follows: 


cosh Cams log (2+ v3) ) = 0 modMn => Mm isprime (37.112) 


The relation is computationally useless because the quantity to be computed grows doubly-exponentially 
with m: the number of digits grows exponentially with m. Already for m = 17 the calculation has to be 
carried out with more than 18,741 decimal digits: 


? cosh(27 (17-2) *log(2+sqrt (3) )) 
1.8888939581139837726097538478056602 E18741 


The program [hfloat: examples/ex8.cc| does the computations in the obvious (insane) way. Using a 


precision of 32,768 decimal digits we obtain: 


cosh(...)= 
+.18888939581139837726097538478056602859465844315551 \ 
[... about 18,000 digits ...] 
. 5579750039800680284170000000000000 ... 
“(decimal point after 7] 


00000000000000000000000000000000000000000000000000 \ 
[iid 
00000000000000001549695720446140150427588985400185472+10" 18742 


nonzero due to numerical imprecision 
After rounding and computing the modulus the program declares M,7 = 2!” — 1 prime. All this using 
just 4 MB of memory and computations equivalent to about 35 FFTs of length 1 million, taking about 
4 seconds. This is many many million times the work needed by the original (sane) version of the test. 
Even trial division would have been significantly faster. 


The number M3; would need a bigger machine as the computations needs a precision of more than 
300 million digits: 


[fxtbook draft of 2008-January-19] 


766 Chapter 37: Modular arithmetic and some number theory 


? (2° (31-2) *log(2+sqrt(3)))/log(10) /* approx decimal digits */ 
307062001 . 46039800926268312190009204 


Apart from being insane the computation can be used to test high precision floating point libraries. 


37.11.4.4 The Lucas test 


The Lucas-Lehmer test can be generalized for a less restricted set of candidates. The Lucas test can be 
stated as follows (taken from p.131)): 


Let n = k2¢— 1 were k is odd, 2’ > k, n 40 mod 3 and k 4 0 mod 8 (so we must have n = 1 mod 3). 
Then n is prime if and only if H(,+41)/4 = 0 mod n where H is as given above. 


To turn this into an efficient algorithm use the relation (n + 1)/4 = k2*-?. Firstly, compute Hj, as 


described in section [34.1.]]on page [635] 


0 ri 


(Hk, Ay +1] a [Ho, | ? 4 


(37.11-3) 


This is a one-liner in pari/gp: 


? H(k)= return( ([1,2] * [0, -1; 1, 4]*k)[1] ); 
? for (k=0,10,print(k,": "H(k)," = 1/2 * ",2*H(k))) 
GO: 1 1/2 * 2 
: 2 
2 7 


1 1/2 * 4 

2 1/2 * 14 

3: 26 1/2 * 52 
4: 97 1/2 * 194 /* 
5: 362 = 1/2 * 724 
6 
7 
8 
9 
1 


2*772-1 = (1472-2)/2 */ 


: 1351 1/2 * 2702 /* 
: 5042 1/2 * 10084 

: 18817 1/2 * 37634 

: 70226 1/2 * 140452 
0: 262087 = 1/2 * 524174 


2*26°2-1 = (52°2-2)/2 */ 


To compute H;,9:-2 from H;, use (t — 2 times) the index doubling relation Ha, = 2H? —1. The test can 
be implemented as 


H(k, n)= return( (Mod([1,2],n) * Mod([0,-1; 1,4], n)*k) [1] ); 
lucas(k, t)= 
{ 


local(n, h); 
/* check preconditions: */ 
if ( 0==bitand(k,1), return(O) ); \\ k must be odd 
if ( k>=27*t, return(0) ); 
n = k*x2*t-1; 
if ( n43!=1, return(O) ); \\ gcd(3,k)!=0 && gcd(3,n) !=0 
/* main loop: */ 
h = H(k, n); 
for (j=1,t-2, h*=h; ht=h; h-=1; ); \\ index doubling 
: return ( 0==h ); 


Note that the routine returns ‘false’ even for primes if the preconditions are not met. With n = 5-2!7—1 = 
20479 we obtain 


n=20479 k=5 t=12 
H_{k*27j} modulo n 


BR 


BR 
WOUTOIOOWOUINIOD 


36 
33 
83 
58 
43, 
68 
59 
22 
51 
40 


OWONHUBWYROW. 
ONMOWHANFNON 


BR 


which shows that 20479 is prime. Proving n = 5 - 284° — 1 prime takes about 10 milliseconds. The 
following code finds the first value t > 2500 so that n = 5 - 2¢ — 1 is prime: 


[fxtbook draft of 2008-January-19] 


37.11: Proving primality 767 


k=5; +t=2500; while ( 0==lucas(k,t), tt+=1; ); t 


Within 1 second we obtain the result t = 2548. 


37.11.4.5 Numbers of the form n= 24j+7 and n= 247+19 


n: SPP bases a<100,000 (max 5 given) 


1037623: 67191 67192 [--snip--] 
2211631: 6333 7260 8160 16793 21219 21580 2946282799: 
4196191: 9104 26498 93477 3075304399: 
7076623: 3145717759: 
9100783: 3299597407: 
11418991: 44936 3554502799: 
15219559: 3554889199: 
21148399: 4091977039: 
[--snip-—] 4207009999: 
829577839: 
887557999: 4899 33982 46674 62180 
961315183: 
1192222639: 
[--snip-—] 


Figure 37.11-C: Composite numbers n < 2°? of the form n = 247+ 7 that pass the Lucas type test. 
Five of them are strong pseudoprime to some base smaller than 100, 000. 


Numbers of the form n = 247 + 7 satisfy the preconditions of the Lucas test except for the condition 
that 2' > k where n = k2'—1. We test whether H(,+1)/4 = 0 mod n, as in the Lucas test. Note that 
Hy, = Tn(2) where T,,(x) is the n-th Chebyshev polynomial of the first kind. We use the fast algorithm 
for its computation described in section [34.3.djon page [650] for the test routine: 


bool test_7mod24(ulong n) 

{ 
ulong nu = (nti) >> 2; 
umod_t t = chebyT2(nu, n); // == chebyT(nu, 2, n); 
return (0==ul); 


The function chebyT2() is given in [FXT: mod/chebyshevl.cc|. Figure|37.11-C]gives composite numbers 


n < 2°? that pass the test. The complete list of such numbers is given in [FXT: data/pseudo-7mod24.txt , 
there are just 64 entries. There are only five entries that are strong pseudoprimes to any basis a < 100,000, 


all shown in figure |37.11-C 


The data suggests that composites of the form n = 247 +7 that pass the test and are pseudoprime to a 
small base are extremely rare. The implied test would cover 1/8 of all candidates (that are not divisible 
by 2 or 3), as eight numbers (1, 5, 7, 11, 13, 17, 19 and 23) are prime to 24. 


n: SPP bases a<i00,000 


30739: [--snip--] 
153931: 97917619: 
249331: 100079611: 4820 
1575859: 124134067: 
1960243: [--snip--] 
2557627: 36814 49266 49267 86080 2946282799: 
3444403: 3075304399: 
3767347: 26452 79860 94736 3145717759: 
3881179: 47489 67676 72825 73841 84995 87856 3299597407: 
3882283: 3554502799: 
14324491: 3554889199: 
14970499: 4091977039: 
15894163: 4207009999: 


Figure 37.11-D: Composite numbers n < 2°” of the form n = 24k+ 19 that pass the Lucas type test. 
Four of them are strong pseudoprime to some base smaller than 100, 000. 


For numbers of the form n = 24 j+19 we use a different test: here we check whether Ui, 41)/4-1 = 0 mod n 
where Up = 0, U; = 1 and Ux = 4Ug_1 — Up—g2 (the Chebyshev polynomial of the second kind, U,(2), 
evaluated at x = 2). The function for testing is 


[fxtbook draft of 2008-January-19] 


768 Chapter 37: Modular arithmetic and some number theory 


bool test_19mod24(ulong n) 


{ 
ulong nu = ((nt+1) >> 2) - 1; 
umod_t t = chebyU2(nu, n); // == chebyU(nu, 2, n); 
return (0==t); 

} 


were the function chebyU2() is given in [FXT: mod/chebyshev2.cc.. The list [FXT: \data/pseudo- 
2° that pass the test 


19mod24.txt) contains all (155) composites n < 38 st. An extract is shown in fig- 
ure|37.11-D| Just four numbers n < 2°? are also strong pseudoprimes to any base a < 100,000. 

The application of second order recurrent sequences to primality testing is described in [27]: define the 
sequence Wy by 


We = PWr-1-QWi-2, Wo=0, Wi=1 (37.11-4) 


Then n is a Lucas pseudoprime (with parameters P and Q) if W,+1 = 0 mod n, where the sign depends 


on whether D = P? — 4Q is a square modulo n. For both cases considered here we have n = 127 +7, 
D=16-—4=12=4.-3, and 3 is not a square modulo n. The test would be (note that W,, = Un_1(2)) 


bool lucas_7mod12(ulong n) 


ulong nu = n; 
umod_t t = chebyU2(nu, n); 
return (0==t); 


This test is passed by far more composites than the two tests considered here. A primality test combining 
a Lucas-type test and a test for strong pseudoprimality has been suggested in [192]. No composite that 
passes the test has been found so far. 


37.11.4.6 An observation about Mersenne numbers 


An interesting observation about Mersenne numbers is that the following seems to be true: 


M=2°-1 prime = > 3% = —3modM (37.11-5) 
Note that for odd e the condition is equivalent to 3/™/—))/? = —1 mod n and 3 is a non-residue. For prime 
exponents e it can be seen that it is very unlikely to find a composite M, where 3(¥—-))/? = — 1 mod n: 
the number m is a strong pseudoprime (SPP) to base 2 by construction and the right hand side of 
condition says that m is a SPP to base 3. Given the rarity of composites that are SPP to 
both bases (see section [37.10.2] on page [754) the chance to find such a number among the exponentially 
growing Mersenne numbers is very small. Tony Reix, who observed the statement of relation 
independently verified it for prime exponents up to 132499. 


37.11.4.7 Primes that are evaluations of cyclotomic polynomials 


The Mersenne numbers and Fermat_ numbers are actually special cases of numbers obtained as cyclotomic 


polynomials Y,,(a) (see section on page |826) evaluated at x = 2 (sequence |A019320 of [214]). The 


first such numbers are shown in figure |37.11-E] The sequence of values n such that Y,,(2) is prime is 


entry A072226| of [214]: 


3.245 ae 7, 8, 9, 10, 12, 13, 14, 15, 16, 17, 19, 22, 24, 26, 27, 30, 
ai, a2, 84, 38,°40; 42, 46; 49; 56, 61, 62, 65, 69; 77; 78, 80, 85, 86, 
89, 90; 33 98; 107, 120, 122,°126; 127, 129, 133," 145; 150, 158, i65,°170,; 
174, 184, 192, 195, 202, "208, 234, 254, 261, 
Now set N := Y,,(2), testing whether 3—)/? = — 1 mod N seems to prove primality for all values of 
n. Note that for n a power of two the test is Pepin’s test. Information about the primality of Y,,(2) is 
given in [114]. Theorems about factorizations of Y,,(a”) where x is an integer are given in [120], see also 


[63] and [6]. 


[fxtbook draft of 2008-January-19] 


37.11: Proving primality 


769 


n: s=Yn(2) 

223 

3: 7 

4: 5 

5s <3 

6: 3 

7: 127 

8: 17 

9: 73 

10: 11 

11: 23 * 89 = SPP [11] 
12: 13 

13: 8191 

14: 43 

15%" 251 

16: 257 

17: 131071 

18: 3 * 

19: 524287 

20: 5 * Al 

21: 7 * 337 

22: 683 

23: 47 * 178481 

24: 241 

25: 601 * 1801 <--= SPP [29] 
26: 2731 

27: 262657 

28: 29 * 113 

29: 233 * 1103 * 2089 
30: 331 

31: 2147483647 

32: 65537 

33: 599479 

34: 43691 

35: 71 : 122921 

36: 37 109 SPP [17, 19, 23] 
37: 553, * 616318177 

38: 174763 

39: 79 * 121369 

40: 61681 

41: 13367 * 164511353 
42: 5419 

43: 431 * 9719 * 2099863 
44: 397 * 2113 

45: 631 * 23311 = SPP [5] 


46: 2796203 

47: 2351 * 4513 * 13264529 
48: 97 * 673 

49: Sete net 

50: 251 * 405 

51: 103 * 3443 * 11119 

52: 53 * 157 * 1613 

53: 6361 * 69431 * 20394401 
54: 3 * 87211 

55: 881 * 3191 * 201961 
56: 15790321 

57: 32377 _* 1212847 

58: 59 * 3033169 

59: 179951 _ * 3203431780337 


> 61 * 1321 
61: 2305843009213693951 
62: 715827883 
63: 92737 * 649657 
64: 641 * 6700417 
65: 145295143558111 


NNRPRBRBRBRBRBRBRBEE 


COON MOTRBWNFOWOODNDORBRWNB 


4561 

2 * 17 * 193 
1871 * 34511 

19 * 37 

1597 * 363889 

5 * 1181 

368089 

67 * 661 

47 * 1001523179 
6481 

8951 * 391151 
398581 

109 * 433 * 8209 
29 * 16493 

59 * 28537 * 20381027 

31 * 271 <--= SPP [29] 
683 * 102673 * 4404047 

2 * 21523361 

2413941289 

103 * 307 * 1021 

71 * 2664097031 


530713 

13097927 * 17189128703 

2851 * 101917 

13 * 313 * 6553 * 7333 

42521761 

83 * 2526913 * 86950696619 

7 * 43 * 2269 

431 * 380808546861411923 

5501 * 570461 

181 * 1621 * 927001 

23535794707 

1223 * 21997 * 5112661 * 96656723 
97 * 577 * 769 

491 * 4019 * 8233 * 51157 * 131713 
151 * 22996651 

12853 * 99810171997 

53_* 4795973261 

107 * 24169 * 3747607031112307667 
19441 * 19927 

11 * 1321 * ee 
430697 * 647753 

229 * 248749 * 1824179209 

523 * 6091 * 5385997 

14425532687 * 489769993189671059 
47763361 

603901 * 105293313660391861035901 
6883 * 22434744889 
144542918285300809 

2_* 926510094425921 

131 * 3701101 * 110133112994711 


= SPP [7] 


Figure 37.11-E: Evaluations s of the first cyclotomic polynomials at two (left). Entries at prime n are 
Mersenne numbers M,,, entries at n = 2” are Fermat numbers F,. Composites that are strong pseudo- 
primes to prime bases other than two are marked with ‘SPP’. The right columns show the corresponding 


data for evaluations at three. 


[fxtbook draft of 2008-January-19] 


770 


Chapter 37: Modular arithmetic and some number theory 


The primes Y,,(2) are also of interest for number theoretic transforms (see section on page|507) be- 
cause of their special structure allowing for very efficient modular reduction (see section on page|735). 


A prominent example is Yj92(2) = 2°4 — 22 + 1. Note that the order of 2 modulo Y,,(2) equals n. 


The structure of the primes becomes (in base 10) visible if we check evaluations at 10, the first primes 


Y;,(10) are 


1 
1 
1 


WOWOORPrOUWOWORFHK< 
DOORPKFOWOCORNS 


OWOORFROFRFE 


1 
1 
) 
9 


Finally, we do a silly thing: 


0909091 
900900900900990990990991 
9999999900000001 


the factors of Yj7_1(a) over GF(2) are the irreducible binary polynomials of 


degree 7. If we evaluate them as polynomials over Z at x = 10 and select the prime numbers we obtain 


8-digit primes consisting of 


10011101 


10111001 


only zero and ones: 


11100101 11110111 11111101 


The same procedure, with Y35_1(x) and factoring over GF'(3) gives the primes 


101221 102101 
The list is created via 


n=375-1; 


f=lift (factor (polcyclo(n) *Mod(1,3))); 


111121 111211 112111 120011 122021 


f=f[,1]; 


for(k=1, #f, v=subst(f[k],x,10); if(isprime(v), print(v))); 


Further reading 


Excellent introductions int 


[248], and [92]. Primality te 


o topics related to prime numbers and methods of factorization are [200], 
sts and factorization algorithms are also described in [119]. Some of the newer 


factorization algorithms can be found in [83], readable surveys are [167] and [182]. Tables of factorizations 


of numbers of the form b* 4 


t 1 are given in which also contains much historical information. 


It remains to say that a deterministic polynomial-time algorithm for proving primality was published by 
Agrawal, Kayal and Saxena in August 2002 [4]. While this a major breakthrough in mathematics it does 
not render the Rabin-Miller test worthless. Practically, ‘industrial grade’ primes are still produced with 


it, see [66]. Good introduct 
are and p.200ff]. 


37.12 Complex 


Recall that with real numbers the equation x 


ions into the ideas behind the so-called AKS algorithm and its improvements 


moduli: GF(p’) 


2 


—1 has no solution, there is no real square root of 


minus one. The construction of complex numbers proceeds by taking pairs of real numbers (a,b) = a+ib 


together with (component 


wise) addition (a,b) + (c,d) = (a+ c,b+ 4d) and multiplication defined by 


(a, b) (c,d) = (ac—bd, ad+bc). Indeed the pairs of real numbers together with addition and multiplication 


as given constitute a field. 


We will now rephrase the construction in a way that shows how to construct an extension field from a 


given ground field (or base 


field). In the example above the ground field are the real numbers and the 


extension field are the complex numbers. 


[fxtbook draft of 2008-January-19] 


37.12: Complex moduli: GF (p”) 771 
37.12.1 The construction of complex numbers 


Equivalently to saying that there is no real square root of minus one we could have said that the polynomial 
x? +1 has no linear factor. The construction of the complex numbers proceeds by taking numbers of 
the form a+ bi where i was boldly defined to be a root of the polynomial x? + 1. Now observe that if 
we identify a+ bi = bi+a with the polynomial bx + a and use polynomial addition and multiplication 
modulo the polynomial x? + 1 we obtain the arithmetic of complex numbers. Addition is component 
wise, no modular reduction occurs. The multiplication rule can be obtained with polynomial arithmetic: 


(bata) (da+c) = (bd) 2? +(ad+4 be) x + (ac) (37.12-1a) 
= (ad+ bc) x + (ac — bd) (mod x? + 1) (37.12-1b) 
We used the relation x? = —1, so ux? = — u (mod x? +1). Identify x with i in the relations and 


observe that computations with a root (that is not in the ground field) of a polynomial is equivalent to 
computations with polynomials (whose coefficients are in the ground field) modulo the polynomial x? +1. 


When the ground field is the real numbers the story comes to an end: every polynomial of arbitrary 
degree n with complex coefficients has exactly n complex roots (including multiplicity). That is, we 
cannot use the given construction to extend the field C of complex numbers as every polynomial p(2) 
with coefficients in C is a product of linear factors: p(x) = (# — 11) (a — rg)...,(@ — Tn) with rz, € C. 
The field C is algebraically closed. 


If we choose the ground field to be F, = GF(p), the integers modulo a prime p, and an irreducible 
polynomial c(x) of degree n whose coefficients are in F, we get an extension field F,» = GF(p”), a finite 
field with p” elements. The special case of the binary finite fields GF(2”) is treated in chapter [40] on 


page B5]] 


37.12.2 Complex finite fields 


With primes of the form p = 4k + 3 it is possible to construct a field of complex numbers as minus one 
is a quadratic non-residue and so the polynomial x? + 1 is irreducible. The field is denoted by GF(p”). 


The rules for complex addition, subtraction and multiplication are the ‘usual’ ones. The field has p? 
elements of which R = p? — 1 are invertible. The maximal order equals R, so the inverse of and element 
a can be computed as a~! = a®-! = aP ~?. 


For example, the powers of a=1+2—=1+i modulo c=2?7+1=0=3+4+3i% are 


a= 1+1*i 

avt1 = 14+1%*i 

a72 = O+2*i // (1i+x)*(1+x) = x72+2*xt1 == Qext+1 - 1 = 2*x+0 == 0+2*x 
a73 = 142i // (1+x)*(0+2*x) = Q2x72t+2*x == Qex - 2 = Qex-2 == 1+2*x 
a“4 = 2+0*i1 // (1t+x)*(14+2*x) = 24x72+3*xt1 == 3*xt+1 - 2 = 3x-1 == 2+0*x 
a5 = 2+2ei  // ae a 

a°6 = Oti*i // mod(x72+1) mod (3) 

at7 = Q+1*i == at (-1)= 24+1%i 

az78 = 1+0*i == one 

a9 = 14+1*i 

R=maxord==8 == Mat([2, 3]) 

r=ord(a)== 


R/r=1 


Note that the modular reduction happens with both the polynomial x? + 1 and p = 3. The polynomial 
reduction uses 2? = —1. 


With primes of the form p = 4k + 1 it also possible to construct a field GF(p”). But we have to use a 
different polynomial as x? +1 is reducible modulo p and thereby the multiplication rules is different. For 
example, with p = 5 we find that 7? + 2 + 1 is irreducible: 


[fxtbook draft of 2008-January-19] 


772 Chapter 37: Modular arithmetic and some number theory 


? p=5; m=Mod(1,p)*(1+x+x*2); polisirreducible(m) 


1 
a=Mod(1,p) *(1+3*x) 
for (k=1,p°2-1,print("a*",k," = ",component (Mod(a,m)“k,2))) 


a71 = Mod(3, 5)*x + Mod(1, 5) 
a*2 = Mod(2, 5)*x + Mod(2, 5) 
a73 = Mod(2, 5)*x + Mod(1, 5) 
[oe 

The output, slightly beautified: 


>» 


-. 


/ (1+3*x) *(1+3*x) Q*x72+64x+1 == 6ext+1 - (9*x+9) 
/ (1+3*x) *(2+2*x) 6*x72+8*x+2 == 8*x+2 - (6*x+6) Qex-4 == 14+24x 
/ (14+3*x) *(14+2*x) 6*x72+5*xt1 == 5*x+1 - (6*x+6) -x-5 == 0+4*x 
/ an an 

/ mod (x*2+x+1) mod(5) 


-3*x-8 == 2+2*x 


>. 


» 


>» 


> 


/ 
/ 
4xx / 
/ 
/ 


HHROWHWWNORWEARFONANN WOH NE 
FHHEEEEH HHT H HH HHH + He ttt est 
roy 
* 

x 


NNNNNEEEEEERERRHEOON OD OP ONE 


OMMMNMMMMMMMMAMAMMMAAM HM OM M M w 
BWNFOWOONOAOIRBWNEO 


eR FDS EEE ES YD FDS VY 


We see that a = 1+ 32 has the maximal order (24), it is a primitive root. The polynomial reduction 
uses the relation 2? = —(a + 1). 


The values of the powers of the primitive root can be used to ‘randomly’ fill a pxp array. With a® = ut2av 
we mark the entry at row v, column wu with k: 


[411 919 8] 
[10 117 14 15] 
[22 3 2 5 13] 
[16 20 7 21 23] 
[-- 24 6 18 12] 


The position 0,0 (lower left) is not visited. Note row zero is the lowest row. 


As described, the procedure fills an px p array where p is a prime. Working with an irreducible polynomial 
of degree n we can fill a p® x pf x p9 x ... x p® array ife+f+g+...+k=ni: for the exponents that are 
one just choose one polynomial coefficient. For the exponents greater one (say, h) combine h polynomial 
coefficients co, C1, ..., Ch—-1 and use z, =co ta ptcp?t+...cp_1p"?. 


37.12.3 Efficient reduction modulo certain quadratic polynomials 


The polynomial C = 2? + 1 is irreducible for primes of the form 4k +3 (—1 is not a square) 


(ax+b)(Az+B) = (aA)z?+(aB+bA)xr+(bB) (37.12-2a) 
= (@B+bA)x+(-aA+bB) modz?+1 (37.12-2b) 
= ((a+b)(A+ B)—aA-—bB) x+(-aA+bB) (37.12-2c) 


The last equality shows how to multiply two complex numbers at the cost of three real multiplications 
and five real additions instead of four multiplications and two additions. 


The polynomial C = x? + d is irreducible if —d is not a square. We have 


(ax+b)(Az+B) = (aB+bA)z+(-—daA+bB) modz?+d (37.12-3a) 
((a+b)(A+ B)-aA—bB) 2+ (-daA+bB) (37.12-3b) 


If the multiplication by d is cheap (for example, if d = 2) the implied technique can be a gain. 


[fxtbook draft of 2008-January-19] 


37.12: Complex moduli: GF (p”) 773 


The polynomial C := 2? +2 +1 has the roots (—1 + V—3) /2 so it is irreducible modulo p if —3 is not a 
square modulo p. The first few such primes p are 


25 11 17 23 29 41 47 53 59 71 83 89 101 107 113 131 137 149 167 173 179 191 197 227 233 239 


Multiplication modulo C' costs only three scalar multiplications: 


(ax+b)(Az+B) = (aA)2*+(aB+bA)x+(bB) (37.12-4a) 
= (-aA+aB+bA)r+(-aA+bB) mod2?+2+1 (37.12-4b) 
= ((a—b)(B-—A)+06B) «+ (-aA+bB) (37.12-4c) 


For the polynomial C = x? + «+ d use 


(az+b)(Az+B) = (-aA+aB+bA)r+(-daA+bB) modz?+a2+4+d (37.12-5a) 
((a — b) (B— A) +0B) «+ (-—daA+bB) (37.12-5b) 


I 


The polynomial C = x? —x—1 has the roots (1 =e V5) /2, so it is irreducible modulo p if 5 is not a square 
modulo p. The first few such primes are: 
23 7 13 17 23 37 43 47 53 67 73 83 97 103 107 113 127 137 157 163 167 173 193 197 223 227 233 


Multiplication modulo C’ again costs only three scalar multiplications: 


(ax+b)(Az+B) = (aA)2?+(aB+bA)r+(bB) (37.12-6a) 
= (@aA+aB+bA)rz+(aA+bB) modz?—x2-1  (37.12-6b) 
((a+ b) (A+ B)—bB) x+(aA+bB) (37.12-6c) 


With the polynomial C = x? — x — d use 


(ax+b)(Ax+B) (aA+aB+bA)2+(daA+bB) modz?—2-—d_ (37.12-7a) 


= ((a+b)(A+B)—-bB) x+(daA+bB) (37.12-7b) 


For polynomials of the form C = x? — ex — d one has 


(az+b)(Az+B) = (aA)a2?+(aB+bA)x+ (dB) (37.12-8a) 
= (eaA+aB+bA)rt+(daA+bB) moda*—ex-—d (37.12-8b) 
((a+6)(A+B)—[e—ljaA—bB)x+(daA+bB) — (37.12-8c) 


If the multiplications by e — 1 and d are cheap then the last equality can be useful. For example, with 
the polynomial C = x? — 2x — 1 use 


(ax+b)(Az+B) = (2aA+aB+bA)z+(aA+bB) modaz?—22—-1 (37.12-9a) 
(a+b) (A+ B)—bB+aA) 2+(aA+bB) (37.12-9b) 


With C = 27 -—32+1 use 


(az+b)(Ar+B) = (3aA+aB+bA)r+(FaA+bB) moda? —3a+1(37.12-10a) 
((a+ b)(A+ B)-bB+2aA) x+(FaA+bB) (37.12-10b) 


37.12.4 An algorithm for primitive 2/-th roots 


For primes with the lowest k bits set (p = (2* — 1) (mod 2*)) the largest power of two dividing the 
maximal order in GF(p?) (with field polynomial x? + 1) equals N = 2*+!: p = 72* —1 with j odd, so 
pt+1= j2* and p—1= 72* —-2=2(j2*-1 — 1), thereby p? — 1 = 2*+1[j (7 2* — 1)] where the term in 
square brackets is odd. 


[fxtbook draft of 2008-January-19] 


774 


An algorithm for the construction of primitive 2/-th roots in GF(p 


Chapter 37: Modular arithmetic and some number theory 


largest power of two dividing p? — 1 is given in [115] (and also in ): 


Let uz := 0 and for 7 > 2 define 


and (for 7 = 2,3,...,4 


Uj 


For example, with p = 127 we get 


u_j v_j 


OANMOOPWNHU. 


For Mersenne primes p = 2° 


ord(O + i*1) 
ord(8 + i*8) 
ord(103 + coe 
ord(68 + i*87) 
ord(15 + i*41) 
ord(32 + i*82) 
ord(98 + i*38) 


Cows 


33° 
64 
128 
256 


— 1 one has p? 


((uj-1 4: 1)/2) 
((uj1 -1)/2) 


~ {ire 


where all operations are modulo p. Then u; 


U;, 
U;, 


J 


J 


le 
Berle 


(p+1)/4 


if j<a 


(p+1)/4 


if j=a 


if j<a 


if j=a 


1 = (p 


+ 1) (p 


1) = 2¢ (2° — 


O) FOE 9 = 28) x05 


+ iv; is a primitive 2/-th root of unity in GF(p 


2) = getrl (ee * _ 


a where 2° is the 


(37.12-11) 


(37.12-12) 


2), 


1) =: 2%k 


where k is odd. The highest power of two for which a primitive root exists is a = 2°+! which checks with 
our example where p = 127 = 2" — 1. 


37.12.5 Primitive 2/-th roots with Mersenne primes 


p= 131071 = 2717-1 
r3 = 43811 r3°2 = -3 
k: h + i*w = z* (27k) - h + i*r3* wu 
0: h + i*w = +256 + i* -56490 = h + i*r3* +256 ord(.) = 2718 
1: h + i*w = 42 + ix +43811 = h + i*r3* +1 ord(.) = 2717 
2: h + i*w = +7 + i* +44173 = h + i*r3* +4 ord(.) = 2716 
3: h + i*w = +97 + i* -36933 = h + i*r3* +56 ord(.) = 2715 
4: h + i*w = +18817 + i* +43903 = h + i*r3* +10864 ord(.) = 2714 
5: h + i*w = -17636 + i* -35524 = h+ i*tr3* +45327 ord(.) = 2713 
6: h + i*w = -5975 + ix -36232 = h+ itrr3* +30114 ord(.) = 2712 
7: h + i*w = -32446 + ix +44887 = h + i*r3* +58666 ord(.) = 2711 
8: h + ixw = -38713 + ix -16371 = h + i*r3* +3123 ord(.) = 2710 
9: h + i*w = +61109 + i* -46595 = h + i*r3* +24597 ord(.) = 279 
10: h + i*w = +63110 + i* +25098 = h+ i*tr3* -48310 ord(.) = 278 
a1: h + i*w = +35245 + ix +14561 = h + i*r3* -3138 ord(.) = 2°7 
12: h + i*w = -30756 + ix -12111 = h + i*tr3* +50228 ord(.) = 276 
13: h + ixw = -15743 + i* -35732 = h+ itr3* -19124 ord(.) = 275 
14: h + i*tw = -26425 + ix -55712 = h+ i*r3* -1910 ord(.) = 274 
15: h + i*w = -256 + i* +256 = h+ i*r3* +18830 ord(.) = 273 
16: h + i*w = O + ix -1 = h + i*r3* +58294 ord(.) = 2°72 
17: h + i*w = -1 + i* 0 = h + i*r3* 0 ord(.) = 271 
18: h + i*w = +1 + ix 0 = h + i*r3* 0 ord(.) = 270 
Figure 37.12-A: Elements of order 2/ in GF(p?) where p = 2!” — 1 is a Mersenne prime. 


For Mersenne primes p = 2° — 1 a primitive root of order 2° 
can be constructed more directly: first compute /—3 = 34 


compute 1/./2 = 2(¢-))/? which does not require modular reduction. Now 


(1+iv-3 3) 


a 


(1+v3) = 


2 


[fxtbook draft of 2008-January-19] 


‘l (in GF(p?) with field polynomial x? + 1) 


+1)/4 — 32°* by squaring e — 2 times, then 


(37.12-13) 


37.12: Complex moduli: GF (p”) 775 


is an element of order 2°++. The number z is sometimes called the Creutzburg-Tasche primitive root as 
the construction was given in p-200]. We have z? = 2+ V3 =24+4/—3 = H, +iV—3U, and, more 
general 


2 = Hpi tiVv—3Up1 (1<k) (37.12-14) 


Figure |37.12-A|shows the values of the successive 2*-th powers of z in GF(p?) where p = 2!” — 1. 


The sequences H = 2, 7, 97, 18817, ... and U = 1, 4, 56, 10864, ... are those which appear in the Lucas- 
Lehmer test. The order of 22" is 2°+1-*, 


We have Hp; = 2 H? — land HF = 3U? = 1, thereby 


Hay = Hi +3U; (37.12-15a) 
Ua = 2HU; (37.12-15b) 


These are the index doubling formulas for the convergents of the continued fraction of V3. 


37.12.6 Cosine and sine in GF(p”) 


Let z be an element of order n in GF(p”), we would like to identify z with exp(2ia/n) and determine 
the values equivalent to cos(27/n) and sin(27/n) with complex numbers over R. One can set 


2, 244 
a = 2 (37.12-16a) 
n 22 
T 2-1 
isin — = 12-1 
i sin = = (37 6b) 


For the choice of sin and cos both relations exp(x) = cos(a) +7 sin(x) and sin(a)? + cos(2)? = 1 should 


hold. The first check is trivial: a + a =z. The second is also easy if we write 2 for some element 


2 2 2 2 2 2 
that is the square root of —1: (44+)? + (4+)? = G +) -¢ Y= 1, 
For the 2/-th roots in GF(127) we obtain 
O: utix*xv= + ix 0 cos= 1 ixsin= 0 
1: utixv= 126 + ix 0 cos= 126 ixsin= 
2: utix*xv= O+ i*t 1 cos= 0) ixsin= 1*i 
3: uti*v= + ix 8 cos= 8 ixsin= 8*i 
4: utixv= 103 + i*21 cos= 103 ixsin= 21*i 
5: utixv= 68 + i*87 cos= 68 ixsin= 87*i 
6: utixv= 15 + ix41 cos= 15 ixsin= 41*i 
7: utixv= 32 + i*82 cos= 32 ixsin= 82*i 
8: utixv= 98 + 1*38 cos= 38*i i*sin= 98 


Note how the i swaps side with the element of highest order 2°. 


The simple construction allows us to mechanically convert fast Fourier (or Hartley) transforms with ex- 
plicit trigonometric constants into the corresponding number theoretic transforms. The idea of expressing 
cosines and sines in terms of primitive roots was taken from |228)}. 


37.12.7 Cosine and sine in GF(p) 


What about primes of the form p = 4k +1 that are used anyway for NTTs? The same construction 
works. The polynomial x? + 1 is reducible modulo p = 4k + 1, equivalently, —1 is a quadratic residue so 
its square root lies in GF(p). We could say: 7 is real modulo p if p is of the form 4k + 1. 


In the implementation [FXT: class mod in mod/mod.h the cosine and sine values are computed from 
the primitive roots of order 2. The program [FXT: mod/modsincos-demo.cc, generates the list of 2’-th 
roots and inverse roots shown in figure |37.12-B 


[fxtbook draft of 2008-January-19] 


776 Chapter 37: Modular arithmetic and some number theory 


modulus= 257 == 0x101 

modulus is cyclic 

modulus is prime 

bits(modulus)= 8.0056245 == 9 - 0.99437545 
euler_phi(modulus)= 256 == 0x100 == 278 
maxorder= 256 == 0x100 

maxordelem= 3 == 0x 

max2pow= 8 (max FFT length = 2**8 == 256) 
root2pow(max2pow)=3 root2pow(-max2pow)=86 
sqrt(-1) =: i = 241 


8 Z= 3 = ( 173 + 87) = (173 + 107*i) 
7 Z= 9 = ( 233 + 33) = ( 233 + 14*i) 
6 z= 81 = ( 123 + 215) = ( 123 + 99x*i) 
5 z= 136 = ( 188 + 205) = ( 188 + 196*i) 
4 z= 249 =( 12 + 237) = ( 12 + 194*i) 
3 z= 64 = ( 30 + 34) = ( 30 + 30*i) 
2 z= 241 = ( 0 + 241) = ( 0) + 1*i) 
1: z= 256 = ( 256 + 0) = ( 256 + O*i) 
0: z= 1 = ¢ 1 + 0 = ¢ 1 + O*i) 
-1: z= 256 = ( 256 + 0) = ( 256 + O*i) 
-2 z= 16 =( oO + 16) = (€ O- + 256i) 
-3 z= 253 = ( 30 + 223) = ( 30 + 227*i) 
-4 z= 32 =( 12 + 20) = (¢ 12 + 63x*i) 
m5 z= 240 = ( 188 + 52) = ( 188 + 61*i) 
-6 z= 165 = ( 123 + 42) = ( 123 + 158*i) 
-7 z= 200 = ( 233 + 224) = ( 233 + 243*i) 
-8 z= 86 = ( 173 + 170) = ( 173 + 150*i) 


Figure 37.12-B: Roots of order 2 modulo p = 257 = 28 +1. 


Again we can translate a given FFT implementation in a mechanical way. 


An element modulo a prime p = k- 2 + 1 whose order equals 2¢ can be found by the following algorithm 
even if the factorization of k is not known: : 

bet 
Choose random a where 1 < a < p—1 and compute s = a", if -—1 = s? then return s, else try another a. 


The algorithm will terminate when the first element a is encountered whose order has the factor 2°. 
Demonstration in pari/gp: 
el2(k, t)= 
{ 
local(p, s); 
p=k*27t+1; 
for(a=2, p-2, 
s=Mod(a,p)~k; 
if( Mod(-1,p)==s*(27(t-1)), return( s ); ); 
)5 


With p = 314151729239163 - 27° + 1 the algorithm terminates after testing a = 5 (of order (p—1)/3) and 
returning s = 18583781386455525528042 whose order is indeed 27°. 


In general, if p= u- f +1, ged(f,u) = 1 and f = [[p;* is fully factored then an element of order f can 
be determined by testing random values a: 


1. Take a random a and set s = a”. 
2. If s//?* #1 for all prime factors p; of f, then return s (an element of order f). 
3. Go to step 1. 


[fxtbook draft of 2008-January-19] 


37.12: Complex moduli: GF (p”) 777 


37.12.8 Decomposing p= 4k+1 as sum of two squares 
37.12.8.1 Direct computation 


The direct way to determine u and v with n = u? + v? is to check (for v = 1, 2, ..., |\/n]) whether n—v? 
is a perfect square. If so, return u = Vn — v2 and v: 


sumofsquares_naive(k, t)= 
{ /* return [u,v] so that u°2+v*2==p =k*2*t+1 */ 
local(n, w); 
n = k*x27*t+1; 
for (v=1, sqrtint(n), \\ search until n-v*2 is a square 
w=n-v2; 
if ( issquare(w), return( [sqrtint(w), v] ) ); 
)5 
return (0); \\ not the sum of two squares 


} 


The routine needs at most |,/n| steps which renders it rather useless for n large: With the prime 
n = 314151729239163-27°+1 ~ 2-107? we have n = u?+v? where u = 132599472793 and v = 59158646772 
and the routine would need v steps to find the solution. The method described next finds the solution 
immediately. 


37.12.8.2 Computation using continued fractions 


The square root i of —1 can be used to find the representation of a prime p = 4k +1 as a sum of two 
squares, p = u? + v?, as follows: 


1. Determine i where i? = —1 modulo p. If i > p/2 then set i = p—i. 


2. Compute the continued fraction of p/i, it has the form [a9, a1,...,@n,@n,---; 1, Qo]. 


3. Compute the numerators of the (n—1)-st and the n-th convergent, P,,; and P,. Return u = P,_1 
and v = Py. 


Assume that p= k- 2+ 1 where t > 2. Use an element of order 2° to find a square root of —1: 


imag4k1(k, t)= 
{ /* determine x so that x*2=-1 modulo p=k*2*t+1 */ 
local (s); 
s = el2(k, t); 
s = s°(2°(t-2)); 
return( s ); 


Then 


sumofsquares(k, t)= 
{ /* return [u,v] so that u°2+v*2==p =k*2*t+1 */ 
local(i, s, p, cf, q, u, v); 
i = component( imag4k1(k, t), 2); 
p = k*2°t+1; 
if ( i>=p/2, i = p-i ); 
= contfrac(p/i) ; 
= vector(length(cf)/2, j, cf[j]); 
q = contfracpnqn(cf) ; 
u=qli, 1]; v=ql[1, 2]; 
return( [u, v] ); 


f 
cf 
cf 


} 
An example, for p = 2281 we obtain 
i 
i 


1571 \\ square root of -1 
710 \\ choose smaller square root 


cf = [3, 4, 1, 2, 2, 1, 4, 3] \\ == contfrac(2281/710) 
cf = [3, 4, 1, 2] \\ first half on contfrac 
= contfracpnqn(cf) = 


[45 16] \\ == [P_4, P_3] 


[fxtbook draft of 2008-January-19] 


778 Chapter 37: Modular arithmetic and some number theory 


[14 5] \\ == [Q_4, Q_3] (unused) 
u=45; v=16; \\ u72 + v72 = 2025 + 256 = 2281 


37.12.8.3 A memory saving version 
An algorithm that avoids storing the continued fraction comes from the observation that u and v appear 
in the calculation of gcd(p,i). With 
gcd_print(p, i)= 
{ 
local( t, s ); 


if ( p<i, t=p; p=i; ist; ); 
s = sqrtint(p); 


while ( i, 
print (" , p> " Lo i); 
t=pda; pi; dat; 
)3 
} 
and p = 2281, 1 = 710 we obtain 
u Vv 
2281 710 
710 151 
151 106 
106 45 
45 16 <--= 
16 13 
13 3 
3 1 


The marked pair is the first where u? < p. The resulting routine is 


sumofsquares_gcd(k, t)= 
{ /* return [u,v] so that u°2+v*2==p =k*2*t+1 */ 
local(s, p, i, w); 
i = component( imag4k1(k, t), 2); 
p = k*2°t+1; 
if ( i>=p/2, i = p-i ); 
w = sqrtint(p); 
while ( i, 
if ( p<=w, return( [p,il] ) ); 
t= phais pig 2%; 
oy 
: return( [0,0] ); \\ failure 


We note that by the relation a? +b? = (a+ib) (a—ib) we can use the decomposition into two squares to 
obtain the factorization of a number over the complex integers. For example, we have 3141592653 = 3 - 
107-9786893 (over Z) where the greatest prime factor is of the form 4k+1. Using 9786893 = 23177 +2102? 
one can obtain 3141592653 = —7-3- 107 - (2317 + 21027) - (2102 + 2317). Pari/gp has a builtin routine 
for this task: 


? factor (3141592653+0*1) 
[-I 1] [3 1] [107 1] (2317 + 2102*I 1] [2102 + 2317*I 1] 


37.13 Solving the Pell equation 


Simple continued fractions can be used to find integer solutions of the equations 


g—dy = +1 (37.13-1a) 
o—dy? = -1 (37.13-1b) 
Equation |37.13-la| is usually called the Pell equation. The name Bhaskara equation (or Brahmagupta- 


Bhaskara equation, used in [160]) seems more appropriate as Brahmagupta (ca. 600 AD) and Bhaskara 
(ca. 1100 AD) were the first to study and solve this equation. 


[fxtbook draft of 2008-January-19] 


37.13: Solving the Pell equation 779 


37.13.1 Solution via continued fractions 


The convergents P;,/Q; of the continued fraction of Vd are close to Vd: (Px/Qx)? © d. If we define 


ex, := P?2 — dQ? then solutions of relation |37.13-la] correspond to ex, = +1, solutions of |37.13-1b] to 


ee = —1. 


As an example we set d = 53. The continued fraction of /53 is 


CF(V53) = (7, 3,1,1,3,14, 3,1,1,3,14, 3,1,1,3,14, ...] (37.13-2a) 
(7; 3,4, 1,3,44) (37.13-2b) 


We observe that the sequence is periodic after the initial term and the last term of the period is twice 
the initial term. Moreover, disregarding the term 14, the terms in the period form a palindrome. These 
properties actually hold for all simple continued fractions of square roots Vd with d not a perfect square, 
for the proofs the reader is referred to either or [160]. For the computation of the continued fraction 
of a square root a specialized version of the algorithm from section on page will be most 
efficient. 


k Qk Py, Qk Ce c= 
Pa dQ 
-l:) - 0 1 +1 
0: 7 7 1 —4 
1: 3 22 3 +7 
2: 1 29 4 —7 
3: 1 51 7 +4 
A: 3 182 25 —1 
5: | 14 2599 357 +4 
6: 3 7979 1096 —7 
a 1 10578 1453 +7 
8: 1 18557 2549 —4 
9: 3 66249 9100 +1 
10: | 14 946043 129949 —4 
11: 3 2904378 398947 +7 
12: 1 3850421 528896 —7 
13: 1 6754799 927843 +4 
14: 3 24114818 3312425 —1 
15: | 14 | 344862251 | 47301793 +4 


Figure 37.13-A: The first convergents P,/Q, of the continued fraction of 53. 


The table shown in figure [37.13-A] gives the first convergents P,/Q;, together with e;, := P? —dQ? (d= 
53). The entry for k = 4 corresponds to the smallest solution (x, y) of z?—53 y? = —1: 1827-53-25? = —-1. 
Entry k = 9 corresponds to 66249? — 53 - 9100? = +1, the smallest nontrivial solution to x? — 53 y? = +1 
(the trivial solution is (P_;,Q_1) = (1,0)). 


With d = 19 we obtain the continued fraction 
CF(V19) = [4, 2,1,3,1,2,8, 2,1,3,1,2,8, 2,1,3,1,2,8, ...] (37.13-3a) 
[4, 2,1,3,1, 2,8] (37.13-3b) 


with period length | = 6. The corresponding table (figure|37.13-B) contains solutions with e, = +1 but 
none with e, = —1: 


Let e correspond the minimal nontrivial solution of x? — dy? = +1, if e = +1 then no solution for 
x”? — dy* = —1 exists. Nontrivial solutions with e = +1 always exist, solutions with e = —1 only exist 
when the period length 1 of the continued fraction of Vd is odd. The period length I is always odd for 


[fxtbook draft of 2008-January-19] 


780 Chapter 37: Modular arithmetic and some number theory 


k Gk Py Qk €k i= 
Pe - dQ 
—l:]) - 0 1 +1 
0: 4 4 1 —3 
1: 2 9 2 +5 
2: 1 13 3 —2 
3: 3 48 11 +5 
4: 1 61 14 —3 
5: 2 170 39 +1 
6: 8 1421 326 —3 
16 2 3012 691 +5 
8: 1 4433 1017 —2 
9: 3 16311 3742 +5 
10: 1 20744 4759 —3 
11: 2 57799 13260 +1 
12: 8 483136 110839 —3 


Figure 37.13-B: The first convergents P/Q, of the continued fraction of 19. 


primes of the form p= 4k+1 and never for numbers of the form n = 4k+3 and 4k. If any factor f; of d 


is of the form f; = 4k+3 then no solution with e = —1 exists, because this would imply x? = —1 mod f; 
but —1 is never a quadratic residue modulo f; = 4k + 3 by relation |37.8-3]on page 
However, all prime factors being f; = 1 mod 4 does not guarantee that e = —1, the smallest examples 


of the form 4k + 3 so that 2? — dy? = —1 has no solution is entry A031399| of [214]: 


4, 8, 16, 20, 25, 32, 34, 40, 52, 64, 68, 80, 
100, 104, 116, 128, 136, 146, 148, 160, 164, 169, 178, 194, 
200, 205, 208, 212, 221, 232, 244, 256, 260, 272, 289, 292, 296, ... 


are 205 = 5-41, 221 = 13-17, 305 = 5-61, and 377 = 13-29. The (4031390 of numbers d with no factor 


37.13.2 Powering solutions 


Let (2, y) = (Pm, Qm) be a solution of relation |37.13-1b] (em = —1) then (x,y) := (Pp, Qp) where 


Py a= Pad, (37.13-4a) 
Qn = 2PnrQm (37.13-4b) 
is a solution of|37.13-la|(e, = +1). If (Pm,Qm) is the smallest solution with e := em = —1 then (Py, Qp) 


is the smallest solution with e, = e? = +1. If (Pm, Qm) is the smallest solution with e = +1 then (P,, Qp) 
is the second smallest solution with ep = +1. 


With our example from figure|37.13-A} (Pm, Qm) = (Pa, Qa) = (182,25) and 


P, 1827+ 53-257 = 66249 = Py (37.13-5a) 
Qn := 2-182-25 = 9100 = Qg (37.13-5b) 


If the period length of the continued fractions equals | then m = 1—1 and p = 2!1—1. Alternative 
expressions for P, are 


P, = 2P? —-e = 2dQ?, +e (37.13-6) 


This can be seen as follows: P, +0 = P, +e—e = (P?, +dQm) + (P?, —dQm) — € and (second relation) 
P? =dQ?, +e. 


[fxtbook draft of 2008-January-19] 


37.14: Multigrades * 781 


Further (P:,Q:) where 


Pe a= Pe (Ph 3dQ,,) (37.13-7a) 
QO = Qa (Gh. +1Q;,) (37.13-7b) 


is the second smallest solution with e, = e? = —1. With our example P; = 24114818 and Q; = 3312425 
(and t = 14 = 31-1). Alternative forms for P; and Q; are 


P= Pa (4 PS — 38) (37.13-8a) 
Qe = Qm (4P2—©) = Qm (4dQ?, +30) (37.13-8b) 
Note that relations |37.13-4a] and |37.13-4b| are just the numerator and denominator of the second order 


iteration for Vd (relation]28.2-2a]on page|544). 


Relations |37.13-7aJ and |37.13-7b| correspond to the third 
order iteration (relation |28.2-2b]on page|544). 


If the pair (x,y) is a solution of relation |37.13-la| then (T;,(x),yUn_1(x)) is also a solution, where T), 
and U,, are the Chebyshev polynomials of the first and second kind: 


Tr (2) — d(yUn-1(2))? 
Tp (2) — (2* — 1) Un-1(2)? 


The last equality is relation |34.2-25| on page Similarly, if (x,y) is a solution of |37.13-1b} then 
SB thon por 


Tr(a) — dy? Una(x)? = (37.13-9a) 
1 (37.13-9b) 


(T+ (zx), yU;*_,(x)) is also a solution, by equation |34.2-30]on page 


37.14 Multigrades * 


Let a, a+ 1 be any two successive numbers, then a? = (a + 1)° (wow!). Let a,a+1,a+2,a+3 any 
four successive numbers, then a! + (a+3)' = (a+1)'+4+ (a+ 2)! (still not really exciting). We write the 
relations as ‘prototypes’: 


q = J (37.14-1a) 
o+3' = 1°42! (37.14-1b) 

We also have 
O?+32+5%+6% = 17427447477 (37.14-1c) 

and 
os 4-5 4e eit hi 4 ie = Pee ae er ae a ie ie (37.14-1d) 
O* + 3* + 5° 46" +9" + 10° + 19° + 15* + 17* + 18* 4+ 20° + 23* + 24° 4-97" + 20*430% = (87.1416) 
= 144244464 74484 +4114 + 13* 4 144 + 164 + 19* + 21* + 224 + 25% + 26* + 28* + 314 

In general, for a fixed exponent k > 0, let s = 2**! and partition the set {0, 1, 2,3, ..., s —1} into two 


sets So, $1 so that Sp contains all elements 7 (0 < j < s) with parity zero, S; the elements with parity 
one. Then for d € C, 


S> (a+d)* = > (b+a)" (37.14-2) 


a€So bESy 
An example, for k = 2 we have Sp = {0, 3, 5, 6}, Si = {1, 2, 4, 7} and so 


(04+ d)?4+ (344)? +(54+d)?4+(64+d)? = (14+4)?4+(24+4)?+(444)?4+ (744)? (37.143) 


[fxtbook draft of 2008-January-19] 


782 Chapter 37: Modular arithmetic and some number theory 


Compare to relation |37.14-1c| The prototypes for the exponent & are also valid for all positive integer 
exponents less than k and the exponent zero. 


The equations given are special solutions of the so-called multigrades or Prouhet-Tarry-Escott problem: 
Find two sets A and B such that for a given k 


Se = FSG Ik (37.14-4) 


acA beEB 


Both sets have the same number n of elements. This is a (k,n)-multigrade. We found solutions of (k, 2*)- 
multigrades with the special property that the union of both sets contains 2" successive numbers. The 
shift invariance holds again, it is a property of all multigrade solutions. 


Multiplying the symbolic entries in a prototype gives a valid prototype which again is shift invariant. 
This means that, for example, relation |37.14-1c]can be interpreted as 


(Om+d)*¥ + (3m 


d)¥+(6m+d)* = (37.14-5) 
= (lIm+d)F+(2 


= 


+ d)* + ( 
for k € {0,1,2},d€ CandmeC. 


Adding and subtraction shifted versions of the prototypes gives more prototypes. We subtract from 
relation |37.14-1c]the shifted by one version with swapped sides: 


4 (0? ae 32 a 52 ae 62 — 12 Lif 92 4 4? aif. fia 
(2 32 52 Q2 _ 12 4? 6? Ty) 


Giving 2 - 2? + 8? = 0? + 2-67. We can divide all symbolic entries by two and get: 
2-17447 = 0742.3? (37.14-6) 
which really is 
2-(lIm+d)¥+(4m4+d)* = (Om+d)*+2-(3m+d)* (37.14-7) 


for k € {0,1,2},d€ CandmeC. 


37.15 Properties of the convergents of \/2 * 


We give some number theoretical properties of the convergents of the continued fraction of V2. 


Define Po := 1, Py := 1, Ph := 2Py-1 t+ Pn—2, Qo := 0, Qi := 1 and Qy := 2Qn-1 + Qn—2. Then 
Prii/Qn+1 is the n-th convergent of V2: 


n: 12 3 4 5 6 7 8 9 10 11 12 13 14 15 
Po: 1 3 7 17 41 #99 239 577 1393 3363 8119 19601 47321 114243 275807 
Qn: 1 2 5 12 29 70 169 408 985 2378 5741 13860 33461 80782 195025 


37.15.1 Pythagorean triples with difference one 


Pythagorean triples are solutions of the Diophantine equation a? +b? = c?. All primitive (a, b,c coprime) 


solutions can be obtained by choosing coprime x and y and setting a := 2x y, b:= x7—y?, and c:= a7+y’. 
There are Pythagorean triples where a and b differ by one, the first few are given in figure|37.15-A| The 
list can be obtained using a, = (Pan—1 — 1)/2, by = an +1 and cy = Qan-t: 


[fxtbook draft of 2008-January-19] 


37.15: Properties of the convergents of \/2 * 


783 


n: a°2+ b°2 =c72 

1: 072 +172 = 172 

2: 3°2 + 472 = 5°2 

3: 20°72 + 2172 = 29°2 

4: 11972 + 120°2 = 16972 

5 : 69672 + 69772 = 98572 

6 : 405972 + 406072 = 574172 

7 : 2366072 + 2366172 = 3346172 

8 : 13790372 + 13790472 = 19502572 

9 : 80376072 + 80376172 = 113668972 
10 : 468465972 + 468466072 = 66251097 
141: 2730419672 + 2730419772 = 3861396572 
12 : 15914051972 + 15914052072 = 2250586817 
13: 92753892072 + 92753892172 = 131173812172 
14 : 540609300372 + 540609300472 = 764537004572 
15 : 3150901910072 + 3150901910172 = 4456048214972 


Figure 37.15-A: Solutions of a? + b? = c? with b—a=1. 


P(n)=( ([1,1]*(0,1;1,2]°n) [1] ); 
Q(n)=( ([0,1]*[0,1;1,2]°n) [1] ); 
pythi (k)= 
{ /* return [a,b,c] where a*2+b~2=c*2 and b=at1 */ 
local(p,q); 
p = (P(2*k-1)-1)/2; 
q = Q(2*k-1); 
return( [p, pti, ql] ); 
} 


Or with the equivalent 


pyth2(k)= 

{ /* return [a,b,c] where a*2+b~2=c*2 and b=at1 */ 
local(x,y); 
x = P(k); y=Q(k); 
return( [x*2-y°2, 2#x*y, x°2+y*2] ); 


37.15.2 Solutions of 74+4-24=c’+1land «*-yt=c'd 


> 


>») 


% SHOOM RAIS 
» 


OOD »> 
COCO EAA Il Il I Il 


a 
BS 
mT 
NA 
80000 
NN 


* 
iw) 
Ww 
AJ 


1 
+1 
872 + 
eae 
5433397207 
66815962 


2 
31 
4 + 4*8078274 = 1845755605 
“4 + 4*195025°4 = 107578520 


+1 
+1 

“2 +1 
5072 + 


ORPWHNRFOWOONDOBWNES 


RPReRBRRR 


1 
1 
2 
2 
3 1 


Figure 37.15-B: Solutions of x4 + 424 = c? +1. 


If set dy = (Pon — 1)/2, bp = dy +1 and cy, = Qon then we get ‘almost’ Pythagorean triples: 


n: ac2+bo2 =c72+1 
1: 1°2 + 2°2 = 2°2 +1 
2: 8°2+9°2=12°2 +1 // b=372 a=2*272 
3: 49°2 + 50°2 = 70°2 + 1 // a=7°2 b=2*772 
4: 288°2 + 289°2 = 408°2 + 1 // b=1772 a=2*12°2 
5 : 168172 + 1682°2 = 2378°2 + 1 // a=4172 b=2*4172 


As the comments suggest, all equations are of the form 2+ +4- z4 = c? +1. We obtain solutions via the 


simple routine: 


deq44(k)= 
{ /* return [x,y,c] where x74+4*z*4=c"2+1 */ 


[fxtbook draft of 2008-January-19] 


784 Chapter 37: Modular arithmetic and some number theory 


> 


> 
ISIS 
Il OOo >++ 


BS 


> 
of TRNDN 
RND 
oO ES OO +h 


C1MAD of 
SON 


17424374 = 1480752 


“4 
2261953774 - 4*15994428~ 
13183632374 - 4*93222358 
76839840174 - 4*54333972 
pei obeserer a - 4*31668159 
2610292609774 - 4*1845755 
152139002499°4 - 4*107578 


1 
4-2 + 1 
070072 + 1 


ORWNFOWOONDORBWNES 
(o>) 
oO 
ol 
©O 
o 
NJ 

> 
NaS 

| 

WN 
* 
WS 
~“N 
(5] 
(oo) 
Ww 
NO 


BRRRRR 
NIN ABN +h 
) 
BRON +e 


Figure 37.15-C: Solutions of «4 — 424 = c? +1. 


local (x,z,c); 
= P(k); z= Q(k);) c=2*x*z; 
return( [x, z, c] ); 


The output is shown in figure|37.15-B} There are no solutions to the equation «* + 4 z4 = c? BI] so this 


is as close as one can get. Also, 2* — 424 = c? has no solutions but solutions of «+ — 4 z+ 
obtained via 


deq44m(k)= 
{ /* return [x,y,c] where x*4-4*z*4=c"2+1 */ 
local (x,z,c); 
= P(2*k); z = Q(2*k); c=2*z; 
return( [x, z, c] ); 


The first few solutions shown in figure |37.15-C 


n: x4-y4=c2*d 

1: 1°4- 0°4= 172 * 1 

2: 474 - 3°4=5°2 * 7 

3: 21°74 - 20°74 = 29°2 * 41 

4: 120°4 - 11974 = 16972 * 239 

5 : 69774 - 69674 = 98572 * 1393 

6 : 406074 - 405974 = 574172 * 8119 

7 : 23661°4 - 2366074 = 3346172 * 47321 

8 : 13790474 - 13790374 = 19502572 * 275807 

9 : 80376174 - 80376074 = 113668972 * 1607521 

10 : 468466074 - 468465974 = 662510972 * 936931 

11: 2730419774 - 2730419674 = 3861396572 * 54608393 

12 : 15914052074 - 15914051974 = 225058681°2 * 318281039 

13 : er ieecaGoA 4 - 92753892074 = 131173812172 * eee oie 

14 : 540609300474 - 540609300374 = 7645370045°2 * 10812186007 
15 : 3150901910174 - 3150901910074 = 4456048214972 * 63018038201 


Figure 37.15-D: Solutions of «4 — y+ = c?d. 


=c’-d (where y = x — 1) can be computed by 


Finally, solutions of the equation «+ — y4# 
deq4421 (k)= 
{ /* return [x,y,c,d] where x*4-y"4=c"2*d */ 
local(x,y,c,d); 
y = (P(2*k-1)-1)/2; 
x = yti; 
c = Q(2*k-1);  d = P(2*k-1); 
return( [x, y, c, d] ); 


} 


The first few are shown in figure |37.15-D| Note that equation 4 is 1204 — 1194 = 134 239. 


[fxtbook draft of 2008-January-19] 


=c+4+1are 


37.15: Properties of the convergents of \/2 * 785 


37.15.3 Triangular square numbers 


A triangular number is a number of the form n(n + 1)/2. There are triangular numbers that are also 
squares. Let z,, be the n-th triangular number that is a square. Then 


zn = (PaQn)? = 1, 36, 1225, 41616, 1413721, ... (37.15-1) 


We can generate the z,, via 


P(n)=((([1,1]*(0,1;1,2]~n) [1]); 
Q(n)=(((0,1]*[0,1;1,2]~n) [1]); 
zn(n)=(P(k) *Q(k))*2 


The sequence of values z, is entry |A001110 in [214]. A recurrence for z, is given by z = 1, 2 = 
36, 2n = 342n_1 — Zn—2 + 2, a closed form expression is z, = 5 ((3 + /8)?" + (3- 8)?" - 2). A 
simpler recurrence gives the square roots of z,: define w) = 1, w; = 6, and wy, = 6wy_1 — Wyn_2. Then 
we = Zn, the w,-th square number equals z,. The numbers w,, can be obtained as: 
? wn(n)=return(([1,6]*[0,-13;1,6]“n) [1]); 
? for(k=0,10,printi(" ",wn(k))) 

16 35 204 1189 6930 40391 235416 1372105 7997214 46611179 
? for(k=0,10,printi(" ",wn(k)*2)) 

1 36 1225 41616 1413721 48024900 1631432881 55420693056 1882672131025 
Let so = 1, 51 = 8, so = 49 and 8, = 78n-1 — TS8n—2 + 8n—-3. Then Sp (8) + 1)/2 = 2, and the s,-th 
triangular number equals z,. The numbers s,, can be obtained as: 


? sn(n)=return(([1,8,49]*[0,0,1;1,0,-7;0,1,7]“n) [1]); 
? for(k=0,10,printi(" ",sn(k))) 
1 8 49 288 1681 9800 57121 332928 1940449 11309768 65918161 
? tria(n)=n*(n+1)/2; 
? for(k=0,10,printi(" ",tria(sn(k)))) 
1 36 1225 41616 1413721 48024900 1631432881 55420693056 1882672131025 


37.15.4 Solutions of the equations s? + d? = w4 


n: s°3 +da°2=w 4 

0: 1°3 +072 = 174 

1: 873 + 28°2 = 674 

2: 49°3 + 117672 = 3574 

3: 28873 + 4132872 = 20474 

4: 168173 + 141204072 = 118974 

5: 980073 + 4801510072 = 693074 

6: 5712173 + 163137576072 = 4039174 

7: 33292873 + 5542036012872 = 23541674 

8: 194044973 + 188267019057672 = 137210574 

9: 1130976873 + 6395542045202872 = 799721474 
10: 6591816173 + 217260194185188072 = 4661117974 
11: 38419920073 + 73804512448220400°2 = 27166986074 
12: feet hGsaies4 + 250718083205521932072 = 158340798174 
13: 1305146304873 + 8517034384012899362872 = 922877802674 
14: 7606950124973 + 2893284510097771529376"72 = 5378926017574 
15: 443365544448°3 + 9828650300161404904012872 = 31350678302474 


Figure 37.15-E: Solutions of s? + d? = w’. 


The sum of cubes up to n° is the square of the n-th triangular number: 


n 1 2 
Sik = (at) (37.15-2) 
k=1 
So the difference of the squares of two consecutive triangular numbers is a cube: 
2 2 
1 -1 
(7 ms ’) (* ; i") = 3 (37.15-3) 


[fxtbook draft of 2008-January-19] 


786 Chapter 37: Modular arithmetic and some number theory 


We write T(n) for the n-th triangular number. Now, we have seen that T(s,,), the s,-th triangular 
number, is a square: T(s,) = w2. Squaring gives T(s,)? = w4. Subtracting d, := T(s, — 1) from both 
sides gives s? +d? = w4. That is, the triples [s,,, dn, Wn] are a solutions of the Diophantine equation 


si+d? = wt (37.15-4) 


which is a somewhat surprising observation. For the computation of d, we use dy, = w2 — Syn = Zn — Sn? 


deq(n)= 
{ /* Return [s,d,w] so that s°3 + d°2 = w4 */ 
local(s, t, w, d); 


s = sn(n); 
w = wn(n); 
d=w2-s; \\ == zn(n)-s; 


return( [s, d, wl] ); 


} 


The first few solutions of equation |37.15-4|of the given form are shown in figure |37.15-E} The equations 


with odd index are of the form 8 u® +d? = w*. The equations with even index are of the form u°+d? = w%, 


corresponding to Pythagorean triples giving triangles with hypothenuse a square and one side a third 
power. For example (equation 2): (7°)? + (1176)? = (357)? which is 7? + 24? = 5+ multiplied by 74. 


The triangular square numbers were determined by Euler. That triangular square numbers yield solutions 
to s° + d? = w* was observed 1912 by H. B. Mathieu. 


We note that there exist solutions that are not of the given form. A simple search reveals some of them, 
we use the routine 


N=200; 
{ for (s=1, N, s3 = s°3; 
for (w=1, N, w4 = 
t=w4-s3; 
if ( issquare(t) && (t!=0), 
d=sqrtint(t) ; 
g=gcd(s,gcd(d,w)); 
print(s, "-Q 4 Ww d, "79 = n, Ww, ung [", g, "y]"); 


»; ); F 
It finds all solutions where 0 < s < 200 and 0 < w < 200: 


s°3+da2=w4 [gcd(s,d,w)] 
8°73 + 28°2 = 674 {2] 

18°3 + 27°2 = 97 
23°73 + 608372 = 
3673 + 63°2 = 15°4 [3] 


4973 + 117672 = 3574 ‘([7] 
10873 + 648°2 = 36°74 = [36] 
10873 + 380772 = 6374 [9 
12673 + 2925°2 = 5774 —s [3] 
128°3 + 179272 = 48°74 = [16] 
135°3 + 494172 = 7274 [9] 
136°3 + 4785°2 = 7174 [1] 
143°3 + 433°2 = 4274 [1] 


In his amazing note [84] Cohen gives for the Diophantine equation 


a+ = 2 (37.15-5) 
the parametric solution 
= 6-s-t-(4-s*+3.-2*) (37.15-6a) 
b = 16-s*—168-s*.i4+9.-2 (37.15-6b) 
ec = 64-57 41584. 5®.¢*— 1188.54.48 —27-¢ (37.15-6c) 


where s,t € Z. 


[fxtbook draft of 2008-January-19] 


37.16: Multiplication of hypercomplex numbers * 787 


Regarding triangular numbers, we note a nice generalization of the relation 


(> ‘ = ye (37.15-7) 
k=1 k=1 


which is a consequence of 


a = mine) = T(n) (37.15-8a) 
k=1 
3 _ {n(ntl) - a2 : 
at = aa ) = T(n) (37.15-8b) 
Indeed, 
S-v(d) = ore (37.15-9) 
d\N d\N 


where v(d) counts the number of divisors of d. Relation|37.15-7]is the special case where N = p"~!. The 
divisors of N are 1, p, p?, ..., p"~' whose numbers of divisors in turn are 1, 2, 3,..., n. 


Relation|37.15-7|can easily be proven for the case that N is a product of n distinct primes: n = p1-p2--Dn. 
There are ("’) divisors with exactly j prime factors, each having 2/ divisors. Thereby the sum on the left 


hand side of relation |37.15-9}is equal to 


a) 2 : = ((1+2)") = » (5) 7 = > (") (2)° (37.15-10a) 


The quantity is always an even power of 3: 


n 


= (") gi = (148)" = 9" (37.15-10b) 


j=0 
This holds only if N factors into mutually distinct primes. 
We close with two relations taken from the marvelous book of A. H. Beiler [31] p.161-162]: 


2 (S709) = Psy e (37.15-11) 


k=1 k=1 k=1 
n 3 n n 
3 (>: rw) = T(k)> +2 5° T(k)4 (37.15-12) 
k=1 k=1 k=1 


37.16 Multiplication of hypercomplex numbers * 


An n-dimensional vector space (over a field) together with component-wise addition and a multiplication 
table that defines the product of any two (vector) components defines an algebra. 


The product of two elements 7 = )7, a, e, and y= >> j 8; e; of the algebra is defined as 


n—1 


vey = S- [(ax - Bj) ex e;] (37.16-1) 


k,j=0 


[fxtbook draft of 2008-January-19] 


788 Chapter 37: Modular arithmetic and some number theory 


The quantities e, e; are given in the multiplication table of the algebra. These can be arbitrary elements 
of the algebra, that is, linear combinations of the components. For example, a 2-dimensional algebra over 
the reals could have the following multiplication table: 


ed el 
e0: (5*e1 + 3*e0) (239*e0 + 3.1415*e1) 
el: (0) (17*e1 + 2.71828*e0) 


Note that there is no neutral element of multiplication (‘one’). Further, the algebra has zero divisors: 
the equation x-y = 0 has a solution where neither element is zero, namely 2 = e,, and y = eg. As almost 
all randomly defined algebras, it is completely uninteresting. 


In what follows we will only consider algebras over the reals where the product of two components equals 
+1 times another component. For example, the complex numbers are a two-dimensional algebra (over 
the real numbers) with the multiplication table 

e0 el 


eO: +eO tel 
ei: tel -e0d 


Which is, using the symbols ‘1’ and ‘i’, 
1 a: 


1: +1 +1 
i: +i -1 


We will denote the components of an n-dimensional algebra by the numbers 0,1,...,2—1. The multi- 
plication table for the complex numbers would thus be written as 


0 1 


O: +0 +1 
Ts ofl. S21 


37.16.1 The Cayley-Dickson construction 


The Cayley-Dickson construction recursively defines multiplication tables for certain algebras where the 
dimension is a power of two. Let a, A, b and B be elements of a 2”~!-dimensional algebra U. Define the 
multiplication rule for an algebra V (of dimension 2”) written as pairs of elements of U via 


(a, b)-(A, B) := (a-A-—B-b*, a*-B+A-D) (37.16-2) 

where the conjugate C* of an element C' = (a,b) is defined as 
(a, b)” := (a*, —b) (37.16-3) 
and the conjugate of a real number a equals a (unmodified). The construction leads to multiplications 


tables where the product of two units equals plus or minus one other unit only: e; - e; = tex Vi, 7. 


Figure [37.16-A] gives the multiplication table for a 16-dimensional algebra, the so-called sedenions. The 
upper left (8 x 8) quarter gives the multiplication rule for the octonions (or Cayley numbers), the upper 
left 4 x 4 subtable gives the rule for the quaternions and the upper left 2 x 2 subtable corresponds to the 
complex numbers. Note that multiplication is in general neither commutative (only up to dimension 2) 
nor associative (only up to dimension 4). 


The 2”-dimensional algebras are (for n > 1) referred to as hypercomplex numbers. There is no generally 
accepted naming scheme for the algebras beyond dimension 16. We will use the names ‘2”-ions’. 


This form (relation |37.16-2) of the construction is given in [22], an alternative form is used in [105]: 
(a, b)-(A, B) := (a-A-—B*-b, b- A*+B-a) (37.16-4) 


It leads to a table that is the transposed of figure |37.16-A 


[fxtbook draft of 2008-January-19] 


37.16: Multiplication of hypercomplex numbers * 789 


MhOdOAdATM OO NOOPWNFRO 
+ 
~“N 
+ 
fon 
I 
o 
I 
ww 
+ 
w 
+ 
Ne) 
I 
ary 
I 
fo) 
| 
Kh 
I 
(0) 
+ 
Q 
+ 
a 
I 
log 
I 
rn) 
+ 
oO 
+ 
00 


Figure 37.16-A: Multiplication table for the sedenions. The entry in row R, column C' gives the product 
R-C of the components R and C (hexadecimal notation). 


Pei titt+ w 
Lltlitt+ oO 
bt+rrt¢ti¢ N 
rit ttiti+ 
[+4 1+1++ © 
++ lL ltt+ pw 
ti tit+i+ oF 
Liitt+tt++ 0 
l+++1+4+1+ @ 
++ 144114 © 


bitter 1to on 
tLtHL Ltt 


Pt+te thie Fh ttrti¢+ we 
Pitti beet Fetter rit ow 
Ptttitit Fbtiti¢++ a 
tr bttiat 


HO2BATMOMO NoaodwNoro 
++ttteet+ F¢4+4+4+4+4+4+4+ 0 
tet ri itt 
titi itit¢ 


Pitti itt 
tetttest 
b++t4¢01 
Prt t ret 
(+It+1+1 
+11++11 
Pieters 


+4+ittit 


Figure 37.16-B: Signs in the multiplication table for sedenions. 


mats 2_ De = = _ ae 
By construction, e5 = eo, €; = —€0, €0 €k = Ek €o = Cx, and ex ej = —e; ex whenever both of k and j are 
nonzero (and k # 7). Further, 


exe; = te, where «=kXORjJ (37.16-5) 


where the sign is to be determined. Figure|37.16-B]shows the pattern of the signs of the sedenion algebra. 
The lower left quarter is the transposed of the upper left quarter, so is the lower right quarter, except for 
its top row. The upper right quarter is (except for its first row) the negated upper left quarter. These 


observations, together with the partial antisymmetry can be cast into an algorithm to compute the signs 
[FXT: /arith/cayley-dickson-demo.cc : 


int CD_sign_rec(ulong r, ulong c, ulong n) 
// Signs in the multiplication table for the 
// algebra of n-ions (where n is a power of two) 
// that is obtained by the Cayley-Dickson construction: 
// If component r is multiplied with component c then the 
// result is CD_sign_rec(r,c,n) * (r XOR c). 
{ 
if ( (r==0) || (c==0) ) return +1; 
if ( o=r ) 


if ( c>r ) return -CD_sign_rec(c, r, n); 


else return -1; // r==c 


// here r>c (triangle below diagonal) 
ulong h = n>>1; 

if ( c=h ) // right 

it 


[fxtbook draft of 2008-January-19] 


790 Chapter 37: Modular arithmetic and some number theory 


// (Capper right unreached) 
return CD_sign_rec(c-h, r-h, h); // lower right 


} 
else // left 


if ( r>=h ) return CD_sign_rec(c, r-h, h); // lower left 
else return CD_sign_rec(r, c, h); // upper left 


} 


The function uses at most 2-log.(n) steps. Note that the second row in the table is (the signed version 
of) the Thue-Morse sequence, see section [1.15.1]on page The matrix filled with entries +1 according 
to figure [37.16-B] is a Hadamard matrix, see section on page The sequence of signs, read by 
antidiagonals, and setting 0 := + and 1 := —, is entry of [214]. 


An iterative version of the function is [FXT: arith/cayley-dickson-demo.cc’: 


inline void cp2(ulong a, ulong b, ulong &u, ulong &v) { u=a; v=b; } 


// 
inline int CD_sign_it(ulong r, ulong c, ulong n) 
{ 
int s = +1; 
start: 
if ( (r==0) || (c==0) ) return s; 
if ( c==r ) return -s; 
if ( opr ) { swap2(r,c); s=-s; } 
n >>= 1; 


if ( c>=n ) cp2(c-n, r-n, r, c); 
else if ( r>=n ) cp2(c, r-n, r, c); 


goto start; 
t 


The computation of all 2? = 67,108,864 signs in the multiplication table for the ‘2°-ions’ takes less 
than 6 seconds (about 8 seconds with the recursive routine). 


0 12 3 4 5 6 7 


O: +0 +1 +2 +3 +4 +5 +6 +7 teeter ett 
i: +1 -0 +6 +4 -3 +7 -2 -5 to tt-¢-- 
3: +2 -6 -0 +7 +5 -4 +1 -3 +--+ et 
3: +3 -4 -7 -0 +1 +6 -5 +2 +---++-+4 
4: 4443 -5 -i -0 +2 +7 -6 ++ -- - te 
5: +5 -7 +4 -6 -2 -0 +3 +1 t+-+--- ++ 
6: +6 +2 -1 +5 -7 -3 -0 +4 4++-4---+4 
7: +7 +5 +3 -2 +6 -1 -4 -0 t+ e-+¢--- 


Figure 37.16-C: Alternative multiplication table for the octonions (left) and its sign pattern (right). 


An alternative multiplication table for the octonions is given in figure |37.16-C} Its sign pattern is the 
8 x 8 Hadamard matrix shown in figure |18.1-A]on page Properties of this representation and the 
relation to shift register sequences are described in [99]. 


37.16.2 Fast multiplication of quaternions 


Quaternion multiplication can be achieved in eight real multiplication using the dyadic convolution (see 


section on page [445}: the scheme in figure |37.16-D] suggests to use the dyadic convolution with 


bucket zero negated as a starting point which costs 4 multiplications. Some entries have to be corrected 
then which costs four more multiplications. 


// £(] == [ rei, it, j1, k1 ] 
// gf] == [ re2, i2, j2, k2 ] 


cO := £[0] * g[0] 
c1 := £[3] * g[2] 
c2 := f[1] * gI[3] 
c3 := £[2] * g[1] 


// length-4 dyadic convolution: 
walsh (f []) 


[fxtbook draft of 2008-January-19] 


37.16: Multiplication of hypercomplex numbers * 791 


+-- 0 1 2 3 +-- 0 1 2 3 +-- 0 1 2 3 
| | | 

0: 0 1 2 3 0: -0 1 2 3 10: Ox 1 2 3 
le 1 0 3 2 alge 1, =0 3 2 ii: 1 -O 3 -2* 
2: 2 3 0 1 2: 2 3 -0 1 j 2: 2 -3* -0 1 
3: 3 2 1 0 3: 3 2 1 -0 k 3: 3 2 -1* -0 


Figure 37.16-D: Scheme for the length-4 dyadic convolution (left), same with bucket zero negated 
(middle) and the multiplication table for the units of the quaternions (right). The asterisks mark those 
entries where the sign is different from the scheme in the middle. 


-O 12 3 4 5 6 7 0123 4 5 6 7 #0 12 3 4 5 6 7 
1-0 3 2 5 4 7 6 1-0 3-2 5-4-7 6 1 0 3 #2 5 #4 #7 6 
2 3-0 1 6 7 4 5 2-3-0 i 6 7 -4 -5 2#3 0 1 6 7 #4 #5 
3. 2 1-0 7 6 5 4 3 2-1-0 7-6 5-4 3 2#1 0 7 #6 5 #4 
45 6 7 -0 1 2 3 4=5 =-6-f =-0 1 2 3 4 #5 #6 #7 O 1 2 3 
5 4 7 6 1-0" 3° 2 56 4-7 6 -1-0-3 2 5 4#7 6 #1 O #3 2 
6 7 45 2 3-0 1 6 7 4-5 =2 3-0-1 6 7 4#5 #2 3 O #1 
7 6 5 4 3 2 1-0 36. 8 4. -=3 42: <1.=0 7#6 5 4 #3 #2 1 «0 


Figure 37.16-E: Scheme for the length-8 dyadic convolution with bucket zero negated (left) and mul- 
tiplication table for the octonions (middle, taken from [105]). There are 22 places where the signs differ 
(right, marked with ‘#’). This leads to an algorithm involving 8 + 22 = 30 multiplications. 


walsh(g[]) 
for i:=0 to 3 gli] := (f£[4] * gli]) 
walsh(g[]) 


// normalization and correction: 


g[0] := 2+* cO0- glo] / 4 
g[1] :=- 2 * ci + gli] / 4 
g[2] := - 2 * c2 + g[2] / 4 
g[3] := - 2 * c3 + g[3] / 4 


The algorithm is taken from [138] which also gives a second variant. 


The complex multiplication by three real multiplications (relation |37.12-2c]on page |772) corresponds to 
one length-2 Walsh dyadic convolution and the correction for the product of the imaginary units: 


// £(] == [ rel, im1 ] 

// gl] == [ re2, im2 ] 

cO := £[1] * g[1] // == imi * im2 

// length-2 dyadic convolution: 

{ £[0], £[1] } := { £[0]+£[1], f[0]-£[1] } 
{ g[0], g[1] } := ¢ gl0l+gl1], glo]-gli] } 
gf0] := £[0] * g[0] 

g[1] := £[1] * g[1] 

{ g[0], g[1] } := ¢ gl0l+gl1], glo]-gli] } 
// normalization: 

f[0] := £[0] / 2 

gO] := g[0] / 2 

// correction: 

g[0] := -2 * cO + g[0] 

// here: gl] == [ ret * re2 - imi * im2, rel * im2 + imi * re2 ] 


For complex numbers of high precision multiplication is asymptotically equivalent to two real multipli- 
cations as one FFT based (complex linear) convolution can be used for the computation. Similarly, high 
precision quaternion multiplication is as expensive as four real multiplications. Figure [37.16-E] shows an 
equivalent construction for the octonions leading to an algorithm with 30 multiplications. 


[fxtbook draft of 2008-January-19] 


792 Chapter 37: Modular arithmetic and some number theory 


[fxtbook draft of 2008-January-19] 


793 


Chapter 38 


Binary polynomials 


This chapter introduces binary polynomials and the arithmetic operations on them. We further describe 
tests for irreducibility and primitivity. Finally, a method for the factorization of binary polynomials is 
given. Many of the algorithms shown can easily be implemented in hardware. The arithmetic operations 
of binary polynomials are the underlying methods for computations in binary finite fields which are 
treated in chapter Another important application, the linear feedback shift registers, are described 


in chapter 


A polynomial with coefficients in the field GF(2) = Z/2Z (that is, ‘coefficients modulo 2’) is called a 
binary polynomial. The operations proceed as for usual polynomials except that the coefficients have to 
be reduced modulo two. 


To represent a binary polynomial in a binary computer one uses words where the bits are set at the 
positions where the polynomial coefficients are one. We stick to the convention that the constant term 
goes to the least significant bit. It turns out that the arithmetic operations can be implemented quite 
easily in an efficient manner. 


38.1 The basic arithmetical operations 


Addition of binary polynomials is the XOR operation. Subtraction is the very same operation. 


Multiplication of a binary polynomial by its independent variable x is simply a shift to the left. 


The following routines are given in [FXT: bpol/bitpol-arith.h). 


38.1.1 Multiplication and squaring 


Multiplication of two polynomials A and B is identical to the usual (binary algorithm for) multiplication, 
except that no carry occurs: 


inline ulong bitpol_mult(ulong a, ulong b) 
fa Return A * B 


return t; 


[fxtbook draft of 2008-January-19] 


794 Chapter 38: Binary polynomials 


As for integer multiplication with the C-type unsigned long, the result will silently overflow if deg(A) + 
deg(B) is equal to or greater than the word length (BITS_PER_LONG). If the operation t*=a; was replaced 


with t+=a; the ordinary (integer) product would be returned [FXT: |gf2n/bitpolmult-demo.cc : 


1..11.111 * 11.1.1 


product as bitpol ordinary product 


1..11.111 é GS eee se 1..11.111 CS ees as gM Let 
1..11.111 é t= ...1.1111.1.11 C= wosadds 2iede cdl 
1..11,4111 1 t= .1.11.1,,41.11 C= ge ITds cd. gas 11 
Dead ee VAD en sone 1 t= 11..... 1111.11 Ce eats Bel Bere 


When a binary polynomial p = 5 4 az x is squared, the result equals p? = +; apn @2*: 


1..11.111 1..11. 
1..411,111 1 Laser arrears 1..11,111 
101 Td. 1 PS pastas 14 4041 564 
spe fa b t= sabes 1171.01.21 
tee 41. 041 1 t= oeded,.1111 2.12 
Poaceae Beak b t= BU ergs ee res ee 

0 
oer oes Pree ae 1 t= 1..... 1.1...1.1.1 
t= 1..... alae 


Thereby one can, instead of using bitpol_mult(a, a), square by using the relation 


d 
= S- cy x2 
k=0 


Which can be verified by repeated application of (a + 6)? = a2 +2ab+b? =a? +b?. So we just have to 
move the bits from position k to position 2k: 


d 


; crv” 


k=0 


(38.1-1) 


inline ulong bitpol_square(ulong a) 
v Return A * A 


* 


ulong t = 1UL; 


while ( a ) 
{ 


m= 


return t; // == bitpol_mult(a, a); 


} 
This version will unlikely give a speedup, but the equivalent function bit_zip() (see section on 


page [35p can be a win if the degree of a is not too small. 
38.1.2. Optimization of the squaring and multiplication routines 


The routines for multiplication and squaring can be optimized by partially unrolling which avoids 
branches. As given, the function is compiled to: 


0: 31 c9 xor hecx,fecx //t=0 

2: 48 85 ff test %rdi,jrdi //a 

5: ba 01 00 00 00 mov $0x1,fedx //m=i1 

a: 74 1b je 27 <_Z13bitpol_squarem+0x27> // a==0 ? 
10: 48 89 c8 mov wrcx,Arax // tmp = t 

13: 48 31 dO xor “rdx,frax // tmp “=m 

16: 40 f6 c7 O1 test $0x1,%dil // if ( a&i ) 

ta: 48 Of 45 c8 cmovne {rax,/jrcx // then t = tmp 

te: 48 ci e2 02 shl $0x2,4rdx // m <<= 2 

22: 48 di ef shr yrdi //a>>=1 

25: 75 e9 jne 10 <_Z13bitpol_squarem+0x10> // a!=0 ? 
27: 48 89 c8 mov %rCX, hrAax 

2a: c3 retq 


The if ()-statement does not cause a branch so we unroll the contents of the loop 4-fold. Further, we 
move the while() statement to the end the loop to avoid the initial branch: 


[fxtbook draft of 2008-January-19] 


38.1: The basic arithmetical operations 795 


inline ulong bitpol_square(ulong a) 


i ulong t = 0, m = 1UL; 
do 
{ 
if ( aki) t “=n; 
m <<= 2; a >>= 1; 
if ( aki) t “=n; 
m <<= 2; a >>= 1; 
if ( aki) t “=n; 
m <<= 2; a >>= 1; 
if ( aki) t “=n; 
m <<= 2; a >>= 1; 
} 
while (a); 
return t; 
} 
Now we obtain much better machine code: 
0: 31 c9 xor hecx,fecx //t=0 
2: ba 01 00 00 00 mov $0x1,fedx //m=i1 
7: 48 89 c8 mov wrcx,Arax // tmp = t 
a: 48 31 dO xor Ardx,frax // tmp “=m 
d: 40 £6 c7 O01 test $0x1,%dil // if ( a&1 ) 
11: 48 Of 45 c8 cmovne {rax,/rcx // then t = tmp 
15: 48 ci e2 02 shl $0x2,/rdx // m <<= 2 
19: 48 di ef shr %rdi //a>>=1 
1c: 48 89 c8 mov %rCX, hrax 
1f: 48 31 do xor %rax , ,rax 
22: 40 £6 c7 O1 test $0x1,%dil 
26: 48 Of 45 c8 cmovne %rax, 4rcx 
2a: 48 cl e2 02 shl $0x2, 4rdx 
2e: 48 di ef shr frdi 
31: 48 89 c8 mov %rCX, hLax 
[--snip--] 
43: 48 dl ef shr %rdi 
46: 48 89 c8 mov {rex , hrax 
[--snip--] 
58: 48 di ef shr yrdi 
5b: 75 aa jne 7 <_Z13bitpol_squarem+0x7> // a!=0 ? 
5d: 48 89 c8 mov {CX , hLAaX 
60: c3 retq 


The multiplication algorithm is optimized in the same way. For squaring one can also use the bit-zip 
function given in section on page 


inline ulong bitpol_square(ulong a) 


it 
} 


return bit_zip( a ); 


The higher half of the bits of the argument must be zero. 


38.1.3. Exponentiation 


With a multiplication (and squaring) function at hand, it is straightforward (see section on page|537) 
to implement the algorithm for binary exponentiation: 


inline ulong bitpol_power(ulong a, ulong e) 
// Return A ** e 
{ 


if ( 0==e ) return 1; 


ulong s = a; 
while ( 0==(e&1) ) 


s = bitpol_square(s) ; 
e >>= 1; 


[fxtbook draft of 2008-January-19] 


796 Chapter 38: Binary polynomials 


a ( O!=(e>>=1) ) 

s = bitpol_square(s) ; 

if (e&1) a= bitpol_mult(a, s); 
return a; 


} 


Note that overflow will occur even for moderate exponents. 


38.1.4 Quotient and remainder 


The remainder a modulo b division can be computed by initializing A = a and subtracting B = 2 -b 
with deg(B) = deg(A) from A at each step. The computation is finished as soon as degb > deg A. As 
C-code: 

inline ulong bitpol_rem(ulong a, ulong b) 


// Return R= A %B= A —- (A/B)*B 
i“ Must have: B!=0 


const ulong db = highest_bit_idx(b) ; 
ulong da; 
while ( db <= (da=highest_bit_idx(a)) ) 


if ( 0==a ) break; // needed because highest_bit_idx(0)==highest_bit_idx(1) 
a “= (b<<(da-db)) ; 


return a; 


} 


The function highest_bit_idx() is given in section on page The following version may be 
superior if the degree of a is small or if no fast version of the function highest_bit_idx( is available: 


while ( b <=a ) 
{ 


ulong t = b; 

while ( (a*t) >t) t <<= 1; 

// == while ( highest_bit(a) > highest_bit(t) ) t <<= 1; 
a “=t; 


return a; 


The quotient of two polynomials is computed by a function that does the computes the remainder and 
additionally keeps track of the quotient: 


inline void bitpol_divrem(ulong a, ulong b, ulong &q, ulong &r) 
// Set R, Q so that A==Q* BHR. 
uy Must have B!=0. 


const ulong db = highest_bit_idx(b) ; 
q=0; // quotient 

ulong da; 

while ( db <= (da=highest_bit_idx(a)) ) 


if ( O==a ) break; // needed because highest_bit_idx(0)==highest_bit_idx(1) 

a “= (b<<(da-db)) ; 
q “= (1UL<<(da-db)) ; 
} =a; 


} 
The division routine does the same computation but discards the remainder: 


inline ulong bitpol_div(ulong a, ulong b) 
// Return Q=A/B 

// Mast have B!=0. 

{ 


const ulong db = highest_bit_idx(b) ; 

ulong q = 0; // quotient 

ulong da; 

while ( db <= (da=highest_bit_idx(a)) ) 

{ 
if ( O==a ) break; // needed because highest_bit_idx(0)==highest_bit_idx(1) 
a “= (b<<(da-db)) ; 


[fxtbook draft of 2008-January-19] 


38.1: The basic arithmetical operations 797 


q “= (AUL<<(da-db)) ; 


return q; 


38.1.5 Greatest common divisor (GCD) 


The polynomial greatest common divisor (GCD) can be computed with the Euclidean algorithm [FXT: 
bpol/bitpol-ged.h): 


inline ulong bitpol_gcd(ulong a, ulong b) 
// Return polynomial gcd(A, B) 
{ 
if ( axb ) { ulong t=a; a=b; b=t; } 
// here: b<=a 
male ( O!=b ) 


ulong c = bitpol_rem(a, b); 
a=b; 
b=c; 


return a; 


} 
The binary GCD algorithm can be implemented as follows: 
inline ulong bitpol_binary_gcd(ulong a, ulong b) 


{ 

if (a<b) = swap2(a, b); 

if ( b==0 ) return a; 

ulong k = 0; 

while ( !((alb)&1) ) // both divisible by x 
k++; 
a >>= 1; 
b >>= 1; 

} 

while ( !(ak1) ) a >>= 1; 

while ( !(b&1) ) b >>= 1; 

while ( a!=b ) 

{ 
if (a<b) { ulong t=a; a=b; b=t; }; // swap if deg(A)<deg(B) 
ulong t = (a*b) >> 1; 
while ( !(t&1) ) t >>= 1; 
a=t; 

} 

return a << k; 

} 


With a fast bit-scan instruction we can optimize the function: 
inline ulong bitpol_binary_gcd(ulong a, ulong b) 


{ // one (or both) of a, b zero? 
ulong ta = a&b, to = alb; 
if ( ta==to ) return to; 


ulong ka = lowest_bit_idx(a) ; 
a >>= ka; 
ulong kb = lowest_bit_idx(b) ; 
b >>= kb; 
ulong k = ( ka<kb ? ka : kb ); 


while ( a!=b ) 
{ 


if (a<b) { ulong t=a; a=b; b=t; } // swap if deg(A)<deg(B) 
ulong t = (a*b) >> 1; 
a = (t >> lowest_bit_idx(t)); 


return a << k; 


} 
Note that the comment 


[fxtbook draft of 2008-January-19] 


798 Chapter 38: Binary polynomials 


if (a<b) { ulong t=a; a=b; b=t; }; // swap if deg(A)<deg(B) 


is not strictly correct as the swap can also happen with deg(a) = deg(b) but that does no harm. 


38.1.6 Exact division 


Let C be a binary polynomial in x with constant term one. We use the relation (for power series) 


! 1 2 ; on 
oC sae OT See OE ae) mod x 


gntl 


(38. 1-2) 


where Y = 1—C. Now let Y = 244° +...+ a¢° where e; > 1 and ej4; > e;. Then Y? = 
eter + oI2 4+... 4+ 49° whenever q is a power of two, and the multiplication by (1 — Y%) is obtained 
by shifts and subtractions. If A is an exact multiple of C then R = A/C is a polynomial that can be 
computed as follows. We assume that arrays of N bits are used for the polynomials. 


1. Set R:= A and let e; (for i = 1,2,...,k) be the (ordered) positions of the nonzero coefficients of 
C. Set q:= 1. 


2. If gey > N then return R. 


3. Set T:=0. For 7 = 1,2,...,k, set T:=T+ Ra. The multiplications with «7% are left shifts by 
qe; positions. Set R:=T. 

4. Set q:=2q and goto step 2. 
The most simple example is C = 1+ 2 where the above procedure reduces to the inverse reversed 
Gray code given in section |1.15.6] on page The method is most efficient when k, the number of 
nonzero coefficients of C'— 1, is small. Sometimes one can reduce the work by dividing by C D and finally 
multiplying by D for some appropriate D. For example, with all-ones polynomials C = 1+a+a?+...+a* 
and D=1+ 2, then CD=1+2¢*"1. 


If C is of the form x“ (1+...+2*) then A/C can obviously be computed as (A/x“)/(C/x"). 


An analogue of the algorithm for the exact division by C = 2* +1 (over Z) is given in section |1.22.2]on 
page 
We give two examples, the division by «+ 1 can be done by 


inline ulong bitpol_div_xp1(ulong a) 

// Return power series A / (xt1) 

// If A is a multiple of x+1, then the returned value 
// is the exact division by x+1 


{ 

a “= a<<1; // rev_gray ** 1 

a “= ax<2; // rev_gray ** 2 

a “= ax<4; // rev_gray ** 4 

a “= ax<8; // rev_gray ** 8 

a “= a<<16; // rev_gray ** 16 
#if BITS_PER_LONG >= 64 

a “= a<<32; // for 64bit words 
#endif 
} return a; 


The function is identical to the inverse reversed Gray code [FXT: |bits/revgraycode.h|, see section |1.15.6 


on page [41] For the division by x? + 1 use 


inline ulong bitpol_div_x2p1(ulong a) 
// Return power series A / (x72+1) 
// If A is a multiple of x*2+1, then the returned value 
// is the exact division by x*2+1 
{ 
a “= ax<2; // rev_gray ** 2 
a “= ax<4; // rev_gray ** 4 
a<x<8; // rev_gray ** 8 


a 


[fxtbook draft of 2008-January-19] 


38.2: Multiplication for polynomials of high degree 799 


a “= a<<16; // rev_gray ** 16 
#if BITS_PER_LONG >= 64 
a “= ax<32; // for 64bit words 


#endif 
return a; 


38.2 Multiplication for polynomials of high degree 


We used the straightforward multiplication scheme whose asymptotic cost is ~ N? for polynomials of 
degree N. This is fine when working with polynomials of small degree. For the multiplication of two 
polynomials U and V both of (high, even) degree N write U = Up + Ui #N/?, V =Vo + Vi 2X/? and use 
the scheme 


UV = Up Vite") +(- 1) (MH —-Y)e?4h- V+") (38.2-1) 


recursively. Only the three multiplications indicated by a dot are expensive, the multiplications by a power 
of x are just shifts. The resulting scheme is the Karatsuba multiplication for polynomials, relation [27.2-3] 
on page bzelintetpreted for polynomials (set. 2. [2 — B). Recursive application of the scheme leads to the 
asymptotic cost ~ N1°%2@) =~ N1585, When working with polynomials of high degree the implementation 


of the Karatsuba scheme is a must. 


We give a generalization of the Karatsuba splitting that involves no constants, and several Toom-Cook 
schemes. 


38.2.1 Splitting schemes that do not involve constants 


A generalization of the Karatsuba scheme is given in [238] (see also [239]), it does not lead asymptotically 
better schemes than ~ N!°82(3) but has a simple structure and avoids all multiplications by constants 
(the asymptotically better n-way splitting schemes method do involve multiplications by constants for 
all n > 3, see section 27.2]on page[524p. We give the scheme for degree-2 (3-term) polynomials, recursive 
application for 3"-term polynomials should be straightforward. Let 


A = aj2?+a,2+4 (38.2-2a) 
B = boa? +b, 2+ bo (38.2-2b) 
C = AB= yat+oe®tor?t+cert+e (38.2-2c) 

We want to compute co, cy, .--, Ca. With 
doo = 460 (38.2-3a) 
di = aby (38.2-3b) 
dz2 = agbe (38.2-3c) 
doi = (ao +41) (bo + 61) (38.2-3d) 
do2 = (ao + a2) (bo + ba) (38.2-3e) 
dig = (a; + a2) (bi + b2) (38.2-3f) 

the cy, can be obtained as 

co = doo (38.2-4) 
c= doi — doo — di (38.2-5) 
c2 = do2—doo —do2+d11 (38.2-6) 
c3 = di2—d11 — do. (38.2-7) 
C4 = d22 (38.2-8) 


[fxtbook draft of 2008-January-19] 


800 Chapter 38: Binary polynomials 


The scheme involves 6 multiplications and 13 additions. Recursive application leads to the asymptotic 
cost ~ N!°83(6) = 1.6309 which is slightly worse than for the 2-term scheme. However, applying this 
scheme first for a polynomial with N = 3-2” terms and then using the Karatsuba scheme recursively 


can be advantageous. 


We generalize the method for n-term polynomials and denote the scheme by KA-n. The 2-term scheme 


KA-2 is the Karatsuba algorithm. With 
n—-1 
A = SS ap x* 
k=0 
n—-1 
B= S- br ak 
k=0 


2n—2 


C = AB =: DIN 
k=0 


define 
dss ‘= Ggbs fors=0,1,...,n—1 
dst *= (G@s+6s)(a:+h) fors+t=i,t>s>0,1<i<2n-3 
CG = > dst ~. S- (ds.s + dit) 
s+t=i s+t=i 
t>s>0 n—-1>t>s>0 
Then 
co = do,o 
C2n-2 = dn—1yn-1 
and for0<i<2n—-2: 
Cc; if i odd 
Ma oo + di/24/2 else 


The Karatsuba scheme is obtained for n = 2. 


(38.2-9a) 


(38.2-9b) 


(38.2-9c) 


(38.2-10a) 
(38.2-10b) 


(38.2-10c) 


(38.2-11a) 
(38.2-11b) 


(38.2-11c) 


We give pari/gp code whose output is the KA-n algorithm for given n. We need to create symbols ‘ak’ 


(for ax), ‘bk’, and so on: 


fa(k)=eval(Str("a" k)) 
f£b(k)=eval (Str("b" k)) 
fc(k)=eval(Str("c" k)) 
fd(k, j)=eval (Str("d" ku" j)) 


For example, we can create a symbolic polynomial of degree 3: 


? sum(k=0,3, fa(k) * xk) 
a3*x73 + a2*x72 + al*x + a0 


The next routine generates the definitions of all d,,. It returns the number of multiplications involved: 


D(n)= 
{ 
local (mct) ; 
mct = 0; \\ count multiplications 
for (i=0, n-1, mctt+=1; print(fd(i,i), "=", fai), "* ", fb(i) ) ); 


for (t=1, n-1, 
for (s=0, t-1, 


mct += 1; 
print(fd(s,t), "= (", fa(s)+fa(t), ") * (", fb(s)+fb(t), "J" ) ; 
return (nict) ; 


[fxtbook draft of 2008-January-19] 


38.2: Multiplication for polynomials of high degree 801 


For n = 3 the output is 


d0O = a0 * bO 
dii = al * bi 
d22 = a2 * b2 
d01 = (a0 + ai) * (b0 + bil) 
d02 = (a0 + a2) * (b0 + b2) 
di2 = (ai + a2) * (bi + b2) 


The following routine prints c;, the coefficient of the product, in terms of several d,;. It returns the 
additions involved: 


C(i, n= 

{ 
local(N, s, act); 
act = -1; \\ count additons 
printi(fc(i), "= "); 


for (s=0, i-1, 
t=i-s; 
if ( (t>s) && (t<n), 


act += 3; 
printi(" +", fd(s,t)); 
printi(" - ", fd(s,s)); 
printi(" - ", fd(t,t)); 
); 
5 
if ( 0==i%2, actt=1; printi(" + ", fd(i/2,i/2)) ); 
print(); 


return( act ); 


} 
It has to be called for all i where 0 < i < 2n — 2. The algorithm is generated as follows: 


KA(n)= 
{ 


local(mct, act); 


act = 0; \\ count additons 
mct = 0; \\ count multiplications 
mct = D(n); \\ generate definitions for the d_{s,t} 


\\ generate rules for computation of c_i in terms of d_{s,t}: 
for (i=0, 2*n-2, act+=C(i,n) ); 

act += n*x(n-1); \\ additions when setting up d(i,j) for i!=j 
return( [mct, act] ); 


} 
With n = 3 we obtain 
cO = + ddd 
cl = + dQ1 - dQO - dil 
c2 = + dO2 - dOO - d22 + dil 
c3 = + di2 - dli - d22 
c4 = + d22 


Now we generate the definitions for the KA-5 algorithm: 


n=5 /* n terms, degree=n-1 */ 
default(echo, 0); 
KA(n) ; 


We obtain the algorithm KA-5 shown in figure |38.2-A] The format is valid pari/gp input, so we add a 
few lines that print code to check the algorithm: 


print ("A=",sum(k=0,n-1, fa(k) * x7k)) 
print ("B=",sum(k=0,n-1, fb(k) * x*k)) 
print("/* direct computation of the product: */") 
print ("C=A*B") 
print("/* Karatsuba computation of the product: */") 
print ("K=",sum(k=0,2*n-2, fc(k) * x*k)) 
print ("qq=K-C") 
print ("print( if (O==qq, \"OK.\", \" **** QUCH!\") )") 
This gives for n = 5: 
A=a4*x74 + a3*x73 + a2*x72 + al*x + ad 
B=b4*x"4 + b3*x73 + b2*x72 + bi*x + bO 
/* direct computation of the product: */ 
C=A*B 
/* Karatsuba computation of the product: */ 
Sar + c7¥#x77 + cO¥X7™6 + cO¥*X75 + c4¥*x74 + c3*x73 + C2*X72 + c1*x + cO 
qg-h= 


[fxtbook draft of 2008-January-19] 


802 Chapter 38: Binary polynomials 


d0O = a0 * bO 
dii = al * bl 
d22 = a2 * b2 
d33 = a3 * b3 
d44 = a4 * b4 
doi = (a0 + ai) * (bO + bl) 
d02 = (a0 + a2) * (bO + b2) 
di2 = (a1 + a2) * (bi + b2) 
d03 = (a0 + a3) * (bO + b3) 
di3 = (a1 + a3) * (bi + b3) 
d23 = (a2 + a3) * (b2 + b3) 
d04 = (a0 + a4) * (b0 + b4) 
di4 = (a1 + a4) * (bi + b4) 
d24 = (a2 + a4) * (b2 + b4) 
d34 = (a3 + a4) * (b3 + b4) 
cO = + ddd 
cl = + dQ1 - dQO - dii 
c2 = + dQ2 - dOQO - d22 + dil 
c3 = + d03 - dQO - d33 + di2 - di1 - d22 
c4 = + d04 - dOO - d44 + di3 - di1 - d33 + d22 
c5 = + di4 - dii - d44 + d23 - d22 - d33 
c6 = + d24 - d22 - d44 + d33 
c7 = + d34 - d33 - d44 
c8 = + d44 
Figure 38.2-A: Code for the algorithm KA-5. 
print( if(0==qq, "OK.", " **** QUCH!") ) 


We can feed the output into another pari/gp session to verify the algorithm. We use the option ‘-f’ 
‘ b) 


that prevents colorization of the output which would confuse the verification process, the option ‘-q 
suppresses the output of the version: 


gp -f -q < karatsuba-n.gp | gp 
We obtain (shortened and comments added): 


/* definitions of d(s,t): */ 


(bO + b1)*a0 + (al*bO + bix*ai) 
(bO + b2)*a0 + (a2*bO + b2*a2) 
{[--snip--] 

(b3 + b4)*a3 + (a4*b3 + b4*a4) 


/* the c_i in terms of d(s,t), evaluated: */ 


bO*aQ 

bi*xaO + al*bO 

b2*a0 + (a2*bO + bix*al) 

b3*a0 + (a3*b0 + (b2*al + a2*b1)) 

b4*a0 + (a4*b0 + (b3*al + (a3*b1 + b2*a2))) 
b4*ai + (a4*b1 + (b3*a2 + a3*b2)) 

b4*a2 + (a4*b2 + b3*a3) 

b4*a3 + a4*b3 

b4*a4 


/* polynomials: */ 
a4*x74 + a3*x73 + a2*x72 + al*x + ad 
b4*x74 + b3*x73 + b2*x72 + b1I*x + bO 


/* direct computation of product: */ 
b4*a4*x78 + (b4*a3 + a4*b3)*x77 + (b4*a2 + (ad*b2 + b3*a3))*x76 + [...] 


/* Karatsuba computation of product: */ 
b4*a4*x78 + (b4*a3 + a4*b3)*x77 + (b4*a2 + (ad*b2 + b3*a3))*x76 + [...] 


Ay difference: */ 


OK. /* we are fine! */ 


The number of multiplications with algorithm KA-n is (n? + n)/2 which is suboptimal except for n = 2. 
However, recursive application can be worthwhile. One should start with the biggest prime factors as the 
number of additions is then minimized. The number of multiplications does not depend on the order of 
recursion (see [238] which also tabulates the number of additions and multiplications for n < 128). 


[fxtbook draft of 2008-January-19] 


38.2: Multiplication for polynomials of high degree 803 


With n just below a highly composite number one should add (zero-valued) ‘dummy’ terms and recursively 
use KA-n algorithms for small n. For example, with polynomials of degree 63 recursion with KA-2 (and 
n = 64) will beat the scheme “KA-7, then KA-3”. 


One could write code generators that create expanded versions of the recursions for n the product of 
small primes. When the cost of multiplication is much higher than for addition (as for binary polynomial 
multiplication on general purpose CPUs) substantial savings can be expected. 


38.2.2. Toom-Cook algorithms 


Toom-Cook schemes with n > 3 that work for binary polynomials are described in [46]. 


3-way splitting 


A = a2*Y72 + ail*Y + a0 

B = b2*Y"2 + bi*Y + bO 

83 = a2 + al + a0; 

$2 = b2 + bi + b0; 

Si = $3 * $2; \\ Mult (1) 
SO = a2*x72 + al*x; 

S4 = b2*x72 + bi*x; 

$3 += SO; 

$2 += S94; 

SO += a0; 

$4 += b0; 

S3 *= S2; \\ Mult (2) 
S2 = SO * S4; \\ Mult (3) 
S4 = a2 * b2; \\ Mult (4) 
SO = a0 * bO; \\ Mult (5) 
S3 += $2; 


$2 += SO; S2 /= x; S2 += 83; 
T= S4; T *= (x73+1); \\ temporary variable 
$2 += T; S2 /= (xt1i); \\ exact division 


Si += SO; 

$3 += S1; S3 /= x; S3 /= (x+1); \\ exact division 
Si += $4: S1 += S2; 

$2 += 83; 


P = S4*Y74 + S3*Y73 + S2*Y72 + S1*Y + SO; 
Mod(1,2)* (P - A*B) \\ == zero 


Figure 38.2-B: Implementation of the 3-way multiplication scheme for binary polynomials. The five 
expensive multiplications are commented with ‘Mult (n)’. 


For the multiplication of two polynomials A and B both of degree 3N write 
A = ajgt+ay aN + ag aN =; ag +a, Y + a2 y? (38.2-12) 


and identically for B. A 3-way splitting scheme for multiplication is shown in figure ]38.2-B} The multi- 
plications and divisions by z are shifts and the exact divisions are linear operations if we use the method 


of section |38.1.6]on page 


4-way splitting 


For the multiplication of two polynomials A and B both of degree 4N write 
A = agta,Y¥ +a.Y7%+a3Y? (38.2-13) 
where Y := 2, and identically for B. The 4-way splitting multiplication scheme is shown in figure|38.2-C 


[fxtbook draft of 2008-January-19] 


804 Chapter 38: Binary polynomials 


A = a8*Y73 + a2*Y72 + al*Y + a0; 

B = b3*Y73 + b2*Y72 + b1i*Y + bO; 

Si = a3 + a2 + al + a0; 

S2 = b38 + b2 + bi + b0: 

$3 = Si * S2; \\ Mult (1) 
so = ai + x* (a2 + x*a3); 

S6 = bi + x*(b2 + x*b3); 

S4 = (SO + a3*(x+1))*x + S1; 

S5 = (S6 + b3* (x+1)) *x + $2; 

SO = SO*x + a0; 

S6 = S6*x + bO; 

S5 = S5 * S4; \\ Mult (2) 
$4 = 80 \\ Mult (3) 
SO = a0*x73 + ai*x72 + a2x*x; 

S6 = bO*x73 + bi*x72 + b2*x! 

S1 = S1 + SO + aO*(x72+x) ; 

$2 =S2+S6+ bO* (x72+x) ; 

SO = 80 + a3; 

S6 = S6 + b3; 

Si = Si * S2; \\ Mult (4) 
S2 = SO * S6; \\ Mult (5) 
S6 = a3 * b3; \\ Mult (6) 
SO = aO * bO; \\ Mult (7) 
S1 = S1 + S2 + SO*(x74+x72+1); 

S5 = (S5 + S4 + S6*(x74+x7 +1) + S1) \ (x74+x); 
$2 = $82 + S6 + SO*x6; 

S4 = 84 + S2 + S6*x76 + SO; 

S4 = (S4 + S5*(x75+x)) \ (x7 4+x°2); 

$3 = 83 + SO + S6; 

Si = 81 + S3; 

S2 = $2 + Slkx + S3*x7 23 

$3 = 83 + S4 + S5; 

S1 = (st + S3*(x72+x)) \ (x7 4+x) ; 

S5 = + $1; 

$2 = (2. + S5* (x7 2+x)) \ (x74+x72); 

S4 = + $2; 


= S6*Y76 + SB5*Y75 + S4*Y74 + S3*Y73 + S2Q*Y7"2Q2 + Si*Y + SO; 
Mod(1,2)*(P - A*B) \\ == zero 


Figure 38.2-C: Implementation of the 4-way multiplication scheme for binary polynomials. The seven 
expensive multiplications are commented with ‘Mult (n)’. 


38.2.3. FFT methods for binary polynomials of very high degree 


For polynomials of very high degree FF T-based algorithms can be used. The most simple method is to use 
integer multiplication without the carry phase (which is polynomial multiplication!). Our multiplication 
example can be recomputed using decimal digits. The carry phase of the integer multiplication is replaced 
by a reduction modulo 2: 


100110111 * 110101 
== 11022223331211 // integer multiplication 


== 11000001111011 // parity of digits 


The scheme will work for polynomials of degree less than nine only. When using an FFT multiplication 
scheme (see section 27.3]on page [532) we can multiply polynomials up to degree N as long as the integer 
values 0, 1, 2... N+1 can be distinguished after computing the FFT. This is hardly a limitation at all: 
with the C-type float (24 bit mantissa) polynomials up to degree one million can be multiplied assuming 
at least 20 bits are correct after the FFT. With type double (53-bit mantissa) there is no practical limit. 
Whether this method could ever beat a well implemented splitting routine is unclear. However, it is very 
easy to implement. A FFT method that works exclusively with binary polynomials is described in [209]. 


[fxtbook draft of 2008-January-19] 


38.3: Modular arithmetic with binary polynomials 805 
38.3 Modular arithmetic with binary polynomials 


Here we consider arithmetic of binary polynomials modulo a binary polynomial. Addition and subtraction 
are again the XOR operation. The functions shown in this section are given in [FXT: bpol/bitpolmod- 
avith.h, 


38.3.1 Multiplication and squaring 


Multiplication of a polynomial A by x modulo (a polynomial) C is achieved by shifting left and subtract- 
ing C if the coefficient shifted out is one: 


static inline ulong bitpolmod_times_x(ulong a, ulong c, ulong h) 
// Return (A * x) mod C 

// where A and C represent polynomials over Z/2Z: 

// W = pol(w) =: \sum_k{ [bit_k(w)] * x°k} 


// 
// } needs to be a mask with one bit set: 

h == highest_bit(c) >> 1 == 1UL << (degree(C)-1) 
{ 

ulong s = a & h; 

a <<= 1; 

if (s) a‘*=c; 


return a; 
} 
In order to avoid the repeated computation of the highest set bit we introduced the auxiliary variable h 
that has to be initialized as described in the comment. Section [1.6] on page |16] gives algorithms for the 
function highest_bit(). Note that h needs to be computed only if the degree of the modulus C changes, 
which is usually only once for a series of calculations. By using the variable h we can obtain the correct 
result even if the degree of C equals the number of bits in a word in which case C' does not fit into a 
word. 
Multiplication of two polynomials a and b modulo C' can be achieved by adding a reduction step to the 
binary multiplication routine: 


inline ulong bitpolmod_mult(ulong a, ulong b, ulong c, ulong h) 
ie Return (A * B) mod C 


return t; 


38.3.2 Optimization of the squaring and multiplication routines 


Squaring a can be achieved as the multiplication a-a. If many squaring have to be done with a fixed 
modulus then a optimization using a precomputed table of the residues 2?" mod C shown in section [40.1] 
on page can be useful. Squaring of the polynomial > a; x* can be achieved via the computation 
the sum S77» ax 27" modulo C. We use the auxiliary function 


static inline ulong bitpolmod_times_x2(ulong a, ulong c, ulong h) 
Return (A * x * x) mod C 


{ ulong s=akh; a<<=1; if (s) a*=c; } 


{ ulong s=akh; a<<=1; if (s) a*=c; } 
return a; 


[fxtbook draft of 2008-January-19] 


806 


The squaring function, with a the 4-fold unrolled loop, is 


static inline ulong bitpolmod_square(ulong a, ulong c, ulong h) 
u Return A*A mod C 


ulong t = 0, s = 1; 


= 
if (a1) t*=s; a>>=1; s=bitpolmod_times_x2(s, c, h); 
if (a&1) t*=s; a>>=1; s=bitpolmod_times_x2(s, c, h); 
if (a&1) t*=s; a>>=1; s=bitpolmod_times_x2(s, c, h); 
if (a&1) t*=s; a>>=1; s=bitpolmod_times_x2(s, c, h); 

} 

while (a); 


return t; 


} 
Whether the unrolled code is used can be specified via the line 
#define MULT_UNROLL // define to unroll loops 4-fold 


Chapter 38: Binary polynomials 


The optimization used for the multiplication routine is also unrolling as described in section |38.1.2| on 


page 
static inline ulong bitpolmod_mult(ulong a, ulong b, ulong c, ulong h) 
{ 
ulong t = 0; 
do 
t 
{ if(b&1) t°=a; b>>=1; ulong s=akh; a<<=1; if(s) a*=c; } 
{ if(b&1) t°=a; b>>=1; ulong s=akh; a<<=1; if(s) a*=c; } 
{ if(b&1) t°=a; b>>=1; ulong s=akh; a<<=1; if(s) a*=c; } 
{ if(b&1) t*=a; b>>=1; ulong s=akh; a<<=1; if(s) a*=c; } 
} 
while ( b ); 
return t; 
} 


It turns out that squaring via multiplication is slightly faster than via the described sum computation. 


38.3.3. Exponentiation 


A routine for modular exponentiation can be obtained using the right-to-left powering algorithm from 


section |27.6.1]on page 


inline ulong bitpolmod_power(ulong a, ulong e, ulong c, ulong h) 
uv Return (A ** e) mod C 


if ( O==e ) return 1; // avoid hang with e==0 in next while() 


ulong s = a; 
aoe ( 0==(e&1) ) 


s = bitpolmod_square(s, c, h); 
e >>= 1; 


} 


a=s; 
until ( O!=(e>>=1) ) 


s = bitpolmod_square(s, c, h); 
if (e &1) a = bitpolmod_mult(a, s, c, h); 


return a; 


} 


The left-to-right powering algorithm given in section |27.6.2]on page can be implemented as: 


inline ulong bitpolmod_power(ulong a, ulong e, ulong c, ulong h) 
{ 
ulong s a; 
ulong b = highest_bit(e) ; 
while ( b>1 ) 


b >>= 1; 
s = bitpolmod_square(s, c, h); // s *= 8; 


[fxtbook draft of 2008-January-19] 


38.3: Modular arithmetic with binary polynomials 807 


if (e &b) s = bitpolmod_mult(s, a, c,h); //s *= a; 


return s; 


} 
Computing a power of « can be optimized with this scheme: 


inline ulong bitpolmod_xpower(ulong e, ulong c, ulong h) 
v Return (x ** e) mod C 


ulong s = 2; // ’x’ 
ulong b = highest_bit(e) ; 
while ( b>1 ) 


b >>= 1; 
s = bitpolmod_square(s, c, h); // s *= 8; 
if (e &b) s = bitpolmod_times_x(s, c, h); // s *= x; 


return s; 


38.3.4 Division by x 


Division by x is possible if the modulus has a nonzero constant term (that is, ged(C, x) = 1): 


static inline ulong bitpolmod_div_x(ulong a, ulong c, ulong h) 
// Return (A / x) mod C 
// C must have nonzero constant term: (ck1)== 


ulong s=a & 1; 
a >>= 1; 

if Cs ) 

{ 


return a; 


} 


If we do not insist on correct results for the case that the degree of C’ equals the number of bits in a 
word, we could simply use the following two-liner: 


if (a&1i) a=c¢; 
a>> 1; 


The operation needs only about two CPU cycles. The inverse of x can be computed with: 
static inline ulong bitpolmod_inv_x(ulong c, ulong h) 
// Return (1 / x) mod C 
// C must have nonzero constant term: (c&1)== 
ulong a = (c>>1); 


a l= h; // so it also works for n == BITS_PER_LONG 
return a; 


38.3.5 Extended GCD, computation of the inverse, and division 


The algorithm for the computation of extended GCD (EGCD) is taken from [155] [FXT: |bpol/bitpol- 
ied 


inline ulong bitpol_egcd(ulong u, ulong v, ulong &iu, ulong &iv) 


// Return u3 and set ul,vi so that gcd(u,v) == u3 == u*ul + v*u2 
{ 

ulong ul = 1, u2 = 0; 

ulong vi = 0, v3 =v; 

ulong u3 =u, v2 = 1; 

oes ( v3!=0 ) 


ulong q = bitpol_div(u3, v3); // == u3 / v3; 


ulong ti = ul ~ bitpol_mult(v1, q); // == ul - vil * q; 
uit =vi; vi = ti; 


[fxtbook draft of 2008-January-19] 


808 Chapter 38: Binary polynomials 


ulong t3 = u3 ~ bitpol_mult(v3, q); // == u3 - v3 * q; 
u3 = v3; v3 = t3; 
ulong t2 = u2 ~ bitpol_mult(v2, q); // == u2 - v2 * q; 
u2 = v2; v2 = t2; 

} 


iu =ul; iv = u2; 
return u3; 
The routine can be optimized using bitpol_divrem(): remove the lines 
ulong gq = bitpol_div(u3, v3); // == u3 / v3; 
[--snip--] 
ulong t3 = u3 ~ bitpol_mult(v3, q); // == u3 - v3 * q; 
and insert at the beginning of the body of the loop: 


ulong q, t3; 
bitpol_divrem(u3, v3, q, t3); 


The routine computes the GCD g and two additional quantities 7,, and i, so that 

GQ = Urtytu-iy (38.3-1) 
When g = | we have 

1 = w-i, mod v (38.3-2) 


That is, i, is the inverse of u modulo v. Thereby [FXT: bpol/bitpolmod-arith.h): 


inline ulong bitpolmod_inverse(ulong a, ulong c) 
// Returns the inverse of A modulo C if it exists, else zero. 
// Must have deg(A) < deg(C) 


{ 
ulong i, t; // t unused 
ulong g = bitpol_egcd(a, c, i, t); 
if Cela) f= 0; 
return i; 
} 


Modular division is obtained by multiplication with the inverse: 


inline ulong bitpolmod_divide(ulong a, ulong b, ulong c, ulong h) 
// Return a/b modulo c. 
// Must have: gcd(b,c)==1 
{ 
ulong i = bitpolmod_inverse(b, c); 
a = bitpolmod_mult(a, i, c, h); 
return a; 


When the modulus is an irreducible polynomial (see section|38.4) then the inverse can also be computed 
via powering: 
inline ulong bitpolmod_inverse_irred(ulong a, ulong c, ulong h) 
// Return (A ** -1) mod C 
// Mast have: C irreducible. 
{ 
ulong ri = (h<<1) - 2; // max order minus one 


ulong i = bitpolmod_power(a, ri, c, h); 
return i; 


38.4 Irreducible and primitive polynomials 


A polynomial is called irreducible if it has no non-trivial factors (trivial factors are the constant polyno- 
mial ‘1’ and the polynomial itself). A polynomial that has a non-trivial factorization is called reducible. 


[fxtbook draft of 2008-January-19] 


38.4: Irreducible and primitive polynomials 809 


A polynomial with zero constant term is always reducible because it has the factor x, except if the poly- 
nomial equals «. A binary polynomial that is irreducible has at least one term of odd degree and an odd 
number of terms in total. 


The irreducible polynomials are the ‘primes’ among the polynomials. 


Whether a given polynomial can be factorized does depend on its coefficient field: p(x) = x? + 1 does 
not factor as an ‘ordinary’ polynomial (coefficients in R or Z) while the factorization over C is (x? +1) = 
(2 + 7%) (2-1). As a binary polynomial, the factorization is (x? + 1) = (a +1)?. 


Let C be irreducible. Then the sequence py = 2” mod (C), k = 1,2,... is periodic and the (smallest) 
period m of the sequence is the order of « modulo C. We call m the period (or order) of the polynomial C. 
For a binary polynomial of degree n the maximal period equals 2” — 1. If the period is maximal then all 
nonzero polynomials of degree n — 1 occur in the sequence p. 


For the period m of C we have z™” = 1 mod C, so x” —1=0modC. That is, C divides 7” — 1 but no 
polynomial «* — 1 with k < m. 


A polynomial is called primitive if its period is maximal. Then the powers of x generate all nonzero binary 
polynomials of degree n — 1. The polynomial x is a generator (‘primitive root’) modulo C.. Primitivity 
implies irreducibility, the converse is not true. 


The situation is somewhat parallel to the operations modulo an integer: 


e Among those integers m that are prime some have the primitive root 2: the sequence 2* for 
k =1,2,...,m—1 contains all nonzero numbers modulo m (see chapter [25]on page |507). 


e Among those polynomials C that are irreducible some are primitive: the sequence «* for k = 
1,2,...,2” — 1 contains all nonzero polynomials modulo C. 


Note that there is another notion of the term ‘primitive’, that of a polynomial for which the greatest 
common divisor of all coefficients is one. 


Working modulo prime m the inverse of a number a can be obtained as a~t = a™~? (m—1 is the maximal 


order of an element in Z/mZ). With an irreducible polynomial C of degree n the inverse modulo C of a 
polynomial A can be obtained by computing A~! = A?”~? as shown in section |38.3.5]on page |807| 


The weight of a binary polynomial is the sum of its coefficients. 


Roots of primitive polynomials have maximal order 


A different characterization of primitivity is as follows. Suppose you want to do computations with 
linear combinations A = oe a, a* (where a, € GF(2)) of the powers of an (unknown!) root a of an 


irreducible polynomial C = x” + oe cy e*. 


When multiplying A with the root a we obtain a term a” which we want to get rid of. But we have 


n-1 
ae = Sepa" (38.4-1) 
k=0 


as a is a root of the polynomial C. Therefore we can use exactly the same modular reduction as with 
polynomial computation modulo C’. The same is true for the multiplication of two linear combinations 
(of the powers of the same root a). 


We see that the order of a polynomial p is the order of its root a modulo p, and that a polynomial is 
primitive if and only if all of its roots have maximal order. 


[fxtbook draft of 2008-January-19] 


810 


Chap 


38.4.1 Testing for irreducibility 


ter 38: Binary polynomials 


Irreducibility tests for binary polynomials use the fact that the polynomial a?” +2 has all irreducible 
polynomials of degree k as a factor. For example, 


a +e = ata (38.4-2) 
= (2)-(e+1)- 
(e? +41): 
‘(2° + a+ 1) : (a? + 2? + 1) : 
(2 + a+ 1) . (c& + 2? + 1) . (c&+a*+a?+2+1) . 
- (2° c+ +o 4 1) -(a® + 2° +1) - (a® eta? +e4 1): 
‘(2 +2°+2°+27+41) : (c&+a2°+24+2+1) : (c& +a°+a*+27+1) 
A bit more can be said about the polynomial ax?” +x used in the tests: if 
z= 42 (38.4-3a) 
d-1 
s = 1+) 2 (38.4-3b) 
k=0 
ct ., 
t = 0+) a? = 58-1 = 2/s (38.4-3c) 
k=0 


then s has all degree-d irreducible polynomials as factors where the coefficient of x 


d—-1 ig one and the 


factorization of t consists of polynomials where that coefficient is zero. As an example consider the case 


d=7. 


Z 


We use the notation [a,b,c,.. 


[128,1] s*t 


[64,32,16,8,4,2,1,0] = 
1,0] * 


Ss 


[eet el Te 


q q q q q I q q J (| 
Darn00aao 
ARTA PR wS 
Pree S, 


WNONDOOO 
ve be 


J Ali= atte tactt+...ta: 


t = [64,32,16,8,4,2,1] = 
[1] + 
[7,1,0] * 
[7,3,0] * 
[7,3,2,1,0] 
[7,4,0] * 
[7,4,3,2,0] 
[7,5,2,1,0] 
[7,5,3,1,0] 
[7,5,4,3,0] 
[7,5,4,3,2,1,0] 


* 


** * * 


38.4.1.1 The Ben-Or test for irreducibility 


A polynomial C of degree d is reducible if gcd(a2" + «mod C, C) # 1 for any k < d. We compute 


Up = 22 (modulo C) for each k < d by successive squarings and test whether gcd(u, + 2, C) = 1 for 
all k. But as a factor of degree f implies another one of degree d — f it suffices to do the first |d/2| of 


the tests. 
in [FXT: 


bool bitpol_irreducible_q(ulong C, 


ulong h) 


The implied algorithm is called the Ben-Or irreducibility test. A C++ implementation is given 


pol/bitpol-irred-ben-or.cc : 


// Return whether C is irreducible (via the Ben-Or irreducibility test_; 
// h needs to be a mask with one bit set: 


// h == highest_bit(C) >> 1 == 
{ 
if ( c<4 ) 
{ 
if ( c>=2 ) return true; 
else return false; 
z 


1UL << (degree(C)-1) 


// x, and 1+x are irreducible 


// constant polynomials are reducible 


[fxtbook draft of 2008-January-19] 


38.4: Irreducible and primitive polynomials 811 


if ( 0==(1&c) ) return false; // x is a factor 


// if ( 0O==(c & OxaaaaaaaaUL ) ) return 0; // at least one odd degree term 
// if ( O==parity(c) ) return 0; // need odd number of nonzero coeff. 
// if ( 0!=bitpol_test_squarefree(c) ) return 0; // must be square free 


ulong d = h >> 1; 

ulong u= 2; // ="=x 

while (0 !=d) // floor( degree/2 ) times 
{ 


// Square r-times for coefficients of c in GF(2*r). 
// We have r==1: 

u = bitpolmod_square(u, c, h); 

ulong upx =u ~ 2; // ="= utx 

ulong g = bitpol_binary_gcd(upx, c); 

if ( 1!=g ) return false; // reducible 


d >>= 2; 
} 


return true; // irreducible 


} 


Commented out at the beginning are a few tests to check for trivial necessary conditions for irreducibility. 
For the test bitpol_test_squarefree (for a square factor) see section |38.8.2|on page The routine 
will fail if deg c =BITS_PER_LONG, because the gcd-computation fails in this case. 


38.4.1.2. Rabin’s test for irreducibility 


Rabin’s algorithm to test for irreducibility (given in [195]) can be stated as follows: A binary polynomial C 
of degree d is irreducible only if 


gcd (x —x mod C, c) =e (38.4-4a) 
and, for all prime divisors p; of d, 


gcd ee —a mod C, c) = 4 (38.4-4b) 


The first condition is equivalent to a =xmodC. T hereby the number of GCD computations equals 
the number of prime divisors of d. 


When the prime divisors are processed in decreasing order the successive exponents are increasing and 
the power of x can be updated via squarings (the idea can be found in [I16]). Thereby the total number 
of squarings equals d which is minimal. A pari/gp implementation is 


polirred2_rabin(c)= 
{ 
local(d, f, np, p, e, X, m, g, ns); 
d = poldegree(c) ; 
c *= Mod(1,2); 
if ( c==’x, return(1) ); \\ ’x’ is irreducible 
if ( 0==polcoeff(c,0), return(0)); \\ reducible 
if ( d<1, return(0) ); \\ ’0’ and ’1’ are not irreducible 
if ( 1!=gcd(c, deriv(c,’x)), return(0)); \\ reducible 


ns = 0; \\ numbers of squarings so far 
m = Mod( Mod(1,2) * ’x, c); 


if ( ! isprime(d), \\ only if composite 


f = factor(d); 
np = matsize(f)[1]; \\ number of prime divisors 


forstep (k=np, 1, -1, \\ biggest prime factor first 
p = f£[k,1]; \\ prime divisor 
e = d/p; 

m = m*(2*(e-ns)); 

\\ here: m == Mod(’x,c)*(27e); 


[fxtbook draft of 2008-January-19] 


812 


ns =e; 
g = gcd(component(m,2)-’x, c); 
\\ reducible 


3 
3 


n= 


m* (27 (d-ns)) ; 


if ( 1!=g, return(0) ); 


\\ here: m == Mod(’x,c)*(27d); 


if ( O!=m-’x, 


return( 1 


3 


return(0) ); 


\\ irreducible 


\\ reducible 


Chapter 38: Binary polynomials 


Rabin’s test will be faster than the Ben-Or test if the polynomial is irreducible. When the polynomial is 
reducible and has small factors (as often the case with ‘random’ polynomials) then the Ben-Or test will 
terminate faster. A comparison of the tests is given in [116]. 


A C++ implementation of Rabin’s test is given in [FXT: 


bitmasks gives the number of squarings between the GCD c 


static const 


{ 
OUL, // x 
OUL, // x 
OUL, // x 
OUL, // x 
4UL, // x 
OUL, // x 
12UL, // x 
OUL, // x 
16UL, // x 
SUL, // x 
36UL, // x 
[--snip--] 


ulong rabin_tab[] = 


0 
1 
2 
3 
4 
5 
6 
7 
8 
9 
i 


(bits: 
(bits: 
(bits: 
(bits: 
(bits: 
(bits: 
(bits: 
(bits: 
(bits: 
(bits: 
O (bits: 


The testing routine is 


eee eveevevvvws 


OPS: 
OPS: 
OPS: 
OPS: 
OPS: 
OPS: 
OPS: 
OPS: 
OPS: 
OPS: 
OPS: 


finally sqr 1 
finally sqr 2 
finally sqr 3 


sqr 2 times, 


finally sqr 5 


sqr 2 times, 


finally sqr 7 


sqr 4 times, 
sqr 3 times, 
sqr 2 times, 


inline bool bitpol_irreducible_rabin_q(ulong c, ulong h) 
// Return whether C is irreducible (via Rabin’s irreducibility test). 
// th needs to be a mask with one bit set: 


h == highest_bit(C) >> 1 == 


{ 
if ( c<4 ) 
{ 
if ( c>=2 ) 
else 
} 


if ( 0==(1&c) ) 
ulong d = 1 + lowest_bit_idx(h) ; 


ulong rt 


ulong m = 


do 
{ 


1UL << (degree(C)-1) 


times 
times 
times 


bpol/bitpol-irred-rabin.cc). A table of auxiliary 
omputations: 


finally sqr 2 times 


times 
sqr i times, 
times 


finally sqr 3 times 


finally sqr 4 times 
finally sqr 6 times 


sqr 3 times, 


return true; // x, and 1+x are irreducible 


return false; // constant polynomials are reducible 


= rabin_tab[d]; 
// ="= ?x? 


a (rt>1) 


2; 


=——=as 


// degree 


m = bitpolmod_square(m, c, h); 


rt > 


>= 1; 


} 
while ( 0 == (rt & 1) ); 
ulong g = bitpol_binary_gcd( m ~ 2UL, c ); 


if ( g!=1 ) 


} 


return false; 


return false; // x is a factor 


do {m = bitpolmod_square(m, c, h); } while ( --d ); 


if ( m ~*~ 2UL ) 


return true; 


return false; 


[fxtbook draft of 2008-January-19] 


finally sqr 5 times 


38.4: Irreducible and primitive polynomials 813 


38.4.1.3 Transformations that preserve irreducibility 


When a polynomial is irreducible then the composition with x+1 is also irreducible. Similar, the reversed 
word corresponds to another irreducible polynomial. Reversion also preserves primitivity, composition 
with z+ 1 does not in general: the most simple example is the primitive polynomial p(x) = 24+ 2° +1 
where p(z +1) = a4 +22 +22+2a+41 has the order 5. The order of x modulo p(x) equals the order of 
x +1 modulo p(# + 1). 


Composition with x + 1 can be computed by [FXT: |bpol/bitpol-irred.h : 


inline ulong bitpol_compose_xp1i(ulong c) 
// Return C(x+1). 
// Self-inverse. 


{ 
ulong z = 1; 
ulong r = 0; 
while (c ) 
{ 
if (c&1) r*=@Z; 
c >>= 1; 
z “= (z<<1); 
return fY; 
} 


A version that finishes in time log,(b) (where b = bits per word) is 


inline ulong bitpol_compose_xp1(ulong c) 


{ 
ulong s = BITS_PER_LONG >> 1; 
ulong m = ~OUL << s; 
while (s ) 
c “= ( (ckm) >> s ); 
s >>= 1; 
m “= (m>>s); 
return C; 
} 


Which is exactly the blue_code() from section on page 
The reciprocal of a polynomial F(x) is the polynomial 
F*(z) = «8 F(1/x) (38.4-5) 


The roots of F(x) are the inverses of the roots of F(a). The reciprocal of a binary polynomial is the 
reversed binary word: 


inline ulong bitpol_recip(ulong c) 
// Return x“deg(C) * C(1/x) (the reciprocal polynomial) 


{ 
ulong t = 0; 
while (c ) 
{ 
t <<= 1; 
t l= (c & 1); 
c >>= 1; 
return t; 
} 


Alternatively, one can use the bit-reversion routines given in section on page [30] 
In general the sequence of successive ‘compose’ and ‘reverse’ operations leads to 6 different polynomials: 
C= [11, 10, 4, 3, 0] 


[11, 10, 4, 3, 0] -- recip (C=bitpol_recip(C)) --> 

[11, 8, 7, 1, 0] -- compose (C=bitpol_compose_xp1(C)) --> 
[11, 10, 9, 7, 6, 5, 4, 1, 0] -- recip --> 

(11, 10, 7, 6, 5, 4, 2, 1, 0] -- compose --> 

(11, 9, 7, 2, 0] -- recip --> 

[11, 9, 4, 2, 0] -- compose --> 

[11, 10, 4, 3, 0] == initial value 


[fxtbook draft of 2008-January-19] 


814 


Chapter 38: Binary polynomials 


A list of all binary irreducible polynomials of degrees 2 < d < 11 is given in [FXT:|data/all-irredpoly.txt. 


38.4.1.4 Self-reciprocal polynomials 


irred. poly 

1: i1...1..41 

2s 1724415411 

3: 1.411.114.1411 

4: 11111...411 

5: 1....1.111 

6: 11.11.1.11 

(3 111...41111 

8: Lica dtd 

9: 11.111..11 

10: 1..11.1111 
11: 1..1.141111 
12: 1111..1.11 
13: 1.41..1111 
14: 11.1.11.11 
15: 1111111.11 
16: 1111...111 
17: 1.1.11.111 
18: 11.1..41111 
19: 11.1111111 
20: 5 Eos a is el 
21: slice: Eyres kere teas all 
22: 1.o.t.. 2.12 
23: 1 Dees A ET 
24: Wes sce ce c it 
25: 11...14111 
26: 11..411.11 
27: 1...41..41 
28: 11..4....11 


irred. SRP 
14.1 
tii 
2143 
ode 
eda 
al 


bee rietiee bese 
pe pe ee 


ai. 
1 
: 
1 
1 
ef 


Fae SPs ese ets he 
eke ERs QebpRee 
Re BRR. 
a remrareare 
BRE BREE: 
BR 


a 
Be pee. 
fekehe oo 


ese Sis iss. bets 
RRs PARR Be 
PRERERBREBEEEBREEERE REE RRB ERE 


BRR. 


RR RRR ERR ERE EEE EEE EERE EEE 


Figure 38.4-A: All irreducible self-reciprocal binary polynomials of degree 18 (right) and the corre- 
sponding irreducible polynomials of degree 9 with constant linear coefficient (left). 


A polynomial is called self-reciprocal if it is its own reciprocal. The irreducible self-reciprocal polynomials 
(SRPs), except for 1+, are of even degree 2d. They can be computed from the irreducible polynomials 


of degree d with nonzero linear coefficient. Let F(z) 


then 


Spr(x) 


d 
j=0 


= sa f;v) and S(x) the corresponding SRP, 


(38.4-6) 


The irreducible SRPs of degree 18 and their corresponding polynomials are shown in figure pe 38.4-A] [FXT: 
gf2n/bitpol-srp-demo.cc . The conversion can be implemented as [FXT: |bpol/bitpol-srp.h. 


inline ulong bitpol_pol2srp(ulong f, ulong d) 
// Return the self-reciprocal polynomial S=x"d*F(x+1/x) where d=deg(f). 


// 8 += F(j) *x* (d-j) * (14x72) 7j 


coefficient to low end 


// W = sum(j=0, d, F(j)*x*(d-j)*(1+x*2)*j ) where 
// F(j) is the j-th coefficient of F. 
// Must have: d==degree(F) 
{ 
ulong w= 1; // == (x°2+1)°j 
ulong s = 0; 
do // for j =0... d: 
{ 
if (f£&%1) s = WW << a); 
w 7= (w<<2); // w *= (1+x72) 
f >>= 1; // next 
} 
while ( d-- ); 
return s; 
} 


The inverse function is given in {176}: 


1. Initialization: set F := 0, and 7 := 0. 


[fxtbook draft of 2008-January-19] 


38.4: Irreducible and primitive polynomials 815 


2. If S mod (x7 +1) =0 then set f; := 0, else set fj := 1. 
3. Set S:= (S — f; 27-J)/(x? +1) [the division is exact]. 
4. Set g:=9+1. If 7 <d goto step 2. 

5. Return F (= ae f; 2°). 


The computation of S mod (x? +1) can be omitted because the quantity is zero exactly if the central 
coefficient of S is zero. The assignment S$ := (S$ — f; «7~4)/(a? + 1) can be replaced by S := S/(x? +1) 
(as power series) because no coefficient beyond the position d— jj is needed by the following steps. We 
use the power series division shown in section [38.1.6]on page [798| for this computation: 


inline ulong bitpol_srp2pol(ulong s, ulong hd) 

// Inverse of bitpol_pol2srp(). 

// Must have: hd = degree(s)/2 (note: _half_ of the degree). 
// Only the lower half coefficients are accessed, i.e. 

// the routine works for degree(S) <= 2*BITS_PER_LONG-2. 


{ 
ulong f = 0; 
ulong mh = 1UL << hd; 
ulong ml = 1; 
do 
{ 
ulong b = s & mh; // central coefficient 
// s “= b; // set central coefficient to zero (not needed) 
if (b) f |=m1; // positions 0,1,...,hd 
ml <<= 1; 
s = bitpol_div_x2pi(s); // exact division by (x72+1) 
} 
while ( (mh>>=1) ); 
return f; 
} 


The self-reciprocal polynomials of degree 2n are factors of the polynomial 2?"+! — 1 (see [i8i]). For 
example, for n = 5 we obtain 


? lift (factormod(x* (275+1)-1,2)) 


[x + 1 1] 

[x°2 +x+1 1] 

[x7*10 + x77 + x75 + x73 +1 1) 

[x710 + x79 + x75 +x+1 1] 

[x10 + x°9 + x78 + x°7 + x76 + x75 + x74 4+ x°3 + x72 + x 4+ 1 1) 


The order of a self-reciprocal polynomial of degree 2n is a divisor of 2?” +1. The list of all SRP of even 


degree up to degree 22 is given in [FXT: data/all-irred-srp.txt). 


38.4.2 Testing for primitivity 


Checking a degree-d binary polynomial for primitivity by directly using the definition costs proportional 2” 
operations which is prohibitive except for tiny d. 


Improvements come from the multiplicative structure of the problem: it suffices to check whether 
x* = 1 mod C for all divisors of the maximal order that are greater than n. However, this soon gets 
impractical quickly as n grows. Already with n = 144 one has maximal order m = 2'44 — 1 (which has 
262144 divisors of which 262112 have to be tested) so the computation gets expensive. Note that the 
implied algorithm needs the factorization of m = 2” — 1. 


A much better solution is a modification of the algorithm to determine the oder in a finite field given on 
page The implementation given here uses the pari/gp language: 


polorder(p) = 
/* Order of x modulo p (p irreducible over GF(2)) */ 
{ 
local(g, gl, te, tp, tf, tx); 
= x; 
p *= Mod(1,2); 
te = nn_; 


[fxtbook draft of 2008-January-19] 


816 Chapter 38: Binary polynomials 


for(i=1, np_, 
tf = vf_[i]; tp = vp_[i]; tx = vx_[il]; 
te =te / tf; 


while ( 1!=g1, 
gl = gl°tp; 
te te * tp; 
)5 
); 


? 
return( te 


); 


The function uses the following global variables that must be set up before call: 


mn_ = 0; /* max order = 2n-1 */ 

np_ = 0; /* number of primes in factorization */ 
vp_ = []; /* vector of primes */ 

vf_ = []; /* vector of factors (prime powers) */ 
vx_ = []; /* vector of exponents */ 


As given, the algorithm will do n, exponentiations modulo p where n, is the number of different primes 
in the factorization in m. For n = 144 one has np = 17. An implementation of the algorithm in C++ is 


given in [FXT: |bpol/bitpol-order.cc’. 
A shortcut that makes the algorithm terminate as soon as the computed order drops below maximum is 


polmaxorder_q(p) = 
/* Whether order of x modulo p is maximal 
/* Early-out variant */ 


{ 
local(g, gl, te, tp, tf, tx, ct); 
Fj 


(p irreducible over GF(2)) */ 


g = x; 
p *= Mod(1,2); 


te = nn_; 
for(i=1, np_, 
tf = vf_[il; tp = vp_[i]l; tx = vx_[il]; 
te =te / tf; 
gl = Mod(g, p) “te; 
ct = 0; 
while ( 1!=g1, 
gl = gl°tp; 
te = te * tp; 
) ct = ct + 1; 
; if ( ct<tx, return(0) ); 
return(1); 
} 
Range time | # irred. tests | tests/sec 
90... 99: <1 sec 258 >300 
190 .. 199: 6 sec 588 100 
290 .. 299: 10 sec 474 58 
390 .. 399: 30 sec 810 27 


Determination of irreducible polynomials. 


Range time | # irred. tests | # prim. tests 
90... 99: 4 sec 313 13 
190 .. 199: 40 sec 1371 25 
290 .. 299: 90 sec 864 14 
390 .. 399: | 260 sec 1529 14 


Determination of primitive polynomials. 


Figure 38.4-B: Timings and number of tests involved in the determination of 10 low-bit irreducible 
(top) and primitive (bottom) binary polynomials in selected ranges of their degrees. The small number 
of tests for primitivity indicates that an irreducible polynomial is likely also primitive. 


Using polmaxorder_q() and pari’s built-in polisirreducible() the search for the lowest-bit primitive 


[fxtbook draft of 2008-January-19] 


38.4: Irreducible and primitive polynomials 817 


polynomials up to degree n = 100 is a matter of about 10 seconds. Extending the list up to n = 200 takes 
3 minutes. The computation of all polynomials up to degree n = 400 takes less than on hour. Figure 
[B] shows approximate timings with the determination of irreducible and primitive polynomials. 


Again, the algorithm depends an precomputed factorizations. The table [FXT:|data/mersenne-factors. txt 
taken from was used in order to save computation time. 


For prime m = 2" — 1 (that is, m is a Mersenne prime) irreducibility suffices for primality: The one-liner 
x=127; for(z=1,x-1,if (polisirreducible(Mod(1,2)+t*z+t*x) ,print1(" ",z))) 


finds all primitive trinomials for exponents of Mersenne primes in no time: 


89: 38_51 

127: 1 7 15 30 63 64 97.112 120 126 
621: 32 48 158 _ 168 353 363 473 489 
607: 105 147 273 334 460 502 


The computation (for d = 607) takes about a minute. Note we did not exploit the symmetry (re- 
versed polynomials are also primitive). Techniques to find primitive trinomials whose degree are very big 
Mersenne exponents are described in [65]. 


Here is a surprising theorem: Let p(x) = cy, x* be an irreducible binary polynomial, and L,(x) := 
yy cy, x2. Then all irreducible factors of L,(x)/x (a polynomial of degree 24 — 1) are of degree equal 
to ord(p) (the order of x modulo p(x)). Especially, if p(x) is primitive, then L,(«)/x is irreducible. The 
theorem is proven in (also in [169] p.110]). An example: 2’ + 2 +1 is primitive, so 712” +241 is 
irreducible. But, as 2!27—1 is prime, x!27+a+1 is also primitive. Thereby the polynomial 22 ~! +a +1 
is irreducible. 


38.4.3 Irreducible and primitive polynomials of special forms * 
We give lists of irreducible and primitive polynomials of special forms. For the computation of irreducible 
polynomials the built-in routine polisirreducible() of the pari/gp package (see {189]) was used. Prim- 


itivity was tested with the routines given so far. The abbreviation ‘PP’ is used for ‘primitive polynomial’ 
in what follows. 


38.4.3.1 All irreducible polynomials for low degrees 


For degrees n < 8 the complete list of irreducible polynomials is shown in figure |38.4-C} The list up to 
degree n = 11 is given in [FXT: \data/all-irredpoly.txt]. The list of PPs for n < 11 is given in [FXT: 


data/all-primpoly. txt). 


38.4.3.2 All irreducible and primitive trinomials for low degrees 


degrees n < 49 are shown in figure (there are no irreducible trinomials for degrees 50 and 51). 
list of all irreducible trinomials up to degree n = 400 is given in |FXT: data/all-trinomial-irredpoly.txt). 


A more compact form of the list can is given in [FXT: \data/all-trinomial-primpoly-short.txt): 


A trinomial is a polynomial with exactly three nonzero coefficients. The irreducible binary trinomials for 
ps0) 


2% 1 

3: 12 

4: 183 

5: 23 

6: 15 

7: 1346 

9: 45 

10: 37 

11: 29 

15: 147811 14 


A line starts with the entry for the degree followed by all possible positions of the middle coefficient. 


The corresponding files giving primitive trinomials only are [FXT: data/all-trinomial-primpoly.txt) and 


[fxtbook draft of 2008-January-19] 


Chapter 38: Binary polynomials 


818 


oO OOOn OOO Oo 


. an ap nan . 


oa aA dns =} 


nan el nnn 


nanan nnn nnnnnnnnnanQ anannnnana 


nnn nnnnnnnnnnnnn nnnnnana 


nan nnan 


nnn nnnan 


nnn nnnan 


nn nnnnan 


nnn nnanan 


00.0000 0000 0000.00 000000000000 0000 # 000000 00000000 000000 00000000 


jo) Oo COO 


« « non 


= Shokan 


nnnnnnn 
nnn nnnnnnnnnnnnanan 


nnn nnn nnnnnnnnnana 


NYSE ANNES SY 


rimitive: 


“P 
,l 
a 
1 
1 
2 
,l 
1 
2 
di 
P 
al 
-) 


o oo ood “ CONNMY onmonnst q ont 


a ~ sO n nnnnnn nnnnann ro) 


nan 


cal aN rio aod AMM  ASHLOLOLOLO | MSHLO 


nnn nnn nn nnnan 


nan 


“ ood sist i LOLOLOLOLOL = OWOOOOWO# OWOW 


Figure 38.4-C: All binary irreducible polynomials up to degree 8. 


nn nnnnnnnnnnnnnnnnnnnan 


M TALOWLON SHLOMO ONO 
NANMNMAANNANNTPORNMMMANGY 
LOLONODODOOONHNWNHNANOAAHH 
HME. MICA. MIMIC. COS ST N 

AD MOPMOOOMOM Mm 
ANANMOMNAANNANNHHAANKAN 
COCOA ATHTAMNMMMNSHSH 
Ee cece ie eee Eee 

ud oO CON MOL Mb 
ANWMNAAMNRANHMAAAANNANN 
NAM 090) OY LO LO LOLO 00.00 0000 00000000 DOD 
HN EN EN CIO C UCN IONE CIENQIENGN 

ANS ILO LOM WOH 


KRBMBREBEBEOWOWMDNDWCOCOMAdHH 
AMAA HNANNANAAG 
! | ! It | 


ist 
MENODMOY HOOD APY On 
COTAANAAAN SH SHLOLO LOLOLOLO 
Se bbe bebe beberle Perera 
Prete 


AANAMNNAMAMIAM TONAL 


nnn nnnnnnnnnnnnnanan 


Figure 38.4-D: All irreducible trinomials x” + x* +1 for degrees n < 49. The format of the entries is 


n,k for primitive trinomials, and -n,k for non-primitive trinomials. 


[fxtbook draft of 2008-January-19] 


38.4: Irreducible and primitive polynomials 819 


[FXT: 
[FXT: 


A list of irreducible trinomials that are not primitive is 


data/all-trinomial-primpoly-short.txt). 
data/all-trinomial-nonprimpoly.txt). 


Regarding trinomials, there is a theorem by Swan (given in [223]): The trinomial 2” + x* +1 over GF(2) 
has an even number of irreducible factors (and so is reducible) if 


1. nis even, k is odd, n 4 2k, and either nk/2 = 0 mod 4 or nk/2 = 1 mod 4 


2. n is odd, k is even and does not divide 2n, and n = +3 mod 8 


3. n is even, k is odd and does divide 2n, and n = +1 mod 8 
4. Any of the above holds for k replaced by n — & (that is, for the reciprocal trinomial) 


The first condition implies that no irreducible trinomial for n a multiple of 8 exists (as n is even, k 
must be odd, else the trinomial is a perfect square; and nk/2 = 0 mod 4). Further, if n is a prime with 
n = +3 mod 8 then the trinomial can be irreducible only if k = 2 (or n — k = 2). In the note it is 
shown that no irreducible trinomial exists for n a prime such that n = 13 mod 24 or n= 19 mod 24. 


The primitive trinomials of the form «” + «+1 for n < 400 are those with n € 


2, 3, 4, 6, 7, 15, 22, 60, 63, 127, 153 


These numbers are the sequence A073639) of [214], where one finds in addition 471, 532, 865, 900, 1366 
with the next candidate being 4495. 


For some applications one may want to use reducible trinomials whose period is close to that of a primitive 
one. For example, the trinomial (given in [82]) 


getegP +1 = (38.4-7) 
(c+ a2 ta? +a? 41)-(cttae%¢eP eater? t apa +a8 +a +284 e442? +1) 


has the period p = 4, 292, 868,097 which is very close to 23 — 1 = 4,294, 967,295. Note that the degree 
is a multiple of eight, so no irreducible trinomial of that degree exists. 


38.4.3.3 Irreducible trinomials of the form 1 + x* + x4 


k=1: The polynomials of the form 1 + «+ x@ are irreducible for the following 2 < d < 34353: 
2, 3, 4, 6, 7, 9, 15, 22, 28, 30, 46, 60, 63, 
127, 153, 172, 303, 471, 532, 865, 900, 


1366, 2380, 3310, 4495, 6321, 7447, 
10198, 11425, 21846, 24369, 27286, 28713, 32767, 34353 


This is sequence A002475) of [214]. 
k=2: 1+ 2? + 2% is irreducible for the following 3 < d < 57341 (sequence A057460): 


3, 5, 11, 21, 29, 35, 93, 123, 333, 845, 4125, 
10437, 10469, 14211, 20307, 34115, 47283, 50621, 57341 


k=3: p=1+4 2° + 2° is irreducible for the following 4 < d < 1000 (sequence A057461): 


4, 5, 6, 7, 10, 12, 17, 18, 20, 25, 28, 31, 41, 52, 66, 
130, 151, 180, 196, 503, 650, 761, 986 


k=4: p= 1+ 424 +27 is irreducible for the following 5 < d < 1000 (sequence |A057463): 
7, 9, 15, 39, 57, 81, 105 

k=5: p=1+ 2° + 27 is irreducible for the following 6 < d < 1000 (sequence |A057474): 
6, 9, 12, 14, 17, 20, 23, 44, 47, 63, 84, 
129, 236, 278, 279, 297, 300, 647, 726, 737, 


[fxtbook draft of 2008-January-19] 


Entries with the special 


Chapter 38: Binary polynomials 


12500, 
No primitive pentanomial exists for degrees n < 5 but 


180, 300, 324, 500, 540, 900, 972, 


2916, 4500, 4860, 7500, 8100, 8748, 


100, 108, 


1+ 2% + «°4 is irreducible whenever d is a power of seven: 
1620, 2500, 2700, 


2: The polynomial p = 1 + x@ + «4 is irreducible whenever d is a power of three: 
12, 20, 36, 60, 


4: The polynomial p = 14 x7 + «44 whenever d = 3'5/, i, 7 € N: 


3: Similarly, p 


1500, 


4 2 
A pentanomial is a polynomial that has exactly five nonzero coefficients. PPs that are pentanomials are 


given in [FXT: |data/pentanomial-primpoly.txt. 
for all higher degrees one seems to exist but this has not been proven so far. 


form 2° +29 +27+2+1aren € {5, 7, 17, 25, 31, 41, 151}. 
38.4.3.6 Primitive minimum-weight and low-bit polynomials 


38.4.3.4 Irreducible trinomials of the form 1 +x? + x4 
Similar regularities can be observed for related forms, see : 


38.4.3.5 Primitive pentanomials 


820 
k 


k 
k 


an ~ MO» On 
OMMONO sto mHONLDOM 
nanan ost Onnnnnan 


DOANMHTOOFORDONANMSH 
THPLO LO LO LO LO LO LOLA LO LOCO COO OO 


[a] oo o (elelelele) o 
oo eet oo OMNHO tt 
two TO sitioMNON 
AONTOUWOTOMSOWOFPOLA 
duc wacucsisses 
MNOMMNMMNMNSHHHd¢HH¢9H 


nnn nnnnnnnnnnnna 


MONOHANAMPOOROHDOHAN 
AAANANANANAAAANM OO 


. OodtimMOn 
mODCOOCOMO an anannan 
Onnnnanan AYN CO SHLO FILO 

MAAN HH wn nw rn nnn 
dina nn nnn MOTNMHLOO 
HNMHOO ONAN 


Figure 38.4-E: Binary primitive polynomials of minimum weight. 


N =k 
letete) OomMoo00M Oo. o 


YN AIPHANANASH 09 4 


a a a aS 


LOMMONLINAOWLDONLDOMD 


nnn nnn nnnnnnnnnan 


DODAAMNSTOOLKORDOANMSH 
SFLOLOLOLOLOLO LO LOLOLOWOOWOW 


° ° 
aod 4 ao 
ON NNO O NoooN a 
1 FO OD MIEN I0D + 


SO 0 MMANAM 


POCO HLOO TOS HLOMLDOLO 


nnn nnn nnnnnnnannan 


MPOONOHADOTNAMHLOON0C 
MNMMMMNMNMNSHS SS SHH 


MONOCANMNPNOORKODOHAN 
AAANNANNANANANAAA OO OD 


CoO oO 
oO nan * 
. do N 

N i: ay 
- COSMMOM 
TOCCOOOMO ana nnann 
Onannann AMINO SLO LO 
MAAN GAHH aw nw nn nnn 
dann nnann OTNMSHL—OWO 


HUNMNPOOr ONAN 


Figure 38.4-F: Binary primitive polynomials of small weight and nonzero coefficient at low indices. 
[fxtbook draft of 2008-January-19] 


38.4: Irreducible and primitive polynomials 821 


The data in [FXT: |data/minweight-primpoly.txt| lists minimal-weight PPs where in addition the coef- 
ficients are as close to the low end as possible. The first entries are shown in figure |38.4-E] A list of 
minimal-weight PPs that fit into a machine word is given in [FXT: bpol/primpoly-minweight.cc). 

Choosing those PPs where the highest nonzero coefficient is as low as possible one obtains the list in 


[FXT: . It starts as shown in figure [38.4-F] The corresponding extract for small 
degrees is given in [FXT: bpol/primpoly-lowbit.cc]. The index (position) of the second highest nonzero 
coefficient (the subdegree of the polynomial) grows slowly with n and is < 12 for all n < 400. Thereby 
one can store the list compactly as an array of 16-bit words. 


38.4.3.7 All primitive low-bit polynomials for certain degrees 


A list of all PPs 2” + pee c; x) for degree n = 256 with the second-highest order k < 15 (and the first 


few polynomials for k = 16) is given in [FXT: data/lowbit256-primpoly.txt|. The list starts as 


Equivalent tables for degrees DEG= 63, 64, 127, 128, 256, 512, 521, 607, 1000, and 1024, can be found in 
the files data/lowbitDEG-primpoly.txt (where DEG has to be replaced by the number). 


38.4.3.8 Primitive low-block polynomials 


A low-block polynomial has the special form x” + YG x), Such PPs exist for 218 degrees n < 400. 
These are especially easy to store in an array (saving the index of the second highest nonzero coefficient 
in array element n). Moreover, simplified and possible more efficient routines based on the special forms 
might be possible. A complete list of all low-block PPs with degree n < 400 is given in [FXT: 
lowblock-primpolst A short form of the list is [FXT: \data/all-lowblock-primpoly-short.txt,. Among 
the low-block PPs are a few where just one bit (the coefficient after the leading coefficient) is not set. 
For n < 400 this is for the following degrees: 


3, 5, 7, 138, 15, 23, 37, 47, 85, 127, 183, 365, 383 


The PPs listed in [FXT: data/lowblock-primpoly.txt} have the smallest possible block of set bits. 


38.4.3.9 Irreducible all-ones polynomials 


Irreducible polynomials of the form 2” + 27! +a"? +... + x2+1 (so-called all-ones polynomials) 
exist whenever s := n+ 1 is a prime number for which 2 is a primitive root. The all-ones polynomials 
x’-++...41 are irreducible for the following s < 400: 


2, 3, 5, 11, 13, 19, 29, 37, 53, 59, 61, 67, 83, 101, 107, 131, 139, 149, 
163, 173, 179, 181, 197, 211, 227, 269, 293, 317, 347, 349, 373, 379, 389 


The sequence is entry|A001122\of [214]. A list of values up to 2000 is shown in figure|39.6-B]on page 


[fxtbook draft of 2008-January-19] 


822 Chapter 38: Binary polynomials 


With the exception of x? + 2 +1, none of the all-ones polynomials is primitive. In fact, the order of x 
equals s, which is immediate when printing the powers of x (example using s = 5, p = 2*+a3+a2?4+a+1): 


k x°k 
0 ae 

i pole 

3 ‘iv! 

3 405. 

4 tiii . 

5 vied) == x75 == 


The all-ones polynomials are a special case for the factorization of cyclotomic polynomials, see section 
on page Irreducible polynomials of high weight are considered in [5] where irreducible polynomials 
of the form («”*1 + 1)/(2 +1) + 2* up to degree 340 are given. 


38.4.3.10 Irreducible normal polynomials 


. 


| 
we . 
tt 
. . 


wwe 
! 
. 


vuevvue 


lelele) 
| 


NNNNNNN OOOO ooo PR Ww ND 


NNINNNINNNININNINNNAIN 
DAHDAAAAOMMTTORWWN 
CONUS RW WEN 
IMIR WNNOWOOONOCO 


vvuvvuvvuse 


WNRFPENFRFE NH 
CDODOO00 O 


O00 O° 
! 
0 00 00 00 00. 00 00.00 C0 00. 00. 00 00.00. 00 00 


OWODOWODWOWOOWDOWODOUWODODOWUUWW 
“Q0.00 60.00 00.00.00 00 60.00.00 00.00 G0 00 00.00 00.00 60.00 
NANNANINNINNO OOOO TOEARO 
DADAAAMWNOMONRWWIRWNE 
THOS RWNRNORWWWYOWONCO 
TNeWNEEWH Eee Bo 
WODDDDO0OD DOO0OO O O 


vuevvuvvuve 


,1,0 


OOTP ARWO BBNO WWNH NO O OO 


AMAAMAA TMT BAAR WW NY FB 
BWNNBRE 


veuevvuvvuse 


NNOGDOOO 


Figure 38.4-G: All normal irreducible polynomials up to degree n = 9. Polynomials that are not 
primitive are marked with a ‘~’. 


The normal irreducible polynomials are those whose roots are linearly independent (see section on 
page [865). A complete list up to degree n = 13 is given in [FXT: data/all-normalpoly.txt), figure 
shows the polynomials up to degree n = 8. Normal polynomials must have subdegree n — 1, that is, 
they are of the form 2” + 2"~!+4.... The condition is necessary but not sufficient: not all irreducible 
polynomials of subdegree n—1 are normal. A list of primitive normal polynomials 2” +a"~!+...+a%4+1 
with w as big as possible is given in [FXT: data/highbit-normalpoly.txt|. Primitive normal polynomials 
x" +a"—t+e¥+...+1 where w is as small as possible are given in [FXT: data/lowbit-normalprimpoly. txt. 
The all-ones polynomials are normal. 


38.4.3.11 Irreducible alternating polynomials 


The ‘alternating’ polynomial 1 + Sa g@ktl —14¢423+25...+ 274+! can be irreducible only if d 
is odd: 


d: (irred. poly.) 

1: x73 +x .+1 

3 x77 + x75 + x73_+ x +_1 

be x°li+ x°9 + x°7+x75+x°3+x+1 


The list up to d = 1000 (sequence A107220) of [214]) 


1, 3, 5, 7, 9, 13, 23, 27, 31, 37, 63, 69, 117, 119, 173, 219, 223, 
247, 307, 363, 383, 495, 695, 987, 


can be obtained (within about 10 minutes) via 


[fxtbook draft of 2008-January-19] 


38.5: The number of irreducible and primitive polynomials 823 
for(d=1,1000, p=(1+sum(t=0,d,x7(2*t+1))); if (polisirreducible(Mod(1,2)*p) ,printi(d,", "))) 
A computational simplification with modular reduction can be observed by noting that 
(ltata®ta°t...+a")-(1+27) = l+a+a*%+a""? (38.4-8) 
One does all computations modulo the product (with cheap reductions) and only reduces the final result 


modulo the alternating polynomial. 


38.4.3.12 Primitive polynomials with uniformly distributed coefficients 


eerees from 9 


cae on primpoly-w5.txt)], the 


to 660. aa with weight 5 (eaedlariale, are given in ae 
polynomials around degree 500 are 


498 372 247 124 0 
499 380 253 125 


The polynomials with weight 7 are given in [FXT: data/eq-primpoly-w7.txt}, the list for weight 9 is [FXT: 
data/eq-primpoly-w9.txt. 


38.5 The number of irreducible and primitive polynomials 


Wi dy n: Ti. n: Tn nN: ds 
Te. “2 11: 186 21: 99858 3l: 69273666 
28. 12: 335 22: 190557 32: 134215680 
3:2 13: 630 23: 364722 33: 260300986 
4: 3 14: 1161 24: 698870 34: 505286415 
5: 66 15: 2182 25: 1342176 35: 981706806 
6: 9 16: 4080 26: 2580795 36: 1908866960 
7: 18 17: 7710 27: 4971008 37: 3714566310 
8: 30 18: 14532 28: 9586395 38: 7233615333 
9: 56 19: 27594 29: 18512790 39: 14096302710 

10: 99 20: 52377 30: 35790267 40: 27487764474 


Figure 38.5-A: The number of irreducible binary polynomials for degrees n < 40. 


nm: PP. n: Ph n P. n: Ph 
1: 1 11: 176 21: 84672 31: 69273666 
2: 1 12: 144 22: 120032 32: 67108864 
3: 2 13: 630 23: 356960 33: 211016256 
4: 2 14: 756 24: 276480 34: 336849900 
5: 6 15: 1800 25: 1296000 35: 929275200 
6: 6 16: 2048 26: 1719900 36: 725594112 
7: 18 17: 7710 27: 4202496 37: 3697909056 
8: 16 18: 7776 28: 4741632 38: 4822382628 
9: 48 19: 27594 29: 18407808 39: 11928047040 
10: 60 20: 24000 30: 17820000 40: 11842560000 


Figure 38.5-B: The number of primitive binary polynomials for degrees n < 40. 


[fxtbook draft of 2008-January-19] 


824 Chapter 38: Binary polynomials 


The number of irreducible binary polynomials of degree n is 


: So u(y 2/4 = - S~ u(n/d) 2" (38.5-1) 


d\n d\n 


The Mobius function / is defined by relation on page 
formula for the number of Lyndon words (relation on page |343). 
Figure [38.5-A] for gives I, n < 40, the sequence is entry 0 
polynomials up to degree 11 is given in [FXT: data/all-irredpoly.txt). 


The number of primitive binary polynomials of degree n equals 


P, = lites (38.5-2) 


n 


If n is the exponent of a Mersenne prime we have P,, = 2-2 = I,. The values of P, for n < 40 are 


shown in figure |38.5-B}] The sequence is entry A011260, of p14). The list of all irreducible polynomials 
up to degree 11 is given in [FXT: \data/all-primpoly.txt 


ws De n: Dn nN: Dn n: Dn 
1: 1 11: 10 21: 15186 31: 0 
2 0 12: 191 22: 70525 32: 67106816 
3: 0 13: 0 23: 7762 33: 49284730 
A: 1 14: 405 24: 422390 34: 168436515 
5: 0 15: 382 25: 46176 35: 52431606 
6: 3 16: 2032 26: 860895 36: 1183272848 
7: 0 17: 0 27: 768512 37: 16657254 
8: 14 18: 6756 28: 4844763 38: 2411232705 
9: 8 19: 0 29: 104982 39: 2168255670 
10: 39 20: 28377 30: 17970267 40: 15645204474 
Figure 38.5-C: The number of irreducible non-primitive binary polynomials for degrees n < 40. 
The difference D,, := In — Pp is the number of irreducible non-primitive polynomials (see figure |38.5-C). 


Whenever n is the exponent of a Mersenne prime we have D,, = 0. The complete list of these polynomials 


up to degree 12 inclusive is given in [F XT: |\data/all-nonprim-irredpoly.txt). 


38.6 Generating irreducible polynomials from necklaces 


That the number of length-n Lyndon words (see section [17.2] on page is equal to the number of 
degree-n irreducible polynomials is not a coincidence. Indeed, [73] gives an algorithm that, given a 
primitive polynomial, generates an irreducible polynomial from a Lyndon word: Let b be a Lyndon word, 
c be a irreducible polynomial of degree n and a an element of maximal order modulo c. Set e = a? and 
compute the polynomial p(x) over GF(2”), defined as 


p(t) := (a—e)(a-e7) (¢ e*) (a—e®) «++ (a— a) (38.6-1) 
Then all coefficients of p(x) are either zero or one and the polynomial is irreducible over GF(2). 


An implementation in C++ is given in [FXT: class necklace2bitpol in bpol/necklace2bitpol.h : 


class necklace2bitpol 


eee 
ulong p_[BITS_PER_LONG+1]; // polynomial over GF(2**n_) 
ulong n_; // degree of c_ 
ulong c_; // modulus (irreducible polynomial) 


[fxtbook draft of 2008-January-19] 


38.6: Generating irreducible polynomials from necklaces 825 


b e P b e Pp 
....1 4m re ee .11..1 P ...1 4m besides .11..1 P 
.. 1. 4 ee .11..1 P ...11 4m sls ee wt 
...11 4m ay eer 11111 ..1.1 2m wht .1.1.1 red. 
act daa 4 wakssioedl 2 Ld. dP ..111 4m acl It odes .P 
..1.1 2m ods H4. wlol.t red. 1111 1m era vised red: 
..11. 4 .11411 11111 
..111 4m ..111 ole. P 
1... 4 .111. -L1..21, -P 
.1..1 4 seded 11111 
1.1. 2 Led. 1.1.1 red. 
1.11 4 .11.1 .1..11 P 
wddies, 4 ...11 11111 
11.1 4 211. ela td P 
111. 4 eddies. wok TP 
-1111 1m ere .1...1 red. 


Figure 38.6-A: Characteristic polynomials of the powers e = x° of the primitive element 2 modulo 
c= a++a°+4+1 (left). If only necklaces are used as exponents b each polynomial is obtained only once 
(right). Irreducible polynomials are obtained for aperiodic necklaces. 


ulong h_; // mask used for computation 
ulong a_; // generator modulo c 
ulong e_; // a7b 
public: 
necklace2bitpol(ulong n, ulong c=0, ulong a=0) 
: n(n), c_(c), a_(a) 


if ( 0==c ) c_ = lowbit_primpoly[n] ; 
if ( O==a ) a_ = 2QUL; // ’x’ 
h_ = (highest_bit(c_) >> 1); 

} 


“necklace2bitpol() {; } 
ulong poly(ulong b) 
{ 


for (ulong k=0; k<=n_; ++k) p_l[k] = 0; 


p_[0] = 1; 
ulong e = bitpolmod_power(a_, b, c_, h_); 
e_ =e; // for reference 


for (ulong d=1; d<=n_; ++d) 
{ 


for (ulong k=d; k; --k) p_[k] = p_[k-1]; 
p_[0] = 0; 
for (ulong k=0; k<d; ++k) 

p_[k] “= bitpolmod_mult( p_[kt1], e, c_, h_); 
} 
e = bitpolmod_square(e, c_, h_); 
} 
ulong p2 = 0; 
for (ulong j=0; j<=n_; ++j) p2 l= (p_[jl] << j); 
return p2; 


} 
ae 
Figure|38.6-A|(left) shows all polynomials that are generated with c = x++2?+1 and the generator a = 2. 


This is the output of [FXT: |gf2n/necklace2irred-demo.cc). The columns are: b and its cyclic period (an 


‘m’ appended if the word is the cyclic minimum), e and p where a ‘P’ indicates that p is primitive. Observe 
that cyclic shifts of the same word give identical polynomials p. Further, if the period is not maximal 
then p is reducible. Restricting our attention to the necklaces b we obtain each polynomial just once 
(right of figure [38.6-A}. The Lyndon words b give all degree-n irreducible polynomials. The primitive 
polynomials are exactly those where gcd(b, 2" — 1) = 1. 


To generate all irreducible binary polynomials of fixed degree use [FXT: class all_irredpoly in 


bpol/all-irredpoly.h|._ The usage is shown in [FXT: \gf2n/all-irredpoly-demo.cc|. For n = 24 one ob- 


tains Io, = 698,870 irreducible polynomials (among them are P24 = 276,480 primitive polynomials). 


[fxtbook draft of 2008-January-19] 


Chapter 38: Binary polynomials 


826 
| degree: | necklaces search 
24: 49 k/sec | 147 k/sec 
35: 17 k/sec 64 k/sec 
45: 8 k/sec 36 k/sec 
63: 3 k/sec 18 k/sec 


Figure 38.6-B: Rate of generation of irreducible polynomials via necklaces and with exhaustive search. 


The computation takes about 15 seconds. It turns out that the generation via exhaustive search [FXT: 


gf2n/bitpol-search-irred-demo.cc) is actually faster, figure|38.6-B]gives the rates of generation for various 


degrees and both methods. 


38.7 Irreducible and cyclotomic polynomials * 


The primitive binary polynomials of degree n can be obtained by factoring the cyclotomic polynomial 
(see section |35.1.1]on page |655) Yy over GF(2) where N = 2” — 1. For example, with n = 6, 


? n=6; N=2°n-1; lift( factormod(polcyclo(N) ,2) ) 
[x°6 +x+1 1] 
[x°6 + x74 + x73 +x+1 1] 
[x*6 + x75 +1 1] 
[x°6 + x75 + x°72+x+1 1) 
[x°6 + x75 + x73 + x72 +1 1) 
[x°6 + x75 + x°4+x4+1 1] 


We use a routine (pcfprint(N)) that prints the N-th cyclotomic polynomial and its factors in symbolic 
form. With n = 6, N = 2” — 1 = 63 we obtain 
? n=6; N=27n-1; 
? pcfprint (N) 
63: [ 36 33 27 2418 12930 ] 
0 


The irreducible but non-primitive binary polynomials are factors of cyclotomic polynomials Yq where 
d\N,d< N and the order of 2 modulo d equals n: 


? fordiv(N,d,if(n==znorder(Mod(2,d)) && (d<N), pcfprint(d) )); 


9: [630] 
[630] 

21: [12119864310] 
[64210] 
[65420] 


The number of factors of Yq equals y(d)/n so we can count how many degree-n irreducible polynomials 
correspond to which divisor of N = 2” —1: 


1: [4:1] 1 
2: [3:1] 1 
3: [7:2] 2 
4: [5:1] [15:2] 3 
5: [31:6 6 
6: [9:1] [21:2] [63:6] 9 
7: (127:18] 18 
8: [17:2] [51:4] [85:8] [255:16] 30 
9: [73:8] [511:48] 56 
10: [11:1] [33:2] [93:6] [341:30] [1023:60] 99 
11: [23:2] [89:8] [2047:176] 186 
Line 6 tells us that one irreducible polynomial of degree 6 is due to the factor 9, two are due to the 


factor 21 and the 6 primitive polynomials correspond to N = 63 itself which we have verified a moment 
ago. Further, the a polynomials corresponding to an entry [d:a] all have order d. The list was produced 
using 


[fxtbook draft of 2008-January-19] 


38.8: Factorization of binary polynomials 827 


{ for (n=1, 11, 


printi(n,": "); 
s = 0; 
N = 2°n-1; 


fordiv (N, d, 
if ( n==znorder(Mod(2,d)) , 
a = eulerphi(d)/n; 


printi(" PM ydgte" yas] LL 
s += a; 
); 
)S 
print (" oss 
); 


38.8 Factorization of binary polynomials 


This section treats the factorization of binary polynomials. The first part describes how to factorize 
polynomials that do not contain a square factor. The second part gives algorithms to detect and remove 
square factors. Finally, an algorithm to factorize arbitrary binary polynomials is given. 


38.8.1 Factorization of squarefree polynomials 


c=2' +2 +1 (irreducible): 


Q= Q-id= nullspace= 

Vieemeae Paved ere 
veal as oda dics 
Leeds: cdo de. 
Fotis ds deitee Mosel g 
er ie vhed 4d. 
lub ath 1 coseiavee al 
dd Losec 

c=2 +e 2+e4t1=(e4+1) (22 +241) (c*+2+1): 
Q= Q-id= nullspace= 

Wisi esate dl eae 

1.1 edbscod clk Leds 

see lard Bae I 1.1.11 
sose abel Li. readied. 
1.111 pare eet 
ee ee eee 11 
1.11 euch dis 

c=(l+a)'=a' 40% 4a? +2*+2° +2? +241 (not square-free): 
= -id= 
a. wie, nullspace= 

area eee pas eee deters 
Leved odd Ds 
Sse ots sce 
diode 
eee 1. 
Led 


Figure 38.8-A: The Q-matrices for three binary polynomials and the nullspaces of Q — id. 


In order to factorize a polynomial that must not contain a square factor we will use Berlekamp’s Q-matrix 
algorithm. The algorithm consists of two main steps: the computation of the nullspace of a matrix, and 
a refinement phase that finds the distinct irreducible factors. 


Let c be a binary polynomial of degree d. The Q-matrix is a d x d matrix whose n-th column can be 
computed as the binary polynomial x?” (mod c). The algorithm will use the nullspace of Q — id. 


The routine to compute the Q-matrix is [FXT: setup_q_matrix( in bpol/berlekamp.cc’: 


void 
setup_q_matrix(ulong c, ulong d, ulong *ss) 


[fxtbook draft of 2008-January-19] 


828 Chapter 38: Binary polynomials 


// Compute the Q-matrix for the degree-d polynomial c. 
// Used in Berlekamp’s factorization algorithm. 


{ 
ulong h = 1UL << (d-1); 
{ 
ulong x2 = 2UL; // == ’x’ 
ulong q = 1UL; 
x2 = bitpolmod_mult(x2, x2, c, h); 
for (ulong k=0; k<d; ++k) 
ss[k] = q; 
q = bitpolmod_mult(q, x2, c, h); 
} 
bitmat_transpose(ss, d, ss); 
} 
} 


For the irreducible binary polynomial c = x’ + x +1 we obtain what is shown at the top of figure [38.8-A] 
This is the output of the program [FXT: [ef2n/qmatrix-demo.cd]. The vector no = [1,0,...,0] lies in the 
nullspace of Q — id for every polynomial c. For c= 27+ 2° +2+1= (a+1)(2?+2+4+1)(x*++2+1) we 
obtain a nullspace of rank three (middle of figure [38.8-A). In fact, the rank r of the nullspace equals the 
number of distinct irreducible factors of c. That is, for polynomials containing a square factor we do not 
get the total number of factors. For example, with c = (1+ 2)’ =27+2%+a°+a4+4+¢3 +a7+241 
we obtain what is shown at the bottom of figure 


The vectors spanning the nullspace must be post-processed in order to obtain the irreducible factors of c. 
The algorithm can be described as follows: let F' be a set of binary polynomials whose product equals c, 
the refinement step R; proceeds as follows: 

Let t be the i-th element of the nullspace. For each element f € F' do the following: if the degree of f 
equals one, keep it in the set, else delete f from the set and add from the set X = {gcd(f,t), gcd(f,t+1)} 
those elements whose degrees are greater or equal to one. 


One starts with F = {c} and does the refinement steps Ro, R1,... R-—1 corresponding to the vectors of 
the nullspace. Afterwards the set F’ will contain exactly the distinct irreducible factors of c. 


This is implemented in the routine [FXT: bitpol_refine_factors() in bpol/berlekamp.cc): 


ulong 

bitpol_refine_factors(ulong *f, ulong nf, const ulong *nn, ulong r) 
// Given the nullspace nn[0,...,r-1] of (Q-id) 

// and nf factors f[0,...,nf-1] whose product equals c 


// (typically nf=1 and £[0]==c) 
// then get all r irreducible factors of c. 
{ 


ulong ss[r]; 
for (ulong j=0; j<r; ++j) // for all elements t in nullspace 


ulong t = nn[j]; 

// skip trivial elements in nullspace: 

if ( bitpol_deg(t)==0 ) continue; 

ulong sc = 0; 

for (ulong b=0; b<nf; ++b) // for all elements bv in set 
{ 

f[b]; 

bitpol_deg (bv) ; 

if ( db <= 1) // bv cannot be reduced 


ss[sct+] = bv; 
else 


for (ulong s=0; s<2; ++s) // for all elements in GF(2) 


{ 

ulong ti =t~" 5s; 

ulong g = bitpol_gcd(bv, ti); 

if ( bitpol_deg(g) >= 1) ss[sc++] = g; 
} 


[fxtbook draft of 2008-January-19] 


38.8: Factorization of binary polynomials 829 


} 

nf = sc; 

for (ulong k=0; k<nf; ++k) f[k] = ss[k]; 

if ( nf>=r ) break; // nf>r would be an error 


} 


return nf; 


As can be seen, one can skip elements corresponding to constant polynomials. Further, as soon as the 
set F' contains r elements, all factors are found and the algorithm terminates. 


Now Berlekamp’s algorithm can be implemented as 


ulong 

bitpol_factor_squarefree(ulong c, ulong *f) 

// Fill irreducible factors of squarefree polynomial c into f[] 
// Return number of factors. 


ulong d = bitpol_deg(c) ; 
if ( d<=1 ) // trivial cases: 0, 1, x, xtl 
{ 

f[0] =c; 


if ( 0==c ) d=1; // 0==071 
return d; 


ulong ss[d]; 

setup_q_matrix(c, d, ss); 
bitmat_add_unit(ss, d); 

ulong nn{[d]; 

ulong r = bitmat_nullspace(ss, d, nn); 


f[0] =c; 
ulong nf = 1; 
if ( r>1) nf = bitpol_refine_factors(f, nf, nn, r); 


return r; 


} 
The algorithm for the computation of the nullspace was taken from [155], find the implementation in [FXT: 


bmat/bitmat-nullspace.cc). 


Berlekamp’s algorithm is given in [83] in a more general form: In order to factorize a polynomial with 
coefficients in the finite field GF(q) set up the Q-matrix with columns x7’ and in the refinement step set 
X = {gcd(f,t +0), gcd(f,t+1),...,gcd(f,t + (¢—1))}. The algorithm is efficient only if ¢ is small. 


38.8.2 Extracting the squarefree part of a polynomial 


To test whether a polynomial c has a square factor one computes g = gcd(c, c’) where c’ is the derivative. 
If g #4 1 then c has the square factor g: let c= a+ b?, then c! = a’ b? +.a2bb' =a’ b’, so gcd(c,c’) = b?. 
The corresponding routine for binary polynomials is given in [FXT: bpol/bitpol-squarefree.hi: 

inline ulong bitpol_test_squarefree(ulong c) 


// Return O if polynomial is squarefree 
// else return square factor != 0 


{ 
ulong d = bitpol_deriv(c) ; 
if ( O==d ) return (1==c ? 0: c); 
ulong g = bitpol_gcd(c, d); 
return (1==g 70: g); 
} 


The derivative of a binary polynomial can be computed easily [FXT: bpol/bitpol-deriv.h| (64-bit version): 


inline ulong bitpol_deriv(ulong c) 
// Return derived polynomial 


c &= OxaaaaaaaaaaaaaaaaUL; 


[fxtbook draft of 2008-January-19] 


830 Chapter 38: Binary polynomials 


return (c>>1); 


The coefficients at the even powers have to be deleted because derivation multiplies them with an even 
factor which equals zero modulo two. 


If the derivative of a binary polynomial is zero, then it is a perfect square or a constant polynomial: 


inline ulong bitpol_pure_square_q(ulong c) 
// Return whether polynomial is a pure square != 1 


{ 
if ( 1UL==c ) return 0; 
c &= OxaaaaaaaaaaaaaaaaUL; 
return (0==c); 


The following routine returns zero if c is squarefree or equal to one. If c is has a square factor s 4 1 then 
s is returned: 


inline ulong bitpol_test_squarefree(ulong c) 


{ 
ulong d = bitpol_deriv(c) ; 
if ( O==d ) return (1==c ? 0: c); 
ulong g = bitpol_gcd(c, d); 
return (1==g 70: g); 
} 


In case a polynomial is a perfect square then its square root can be computed as 


inline ulong bitpol_pure_sqrt(ulong c) 


{ 
ulong t = 0; 
for (ulong mc=1,mt=1; mc; mc<<=2,mt<<=1) 
if (mc &c) t |= mt; 
} 
return t; 
} 


For the factorization algorithm for general polynomials we have to extract the product of all distinct 
irreducible factors (the squarefree part) from a polynomial. The routine [FXT: bitpol_sreduce() in 


bpol/bitpol-squarefree.cc) returns a polynomial where the even exponents are reduced: 


ulong 
bitpol_sreduce(ulong c) 
{ 


ulong s = bitpol_test_squarefree(c) ; 
if ( O==s ) returnc; // c is squarefree 


ulong f = bitpol_div(c, s); 


do // here s is a pure square and s>1 


{ 
s = bitpol_pure_sqrt(s); 
} 
while ( bitpol_pure_square_q(s) ); 


ulong g = bitpol_gcd(s, f); 
s = bitpol_div(s, g); 
f = bitpol_mult(f, s); 


return f; 


With c = f- st?" (k odd, the factors of f and s not necessarily distinct) the returned polynomial 
y 


[fxtbook draft of 2008-January-19] 


38.8: Factorization of binary polynomials 831 


equals f - s*. Some examples: 


ara 
i i a 
a®=aa ~~ aa 
a=aat »% aa 
ab? ~~ ab 
abo? ~~ abb=ab? & ab 
f «gh? (-$. f-s* 


To extract the squarefree part of a polynomial call the routine repeatedly until the returned polynomial 
equals the input: 


inline ulong bitpol_make_squarefree(ulong c) 


{ 
ulong z = c, t; 
while ( z!=(t=bitpol_sreduce(z)) ) z= t; 
return Z; 

} 


The reduction routine will be called at most log,(n) times for a polynomial of degree n: the worst case 


is a perfect power p = a2"~! where 2* —1 <n. Observe that (2* —1) = 1+2(2*-! —1), so the reduction 


2 Deere 


routine will split p as p= as“ ++ as where s=a is of the same form. 


38.8.3 Factorization of arbitrary polynomials 


The factorization routine for arbitrary binary polynomials [FXT: bitpol_factor() in bpol/bitpol- 
extracts the squarefree part f of its input c, uses Berlekamp’s algorithm to factor f and 
updates the exponents according to the polynomial s = c/f: 


ulong 

bitpol_factor(ulong c, ulong +f, ulong *e) 
// Factorize the binary polynomial c: 

// c = \prod_{i=0}"{fct-1}{f [i] ~e lil} 


// The number of factors (fct) is returned. 


ulong d = bitpol_deg(c) ; 
if ( d<=1 ) // trivial cases: 0, 1, x, xtl 


f[0] = c; 
if ( 0==c ) d=1; // 0==071 
return d; 


// get squarefree part: 

ulong cf = bitpol_make_squarefree(c) ; 

//_... and factor it: 

ulong fct = bitpol_factor_squarefree(cf, f); 
// All exponents are one: 

for (ulong j=0; j<fct; ++j) { e[j] = 1; } 


// Here f£[],e[] is a valid factorization of the squarefree part cf 


// Update exponents with square part: 
ulong cs = bitpol_div(c, cf); 

for (ulong j=0; j<fct; ++j) 

{ 


if ( 1==cs ) break; 
ulong fj = f[j]; 
ulong g = bitpol_gcd(cs, fj); 
while ( 1!=g ) 
{ 
+te[j]; 
cs = bitpol_div(cs, fj); 


[fxtbook draft of 2008-January-19] 


832 Chapter 38: Binary polynomials 


if ( 1==cs ) break; 
g = bitpol_gcd(cs, fj); 
} 
} 


return fct; 


As given the algorithm makes just one call to the routine that computes a nullspace. 


0: x75 == (x) 75 

13 x75 +10 == (x+1) * (x744+x73+x72+x+1) 
2: x75 +X == (x) * (xt+1)74 

3: x75 +x+1 == (x73+x72+1) * (x72t+xt1) 
4: x75 +x72 == (x)72 * (xt1) * (x72+x+1) 
5: x75 +x°2 +41 == (x75+x72+1) 

6: x75 +x724+x == (x) * (x74+x+1) 

rae x75 +x°2txt1 == (x+1)°2 * (x73+x+1) 

8: x75 +x73 == (x)73 * (xt1)72 

9: x75 +x73 +1 == (x75+x73+1) 

10: x75 +x73 +x == (x) * (x72+x+1)72 

ile x75 +x73 +xt+1 == (xt+1) * (x74+x73+1) 

12: x75 +x73+x72 == (x)72 * (x73+x+1) 

13: x75 +x°3+x72 +1 == (x+1)73 * (x72+x+1) 

14: x75 +x734+x72+x == (x) * (xt1) * («73+x72+1) 
15: xo 5 +x734+x72txt+1 == (x75+x73+x72+x+1) 

16: x75+x74 == (x)74 * (x+t1) 

17: x75+x74 +1 == (x72+xt+1) * (x73+x+1) 

18: x754+x74 +x == (x) * (x74+x73+1) 

19: x75+x74 txt+1 == (x+1)75 
20: x75+x74 +x72 == (x)72 * (x73+x72+1) 
21: x75+x74 +x°2 +1 == (x+1) * (x74+x+1) 
22: x75+x74 +x7 24x == (x) * (xt1)72 * (x72+xt1) 
23: x754+x74 +x°2t+xt+1 == (x75+x74+x72+x+1) 
24: x754+x744+x73 == (x)73 * (x72+x+1) 
25: x75+x744+x73 +1 == (x+1)°2 * (x73+x72+1) 
26: x75+x744+x73 +x == (x) * (xtl) * (x73+x+t1) 
27: x754+x744+x73 t+x+1 == (x75+x74+x73+x+1) 
28: x75+x744+x734+x72 == (x)72 * (xt+1)73 
29: x75+x74+x734+x72 +1 == (x75+x74+x73+x724+1) 
30: X754+x744+x734+x72+x == (x) * (x74+x73+x72+x+1) 
31: x75+x744+x734+x72+xt1 == (x+1) * (x72+x+1)72 


Figure 38.8-B: Factorizations of the binary polynomials of degree 5. 


Figure |38.8-B] shows the factorizations of the binary polynomials of degree 5, it was created with the 
program [FXT: gf2n/bitpolfactor-demo.cc]. Factoring the first million polynomials of degrees 20, 30, 40 
and 60 takes about 5, 10, 15 and 30 seconds, respectively. 


A variant of the factorization algorithm often given uses the so-called squarefree factorization c = [], a! 
where the polynomials a; are squarefree and pairwise coprime. Given the squarefree factorization one 
has to call the core routine for each non-trivial a;. 


As noted, the refinement step becomes expensive if the coefficients are in a field GF(q) where q is not 
small because g computations of the polynomial gcd are involved. For an algorithm that is efficient also 
for large values of ¢ see or [119] ch.14]. 


[fxtbook draft of 2008-January-19] 


833 


Chapter 39 


Shift registers 


We describe shift register sequences (SRS) and their generation via linear feedback shift registers (LFSR). 
The underlying mechanism is the modular arithmetic of binary polynomials described in section [38.3] 
We give an expression for the number of shift registers sequences of maximal length, the so-called m- 
sequences. Two related mechanisms, feedback carry shift registers (FCSR) and linear hybrid cellular 
automata (LHCA), are described. Most of the algorithms given can easily be implemented in hardware. 


39.1 Linear feedback shift registers (LFSR) 


c = 1..11 == 0x13 == 19 (deg = 4) 
0 w= 15 = 1111 . 1 l=a 
1 w= 14 = 111. 1. 2=a 
2 w= 12 =11.. -1..= 4=a 
3 w= 8) = Ase Weseane: o= 8=a 
4 w= 1 =...1 1 ..11 = 3=a 
5 w= 2S ghee edhe = 6=a 
6 w= 4 =.1.. . 11.. = i122a 
7 w= 9 =1..1 1 1.11 = tiefa 
8 w= 3. oS eT! a odds 5=a 
9 w= 6 =.11. . 1.1. = 10a 
10 w= 138 =11.1 1 .111 = T=a 
11 w= 10 =1.1. . 111. = 14a 
12 w= 65 =.1.1 1 1111 = 15a 
13 w= 11 =1.11 1 11.1= 13a 
14 w= 7 = .111 1 1..15 9Q=a 
>> 0 w= 15 =1111 1. ...15 1 =a << period restarts 

1 w= 14 =111. . ..1. 2=a 
2 w= 12 =11.. 1... = 4=a 
3 w= 8 =1.. Lees = 8=a 
4 w= 1 =...1 1 .,11 = 3=a 
5 w= 2 = zl 11. = 6=a 


Figure 39.1-A: Linear feedback shift register using the primitive polynomial C = 2+ + 2+1. 


Multiplication of a binary polynomial A by x modulo a polynomial C is particularly easy as shown near 
the beginning of section on page Simply shift the input to the left (multiplication) and if the 
result A-a has the same degree as C' then subtract (KOR) the polynomial C (modular reduction). 


The underlying mechanism of shifting and conditionally feeding back certain bits is called a linear feedback 
shift register (LFSR). A shift register sequence (SRS) can be obtained by computing A, = x*, k = 
0,1,...,2” — 1 modulo C and setting bit k of the SRS to the least significant bit of A,. In the context 
of LFSRs the polynomial C' is sometimes called the connection polynomial of the shift register. 


When the modulus C is a primitive polynomial (see section on page [808} of degree n then the SRS 
is a sequence of zeros and ones that contains all nonzero words of length n. Further, if a word W is 


[fxtbook draft of 2008-January-19] 


834 Chapter 39: Shift registers 


updated at each step by left shifting and adding the bit of the SRS then this sequence also contains all 
nonzero words. 


This is demonstrated in [FXT: gf2n/lfsr-demo.cc|, which for n = 4 uses the primitive polynomial C = 
x’ +a +1 and gives the output shown in figure Here we pasted the first few lines after the end 
of the actual output to emphasize the periodicity of the sequences. The corresponding SRS of period 15 
is (extra spaces to mark start of period): 


1000100110101i11 100010011010111 10) ass 


In fact any of the bits of the words A; = x* mod C (or linear combination of two or more bits) could be 
used, each producing a cyclically shifted version of the SRS. 


The cheapest way to generate a SRS is to compute the negative powers x~* modulo C, that is, to 
repeatedly divide by x: 


ulong c = a primitive polynomial; 
ulong n = degree of C; 
ulong a = 1; 


for (ulong k=0; k<n; ++k) 


ulong s =a & 1; 
// Use s here. 
if (s) a‘*=c¢; 
a>> 1; 


} 


The routine will work for deg(C) < n where n is the number of bits in a machine word. A version that 
also works for deg(C’) = n is given in section on page 


A C+4 class implementing a LFSR with a few convenient extras is [FXT: class lfsr in |bpol/lfsr.h): 


class lfsr 
// (binary) Linear Feedback Shift Register 


// Produces a shift register sequence (SRS) 

// generated by a_k=x"~k (mod c) where 

// c is a primitive polynomial of degree n. 

// The period of SRS is 2°n - 1 

// (non-primitive c lead to smaller periods) 


{ 
public: 
ulong a_; // internal state (polynomial modulo c) 
ulong w_; // word of the shift_register_sequence (SRS) 
ulong c_; // (mod 2) poly e.g. x74+x+1 == 0x13 == 1..11 
ulong h_; // highest bit in SRS word e.g. (above) == 16 = 1... 
ulong mask_; // mask e.g. (above) == 15 == 1111 
ulong n_; // degree of polynomial e.g. (above) == 4 
public: 
lfsr(ulong n, ulong c=0) 
// n: degree of polynomial c 
// c: polynomial (defaults to minimum weight primitive polynomial) 


[--snip--] 
The crucial computation is implemented as 


ulong next () 


a_ <<= 

w_ <<= 1; 

if ( O!=s ) 
a. “= c_;3 
w l= 1; 


w_ &= mask_; 
return w_; 


} 


Up to the lines that update the word w_ this function is identical to bitpolmod_times_x() given in 
section [38.3] on page [805 


[fxtbook draft of 2008-January-19] 


39.1: Linear feedback shift registers (LF‘SR) 835 


The method next_w() skips to the next word by calling next () n times: 
ulong next_w() 
for (ulong k=0; k<n_; ++k) next(); 
return w_; 
Let a and w a pair of values that correspond to each other. The following two methods directly set one 
of these two while keeping the pair consistent. Setting a to a given value: 


void set_a(ulong a) 


{ 
a_ = a; 
w_ = 0; 
ulong b = 1; 
for (ulong j=0; j<n_; ++j) 
if (a&i1) 
{ 
w_ l= b; 
a “= C_; 
ag 
b <<= 1; 
a >>= 1; 
} 
} 


The loop executes n times where n is the degree of the modulus. Setting w to a given value: 


void set_w(ulong w) 


{ 
W_ = W; 
a_ = 0; 
ulong c = c_; 
while ( w ) 
if (w&1i) a_7=c; 
c <<= 1; 
w >>= 1; 
a_ &= mask_; 
} 


The supplied value must be nonzero for both methods. 


Going back one step is possible via the method prev() 


public: 
ulong prev() 
prev_a(Q); 
set_a(a_); 
return wW_; 
} 
which calls prev_a(): 
private: 
void prev_a() 
{ 
ulong s = a_ & 1; 
a_ >>= 1; 
if (s) 
a_ “= (c_>>1); 
a. l= h_; // so it works for n_ == BITS_PER_LONG 
} 


The method prev_a() leaves the value of w inconsistent with a and therefore cannot be called directly. 
Note that stepping back is more expensive than stepping forward because set_a() is rather expensive. 


It is also possible to go backwards word-wise: 
ulong prev_w() 


for (ulong k=0; k<n_; ++k) prev_a(); 


[fxtbook draft of 2008-January-19] 


836 Chapter 39: Shift registers 


set_a(a_); 
return wW_; 


a 


As this routine involves only one call to set_a() it is about as expensive as stepping one word forward 
using next_w(). 


39.2 Galois and Fibonacci setup 


The type of shift registers considered so far is the so-called Galois setup of a binary shift register. The 
mechanism is to detect whether a one is being shifted out and, if so, subtract the polynomial modulus. 
The left- and right- shift operations can be implemented as 


ulong galois_left(ulong x, ulong c, ulong h) 


ulong s = x & h; 


x <<= 1; 
if ( O!=s ) x *= 6c; 
return x; 

} 

and 


ulong galois_right(ulong x, ulong c, ulong) 


ulong s = (x & 1UL ); 
x >>= 1; 

if (€s) x 7= (c>>1); 
return x; 


Seas Galois ------------- --------- Fibonacci --------- 
k: Le r Rc Rr Le Lr Re Rr 
1: ee aca die Peed. god watasell Sate real ee: | dase ek 
2 ioeulsi a ecitish dhe ets edaced Pere epee Pa ner pe eae 
3: eo de doe cen i AAs 11.14 sta theca ..111 Pe lpi eee wale dgdice 
4: i eee slid ane arore ik 1111 Sh eae 1111 e141. sicce dls 
5: 1..4 ...11 Pas 111. .. 11 111. 1111 od ed 
6: Lett Poel cals ..111 addi. 11.1 ere ei wads, 3 
vee 1111 Pa Lee aad 1.4. 11.14 Po Le 1.11 se LS 
8: ..111 1.114 111. seh ok oy Be Ie de dell code 1.114 
9: 111. ..1.1 ..11t 1.114 ..t.1 Pa Le cdg. sated 
10: ied ad. a lps 1411 eA 15.5 1.114 wot. odd At 14, 
11: ied. ..111 Pap sold ve LL A leet re lee 11.1 
12: 11.4 111. pe ee | ead 1111 oe Lee eed Ps lg 
13: ee .1111 rae Pei eer Atel 4 ead: 1... 1111 
14: Pe i lee 11.1 oll wal ie ipl Liss pares eee ..111 
15: 11.. es peers 1 oad eee a ree ee eedld 
16: Sigs ek etendvecl 1 bua drat io dk 1 1 soa 


Figure 39.2-A: Sequences of words generated with the Galois- and Fibonacci- mechanisms, either with 
the left- or the right- shift (capital letters ‘L’ and ‘R’ on top of columns) and primitive polynomial ‘c’ or 
its reciprocal ‘r’. Each track of any sequence is a shift register sequence. 


Four sequences of binary words that (starting identically and) are generated with either the left- or right- 
shift and a primitive polynomial or its reciprocal (reversed word) are shown in figure [39.2-A] A different 
set of sequences shown in the same figure is obtained via the so-called Fibonacci setup. In the Fibonacci 
setup the sum (modulo 2) of bits determined by the used polynomial is shifted in at each step. 


The left- and right- shift operations can be implemented as 
ulong fibonacci_left(ulong x, ulong c, ulong h) 


x <<= 1; 

ulong s = parity( x & c ); 

if ( O!=s ) x “= 4; 

x &= ~(h<<1); // remove excess bit at high end 
return x; 


[fxtbook draft of 2008-January-19] 


39.3: Generating all revbin pairs 837 


} 
and 


ulong fibonacci_right(ulong x, ulong c, ulong h) 


{ 
ulong s = parity( x &c ); 
x >>= 1; 
if (s) x *=h; 
return x; 
} 


As the parity computation is expensive on most machines (see section}1.15.1/on page[37p the Galois setup 


should usually be preferred. The programs [FXT: gf2n/lfsr-fibonacci-demo.cc| and [FXT: gf2n/lfsr-galois- 


can be used to create the binary patterns shown in figure |39.2-A] With both the polynomial 
modulus can be specified. 


39.3 Generating all revbin pairs 


polynomial: c cr c cr 
1.4111 1411.1 1.4111 1411.1 
k: x xr k: x xr 
1: Dene todd : ores 17: i he eee ...11 
2: 1.111 111.1 18: pe ieee preteen 
3: 111.. ..111 19: wads Ps gs epee 
4: 111 111. 20: eee 5 i ee 
5: ..111 $14 21: 1.11. 11.1 
6: 1 4... eek dl 22: ae Dore iE 11.1. 
te #11. es Lees 23: oe ode 
8: ..t.1 : ies ee 24: .1..14 see lee 
9: 1.41.1 1.1.1 25: bees 11..1 
10: 111.1 1.111 26: 1111. .11114 
i1: os eee 1..11 2? 1111 1111. 
12: 11.11 11.11 28: Feiss sa obser 
13: 11.1. edie dd. 29: ro Be cl, 
14: 11.14 1.11. 30: wok 1s 
15: ieee A oii th 31: stress Pa lean 
16: 11111 11111 32: ere 1.... <--= initial pair 


Figure 39.3-A: All nonzero 5-bit revbin pairs generated by a LFSR. 


Using a primitive polynomial of degree n and its reverse one can generate all nonzero pairs x and 
revbin(x,n) as follows [FXT: |gf2n/lfsr-revbin-demo.cc]: 


inline void revbin_next(ulong &x, ulong c, ulong &xr, ulong cr) 

// if x and xr are (nonzero) n-bit words that are a revbin pair 

// compute the next revbin pair. 

// c must be a primitve polynomial, cr its reverse (the reciprocal polynomial). 


€ 
ulong s = (x & 1UL ); 


x >>= 1; 
xr <<= 1; 
if (s) 
at 
x “= (c>>1); 
xr “= (cr); 
} 


} 
An equivalent technique for computing the revbin permutation (see section on page |85) has been 
proposed in [188]. Figure |39.3-A| shows all nonzero 5-bit revbin pairs generated with the primitive 


polynomial c= x° + 2° + 27 +a +1 and its reverse. 


[fxtbook draft of 2008-January-19] 


838 Chapter 39: Shift registers 


39.4 The number of m-sequences and De Bruijn sequences 


The shift register sequences generated with a polynomial degree n is of maximal length if the polynomial 
is primitive. The corresponding shift register sequences are called m-sequences. 


degree = 2 

e=111.2 aif 

degree = 3 

c=1.11 1.111 

c=11.1 111.1 

degree = 4 

e=1,.11 1..11.1,1111 

c=11:..1 ao hes gy oe ee 

degree = 5 

c=1..1.1: wed Dodd... 12011. ...21,191.1.4 

c=1111.1: weld. .2.,14191.111....0.7,11,1 

c=11.111 ced 1419011. ddd 11 

c=1.1111 w-1.11.1.1,..111,11111..1..11 

c=111.11: selded edad sd. T1111. dt, 114 

c=1.1..1: 1.1.411.11...11111..11.1..1 

degree = 6 

Calica. 3 Gees dewey 1 det. eT dd. odd, 21d 
C=11 Ite enacts ys Ess I es Ut es ers Et es saree penne Geet Oa te Ex Os Lr rs es Emr et Pa Be 
cmt .01. 1d 2 aces 1e110111..0. 4,44 05 Pl cll 1d. 21d 111. dt deeds ed dd 
for ie i 111....1..1...11.11..1.11.1.111.1111..11...1.1.1..111111.1 
c=111.617 ft. aca ue es Rep Us Vemma era rr Oe ere rat 
CHUccsl oe wtes a es ei Es ees Ct Ue Es EO Bt ss Upset Et vers Ct i Sts ere Ex Ree 


Figure 39.4-A: All m-sequences for n = 2, 3, 4, 5, and 6. Dots denote zeros. 


We now consider all sequences that are cyclic shifts of each other as the same sequence. For given n there 


are as many m-sequences as primitive polynomials (P, = y(2" — 1)/n, see section on page |823). 


These can be generated using the linear feedback shift registers described in section on page 


One might suspect that the using the powers of other elements than « might lead to additional m- 
sequences, but this is not the case. Further, the powers of elements of maximal order modulo irreducible 
non-primitive polynomials do not give additional m-sequences. 


gf2n/all-primpoly-srs-demo.cc| computes all m-sequences for a given n. The output 


The program [F XT: 


for n = 2,3,4,5,6 is shown in figure |39.4-A 

n= 4 nn = 16 n=5 nn = 32 

ea is seis (Ge: Or 147900111 2041.12.00, . 2462. <2 
ar eae es es sD 14491..714.. 449.4011. 021. .261 
eek edee died = saveuedes 4¢001 Td wd ded Tatts 2 
ewhddtt chet he es 11141.111..41.4.1..4...1.141 
er OU ss re 40001 111.01 tad leet 
Pr eps st Ee Rr 14997.111..49.1..0.401912..1 
ted dsdewdes tht = © gsseas 1t091..114.200 1 de dhl 
2 -14..4.1111.1 [--snip-—] 
eobivdtdtedeedt - saucers 1...14..4.1.11.111.1..11411 
Bi el es die hdd 14111, tt 
eededde Dee lETt  § “Sivtaces diewcldoadelt1.1..211 001011 
gil cbdowdddtede - — Sisngiacs 1...44..4.1..11111.411.1.411 
todedee D1 t 2 teen 1...14..4.1..11111.1.11.4111 
eelistecDD sett ees 1...441..4.1..141.11.1.11411 

woes ded det Sieg bee ae Ds epee as Ire Ds Dp lpr Des Br Le 

ose wed. 1, Tit total # of DBS found = 2048 

total # of DBS found = 16 


Figure 39.4-B: All De Bruijn sequences for n = 4 (left), the first and last sequence correspond to the 
two m-sequences for n = 4. The first and last few De Bruijn sequences for n = 5 (right). 


When a zero is inserted to the (unique) run of n — 1 zeros in an m-sequence then a De Bruijn sequence 
(DBS) is obtained. A DBS contains all binary words including the all-zero word. 


[fxtbook draft of 2008-January-19] 


39.5: Auto correlation of m-sequences 839 


For all n > 4 given there exist more DBSs than m-sequences. For example, for n = 6 there are 6 m- 
sequences and 67,108,864 DBSs. An exhaustive search for all DBSs of given length L = 2” is possible 


only for tiny n. The program [FXT: |bits/all-dbs-demo.cc) finds all DBSs for n = 3,4,5. Its output with 
39.4-B 


n= 4 and n=5 (partly) is shown in figure 


n: Lin = 2” cr=2' 7 Sn = 2” 
1: 2 0 1 
2: 4 0 1 
3: 8 1 2 
4: 16 4 16 
5: 32 11 2,048 
6: 64 26 67,108,864 
ve 128 57 144,115,188,075,855,872 
8: 256 120 1,329,227,995,784,915,872,903,807,060,280,344,576 


Figure 39.4-C: The number S,, of DBSs of length L,,. 


The total number of DBSs equals 
S, = 2° where e=2"1_-n (39.4-1) 


The two DBSs for n = 8are [...111.1] and [...1.111]=[1.111...], reversed sequences are considered 
different by the formula. The first few values of S,, are shown in figure|39.4-C| One has $,41 = 9? Dn—-1, 
equivalently tj41 = 2%, +n-—1. 


The general formula for the number of length-n base-m DBSs is S;, = ml" /m®, as given in [157]. A 
graph theoretical proof of the formula for the case m = 2 can be found in [170] p.56]. For a more efficient 
approach to generate all DBSs of given length see section|19.2.2]on page [359] 


We note that there are several ways to generalize the idea of the De Bruijn cycles to universal cycles as 
described in [78]. 


39.5 Auto correlation of m-sequences 


1:0 [ t-++--t+-4+----+4++ J C= +415 -41 -1 -1 -1 -1 -1 -1 -1 -1 -1 -1 -1 -1 -1 
25 | tetteoaat—to-tt++: | = 415 <4. <1 <1, <4 43 <5041 <1 =5 430-1 1 <1 1 
S330 [. tetstte staat] S-#150e4. db efosd- S143 6.6043 41 <1 ad si at 
4: [ +-+-+4+----+--+++ ] = +15 -1 -1 -1 -1 +3 -1 -5 -5 -1 +3 -1 -1 -1 -1 
5: [ +-+--++----+-+++ ] = +15 -1 -1--1 -1 -6 +3 -1 -1 43-5 -1-1--1 -1 
62 | ete] = +15 -1 -1 -1 -9 -1 +3 +3 +3 +3 -1 -9 -1 -1 -1 
7:0 [ te+----t+--+-4+4+4 ] = 15 491 Sted $6 tS Stoel 43-61 at ot a 
8: [ +-+----+-+4+--+++ ] S15 2 1-1 = =1-5 43° 43.-5 -Det <1 Si 4 
9: [ +--+4+-+----+-+++ ] = +15 -1 -1 -1 -1 -1 -5 +3 +3 -5 -1 -1 -1 -1 -1 
10: [ +--+-++-+----+++ ] = +15 -1 -1 -1 -9 +3 -1 +3 +3 -1 +3 -9 -1 -1 -1 
14:0 [ +--+-+----++-+++ ] = +15 -1 -1 -1 -1 +3 -5 -1 -1 -5 +3 -1 -1 -1 -1 
12:0) testescottot=t++ J = #15 64. =f =fest 43 =1 <6: 55 = 43. =1-=1 <1 =1 
13:0 [ +----++-+--+-+++ ] = +15 -1 -1 -1 -9 -1 +3 +3 +3 +3 -1 -9 -1 -1 -1 
14: [ +----+-4++-4+--+++ ] = +15 -1 -1 -1 -9 +3 -1 +3 +3 -1 +3 -9 -1 -1 -1 
15: [ +----+-+--++-+++ ] = +15 -P ett <td tet t et Ht st Hi <1 -f -1 
16: [| +----t--t++-4+-+4++ J] C= +15 -1 -1 -1 -1 -1 +3 -5 -5 +3 -1 -1 -1 -1 -1 


Figure 39.5-A: Cyclic auto correlations for all truncated (signed) De Bruijn sequences for n = 4. Only 
two (the first and the second last) out of the 16 sequences are m-sequences. 


We have seen that a De Bruijn sequence (DBS) can be obtained from an m-sequence by inserting a single 
zero at the longest run of zeros. In the other direction, if we take a DBS and delete a zero from the 
longest run of zeros then we obtain a sequence of length N = 2” — 1 that contains every n-bit nonzero 
word. But these sequences are not m-sequences in general: most of them can not be obtained with an 
n-bit LFSR and miss an important property of m-sequences. 


[fxtbook draft of 2008-January-19] 


840 Chapter 39: Shift registers 
For a sequence M of N — 1 zeros and ones M;, define the sequence S' of elements S; via 


(39.5-1) 


sg = ft if Meal 
eo —1 else 


Then, if M is an length-Z m-sequence, we have for the cyclic auto correlation (or auto correlation function, 
ACF) of $ 


SS L if 7r=0 
C, = S- Sk Sktr mod L = { 1 else — (39.5-2) 
k=0 


where L = N —1 and N = 2”. That is, Co equals the length of the sequence, all other entries are of 
minimal absolute value: they cannot be zero because L is odd. 


This property does not hold for most of the ‘truncated’ DBS (where one zero in the single run of n 
consecutive zeros is removed). Figure [39.5-A] shows all (signed) truncated DBS for n = 4 and their auto 
correlations. Only 2 out of the 16 truncated DBS have an auto correlation satisfying relation 
these are exactly the m-sequences for n = 4. 


For odd primes q one can obtain sequences of length L = q whose ACF satisfies 


L-1 

DL-1 if =0 
S- Sk Shar modL = { -| ae ’ (39.5-3) 
k=0 


However, the sequences start with a single zero: set Sg = 0 and for 1 <k <q set S, = 1 if k is s square 
modulo q, else S; = —1. The first three such sequences for primes of the form 4/4 +1 and their ACFs 
are: 


5: S: [0, +1, -1, -1, +1] 
Cc: (4, -1, -1, -1, -1] 

Iss S: [ 0, +1, -1, +1, +1, -1, -1, -1, -1, +1, +1, -1, +1] 
C: (12, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1] 

17: S: [— 0, +1, +1, -1, +1, -1, -1, -1, +1, +1, -1, -1, -1, +1, -1, +1, +1] 
C: (16, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1] 


With primes of the form g = 44+3 one can construct a sequence of length L = q satisfying relation|39.5-2 


by simply setting Sp = 1 (59 = —1 also works) in the sequence just constructed. The sequences for the 
first three primes q = 4k +3 and their ACFs are: 
3: S: [+1, +1, -1] 
Gz £3,415. 41] 
7: S: [+1, +1, +1, -1, +1, -1, -1] 
Gn LD %scahy ay. Hele Ht, <1, 1 
11: S: [4+1, +1, -1, +1, +1, +1, -1, -1, -1, +1, -1] 
Ci [44 ,2y <4, =1,. =1,-=<1y =1,. <b, <1; -1,. =1] 


These sequences can be used for the construction of Hadamard matrices, see section [I8]on page 


39.6 Feedback carry shift register (FCSR) 


There is a nice analogue of the LFSR in the modulo world, the feedback carry shift register (FCSR). With 
the LFSR we needed an irreducible (‘prime’) polynomial C where x has maximal order. The powers of x 
modulo C did run through all different (nonzero) words. Now take a prime c where 2 has maximal order 
(that is, 2 is primitive root modulo c, see section [37.4] on page [739). Then the powers of 2 modulo c run 
through all nonzero values less than c. 


The implementation is [FXT: class fcsr in bpol/fesr.h): 


[fxtbook draft of 2008-January-19] 


39.6: Feedback carry shift register (FCSR) 


841 


c=1..1.1 = 37 

QO: Fad 1= 1 w= .1..11 = 
1: a= 1. = 2 w= 1..11. = 
2: a= 1 = 4 w= ..11.. = 
3: a= 1 = 8 w= .11. = 
4: a= .1 = 16 w= 11.. = 
5. am ds ce. = 32 we dvese. = 
6: a= .11.11 = 27 WE o3 ees 1 = 
Ts a= ti..1 = 17 w= ....11 = 
8: a= 1i...1. = 34 w= ...11. = 
9: a= .11111 = 31 w= ..11.1 = 
10: = .11..1 = 25 = .11.11 = 
11: = ..41.1 = 13 = 11.111 = 
12 : = .11.1. = 26 = 1.411. = 
13: = ..4111 = 15 = .141.1 = 
14 : a= .1111. = 30 w= 111.1. = 
1503 a= .1.111 = 23 w= 11.1.1 = 
16: a= ..1..1 = 9 w= 1.1.11 = 
17: a= .1..1. = 18 w= .1.11. = 
18: a= i..1.. = 36 w= 1.11.. = 
19 : a= 1...41 = 35 w= .11..1 = 
20 : a= 1....1 = 33 w= 11..11 = 
21: a= .111.1 = 29 w= 1..111 = 
22: a= .1.1.1 = 21 w= ..1111 = 
23: a= ...1.1 = 5 w= .11111 = 
24: a= ..1.1. = 10 w= 11111. = 
25: a= 1.1... = 20 w= 1111.. = 
26 : a= ....41 = 3 w= 111..1 = 
27 : a= ...11. = 6 w= 11..1. = 
28 : = ..11.. = 12 =di..1..= 
29 : Salle en's 24 = 9d. eS 
30 : = ..1.11 = 11 = ead = 
oh les, a= .1.11. = 22 w= 1...1. = 
32: a= .111 = 7 w= ...1.1 = 
33 a= 111. = 14 WH tect lt. CS 
34 : a= .111.. = 28 w= .1.1.. = 
35 : a= .1..41 = 19 w= 1.1..1 = 
36 : : Fae 1= 1 w= .1..11 = 
37 : a= 1. = 2 w= 1..11. = 
38 : a= 1 = 4 w= ..11.. = 


19 <-- period restarts 


Figure 39.6-A: Successive states of a FCSR with modulus c = 37. 


class fcsr 


public: 
ulong a_; // internal state (a_0*2**k modulo c), 1<=a<c 
ulong w_; // word of the SRS, 1 <= w <= mask 
ulong c_; // a prime with primitive root 2, e.g. 37 = 1..1.1 
ulong mask_; // mask e.g. (with above) mask == 63 == 111111 


public: 
fcsr(ulong c) 


CufSes 
const ulong h = highest_bit(c_); 
mask_ = (h | (h-1) ); 
set_a(1); 

} 


“fesr() {; } 
ulong next () 
a_ <<= 1; // a *= 2 
if (a_>c_) a_-=c_; // reduce mod c 


// update w: 
w_ <<= 1; 


return wW_; 


} 
[--snip--] 


void set_a(ulong a) 


{ 


[fxtbook draft of 2008-January-19] 


842 Chapter 39: Shift registers 


w_. = 0; 
ulong t = c_; 
while ( (t>>=1) ) 
if ( O==(a & 1) ) a >>=1; 
else 
a= (a &c_) + ((a * c_) >> 1); 
} 
} 
a_ =a; 
next_w(); 


} 


ulong get_a() 
ulong get_w() 


const { return a_; } 
const { return w_; } 


}; 


The routine is corresponds to the so-called Galois setup, described (for the LFSR) in section [39.2] on 
page[836| see also [122]. Figure shows the successive states of a FCSR with modulus c = 37. This 
is the output of [FXT: gf2n/fcsr-demo.cc]. Note that w does not run through all values smaller than c 
but through a subset of c — 1 distinct values smaller than 2°. 


X: p prime with 2 a primitive root, 2**x < p < 2**(x+1) 

1: 3 

2: 5 

3: 11 13 

4: 19 29 

5: 37 53 59 61 

6: 67 83 101 107 

7: 131 139 149 163 173 179 181 197 211 227 

8: 269 293 317 347 349 373 379 389 419 421 443 461 467 491 509 

9: 523 541 547 557 563 587 613 619 653 659 661 677 701 709 757 
773 787 797 821 827 829 853 859 877 883 907 941 947 1019 

10: 1061 1091 1109 1117 1123 1171 1187 1213 1229 1237 1259 1277 
1283 1291 1301 1307 1373 1381 1427 1451 1453 1483 1493 1499 
1523 1531 1549 1571 1619 1621 1637 1667 1669 1693 1733 1741 
1747 1787 1861 1867 1877 1901 1907 1931 1949 1973 1979 1987 
1997 2027 2029 


Figure 39.6-B: List of primes p < 2048 where 2 is s primitive root. 


A list of all primes less than 2048 for which 2 is a primitive root is shown in figure |39.6-B| The shown 


sequence is entry A001122) of [214]. For further information on the correspondence between LFSR and 
FCSR see [152]. 


39.7 Linear hybrid cellular automata (LHCA) 


Linear hybrid cellular automata (LHCA) are 1-dimensional cellular automata (with 0 and 1 the only 
possible states) where two different rules are applied dependent of the position (therefore the ‘hybrid’ in 


the name). An implementation in C is [FXT: lhca_next() in bpol/lhca.h': 


inline ulong lhca_next(ulong x, ulong r, ulong m) 

// LHCA := (1-dim) Linear Hybrid Cellular Automaton. 
// Return next state (after x) of the LHCA with 

// rule (defined by) r: 


// Rule 150 is applied for cells where r is one, rule 90 else. 


// Rule 150 := next(x) = x + leftbit(x) + rightbit(x) 
// Rule 90 := next(x) = leftbit(x) + rightbit (x) 
// Length defined by m: 
//  m has to be a burst of the n lowest bits (n: length of automaton) 
r & x; 
ulong t = (x>>1) ~ (x<<1); 
t “=17; 
t & m; 


return t; 


[fxtbook draft of 2008-January-19] 


39.7: Linear hybrid cellular automata (LHCA) 843 


Note that the routine is branch free. Implementation in hardware is trivial as only neighboring bits 
interact. 


The naming convention for the rules is as follows: draw a table of the eight possible states of a cell 
together with its neighbors then draw the new states below: 


XXX XXO XOX xXOO OXX OXO OOX 000 
0 X 0 X X 0 X 0 
Now read the lower row as a binary number, the result equals 010110102 = 90, so this is rule 90. Rule 150 
corresponds to 100101102 = 150: 
XXX XXO XOX xXOO OXX OXO OOX 000 
Xx 0 0 Xx 0 Xx Xx 0 


rule rule = 1 rule = 1111. 
1 1 Rreree o 1 Pans 8 
2 2 5 ade 2 fray theg 
3 3 sp Medics 3 ce kd 
4 4 1111 4 1.11 
5 5 : 5 11,,1 
6 6 1Ti1.. 6 igh ds 
7 7 1.411. 7 Pe I 
8 8 . 111 8 1111, 
9 9 211.-; 9 11.1 
10 10 1111, 10 re Seas 
11 11 1,,11 11 11 ...: 
12 12 ,111, 12 a ee 
13 13 11.11 13 111. 
14 14 11.1, 14 1.4.1 
15 15 11..1 15 1.1.5: 
16 16 11111 16 1.11, 
17 17 ee 17 1534 
18 18 i ee 18 11.1, 
19 19 1.1... 19 eee ie | 
20 20 ao 20 a ee I 
21 21 aglel 21 ,11.-; 
22 22 ede ed 22 115 
23 23 1.111 23 11111 
24 24 ee ee 24 1111 
25 25 Pe 25 1.111 
26 26 ee 26 1.,11 
27 27 eho LL 20 111.1 
28 28 1531. 28 i eee 
29 38 e411 29 111,. 
30 3 111.1 30 Pe es 
31 31 ye ae 31 11.11 
32 
33 

65531 

65532 

65533 

65534 

65535 


Figure 39.7-A: Partial run of a 16-bit LHCA (left) and complete runs of two 5-bit LHCAs (middle and 
right). These LHCAs have maximal periods. 


A run of successive values for the length-16 weight-2 rule vector r = 4001lig¢ starting with 1 is shown on 
the left side of aay tes For certain rule vectors r all m = 2” — 1 nonzero values occur, the period 
is maximal. This is demonstrated in [FXT: gf2n/lhca-demo.cc,, which for n = 5 and rule r = 1 gives 
the output shown in the middle of figure Rule vectors with minimal weight that lead to maximal 
period are given in [72]. The list [FXT: minweight_lhca_rule() in [opel Incarulemaiemreien ec is taken 
from that source: 

#define Ri(n,s1) (AUL<<s1) 

#define R2(n,si,s2) (1UL<<si) | (1UL<<s2) 


extern const ulong minweight_lhca_rule[]= 
// LHCA rules of minimum weight that lead to maximal period. 


{ 
0, // Cempty) 

Ri€¢ 1, 0), 
Ri€¢ 2, 0), 
Ri¢ 3, 0), 
R2( 4, 0, 2), 
Ri€¢ 5, 0), 
Ri€ 6, 0), 
Ri€ 7, 2), 
R2( 8, 1, 2), 
Ri¢ 9, 0), 
R2( 10, 1, 6), 
Ri( i1, 0), 


R2( 12, 2, 6), 


[fxtbook draft of 2008-January-19] 


844 Chapter 39: Shift registers 


Ri( 13, 4), 
[--snip--] 
3; 


Up to n = 500 there is always a rule with weight at most 2 that leads to the maximal period. The full 


list of these rules is given in [FXT: data/minweight-lhca-rules.txt). 


39.7.1 Conversion to binary polynomials 


To convert a length-n LHCA to a binary polynomial proceed as follows: initialize p_; := 0, po := 1 and 
iterate fork = 1, 2,..., n: 


Peo t= (© +7rK-1) Pe—-1 + Pr—2 (39.7-1) 


where r; denotes bit i of rule r. The degree of the returned polynomial p, is n. An implementation of 
the algorithm is [FXT: lhca2poly() in bpol/lhca.h): 


inline ulong lhca2poly(ulong r, ulong n) 

// Return binary polynomial p that corresponds 
// to the length-n LHCA rule r. 

// p has degree n. 


{ 

ulong p2=0, pi = 1; 
mile ( n-- ) 

ulong m=r & 1; 

r >>= 1; 

ulong p = (pi<<1) ~*~ p2; 

if (m) p= pl; 

p2=pi; pl =p; 
return pi; 

} 
LHCA rule polynomial 

1: TE hd sdects igi inte Ate da eat don Aa eed SHEE Oe cits de parva fe sed in tance eet oa aan eine se 11 r= [0] 
2: Eases bia es faucadetin oe i ae mt estan aiear cs dee le Ryle a Wh ACS para Relat Lesahies atin Sdizascaicacts 3. evish <2 oe feyieot Raed dave 111 r= [0] 
3: TS ns cd) Ba eet a le ara athnd andalaet absense 5 o_O Yor ee 11.1 r= [0] 
4: TES pe sede dd cae borage oscar Sev eoavd een Ped CS e h coeged mapa d- Peawaitersnieesog aed eyanue alee 1..11 r= [0, 2] 
5: Bele Wade ked ice serene sb ace ee aa W. CS d bard earecedd bes Faden dead ik 11.111 r= [0] 
6: Boas ole Atyrie attend had aca ead face dl AGS knee A eareae oe haan. ges aia 111..11 r= [0] 
7: oie esd savin ienltcsns dos) Soreness acca Seis dk Ye Paes Wess, (OS ie inte ecxceace al Aetna anced 8 asl & Oe aes : hs ee 1 r= [2] 
8: TS On sad dee heen, bisa deahites She ante anigortuss Ol ; Fel A cP a Pe 1...1411.1 r= [1, 2] 
9: ES a ieacsui hb iaule testtoaa, Bob dosetdneg teed Avent averaeeh aos cL ok eae a a een ROP ae eye 11.111..11 r= [0] 
10: BS leccdotd eave badd arent andnan dr eve dare ara dedeel. CS kicudscv-acertdaeeatee Gases 1...411.1111 r= [1, 6] 
11: Do ena wa aes srs B toe Seater an a ood Jenga etait: 5 ER Cee ee mee 11.1...111.1 r= [0] 
12: oe eae ee Desig Discs. CS iiete scare Sodus. entenantee-eoncees Voorieussiczct 11111.1 r= [2, 6] 
13: Tears MAL Scab Dats archon alg eer kk sti: ea Wiercen O Satine sedan, aig Clete wk Seams ni ere fel ear 111 r= [4] 
14: Pe yeu diauin Sioa asa ceatereus ies deen sed moire eee Peas et Dy) CHa Soetideh eeius. eevee rte cess zis Reopens 11 r= [0] 
15: TE aeieeiacsdh 8 jaune wienitinns dou) Soratianw atch ants Ae AYE fais Wee SCS alate wehie dea eee is eee Wiis de sed R= [2 
16: Do sid aes cata aneeda de ies ah seengag etee wees 5 ER See a ee ere ee spares Beit ys Sea 111 r= [0, 14] 
17: EA sesh ease ave de ecdveuerianece Guarded Deas “CBinakia oakckvaets W1w.dd.dtwt... it r= [4] 
18: Ble ccdot dae aod ered Visieee db aarti: Ve CB Sis te aci-aceodeaeuns Le.lwcdvieds. cc. 1.1 r= [0, 16] 
19: Ti os cartd aaa ars Bae Tacatse ta town a aed So aaa tee Pca, KOE ons. 84 i tenseiate Ts 03 114.4....11.1 r= [2] 
20: ish Sod Magee ew bt erate ane exee ora andrei 1 i om oe Lev ld nes es 1...4...1 r= [1, 2] 
21: Pe food, Hedcato and, odo aktlaus edertee kak chop Lic oscatara Ad SCS eAts ase ede csla 1.11..4....1..4.41.1111 r= [0, 9] 
22: Do Nat cd, Reale eels Bsa te, seeaie BO a eed ow Sahel Dccit , $CS erections 6 64 tect 1111..44...1.11.1111.11 r= [4] 
23: hates Sade eceete dita seat has eaten a woe aaee estan sacs LCS siiidtickcese-s oi ee ee eee 111.4...1 r= [0] 
24: We ae oy tis eevee wote nee: Rieder dus zara aemereeran are rare i ener 1.1...4.1..111411..1 r= [7, 11] 
25: Bleed Gada d See aodedn dan eee -daee Das dseiseieriisens CS nsiekies ps Des ee I Eee 111..11 r= [8] 
26: A iis e eee ec alee es ge lane Ste ene wee 5 eee VTL eV ET AT sce seis eons 11.111 r= [0] 
27: nse alan ere. 85s SD aesdraat iter te Sand potrated ahs ans 1 ocH....1.144..1..1144....11.1..111.1 r= [0, 19] 
28: OA Sees tasacenacte weld: oevie ecaece eg wee. deere ae Rm PO ts Gt es ee UE bs 1.1.1111 r= [2] 
29: Me Se seh dhca heen anata aud ib tates wind Sail ang cae eet A> seen PDT de ges TD oi ddd Ye ecteninin i. 3 111 r= [0] 
30: Bie ddd ieee eee eee Gagne esha ve Sedans 1 cB2115 211 eae VD sc dotee coud eoare cased 11 r= [0] 
31: a pies do diye ane thara tastual avai cack A ceraia apencake ts CSU A. ohy rtcvialaeiae ot ae eele lant fost... r= [10] 


Figure 39.7-B: Minimum-weight LHCA rules and the corresponding binary polynomials. 


[fxtbook draft of 2008-January-19] 


39.7: Linear hybrid cellular automata (LHCA) 845 


The first minimum-weight LHCA rules and their binary polynomials are shown in figure |39.7-B| The 


table was created by the program [FXT: gf2n/lhca2poly-demo.cc). 


For rules of maximal period the polynomials are primitive. In fact there is an isomorphism between the 
cycle structure of the successive states of an LHCA and its corresponding shift register. 


An LHCA rule and its reverse give the identical polynomial. 


The polynomials corresponding to a LHCA rule and its complement are either both reducible or ir- 
reducible: if p(x) corresponds to the LHCA rule r then p(x + 1) corresponds to the rule that is the 
complement of r. 


LHCA rule polynomial 
alive 1 Sea ee eR ee ae rc ee ae er rere” 1. “CSc hoe liateeee betiacuadaeane ne 11 r= [0] 
2: DE ease tba Da aed ee eee Halden 1. CS gcd a cine tievn ee eda ee secd ewe 111 r= [0] 
3: Bee honak audyiay heh de actdee Rd cece ae dna Je Ao CS pans he tand hacen nae as oe 11.1 r= [0] 
4: CH 56 oo 28 whe oe ee eS wee eee eee 1.1 Hoe eine 54 ste alee ws ne Peels 1..11 r= [0, 2] 
5: ey bee hs eee wee ee ee eee ewes 1 a ee ee re ee a 11.111 r= [0] 
6: Sra abc ae ates ek aon alee kd cans a weet 1. GCS ea dinw se Pin teewiews dead oer 111..11 r= [0] 
Tt: OE sessacdedotad end Dane deeb we ae eee ieee Sepik Dand ate botedh Bb eee ed Pts eceas 1 r= [2] 
8: Sere Sisbecad Suttkneseeack ne evacies ebeded Posen eases cE SP o_o 1...111.1 r= [1, 2] 
9: Os it eee eres MR ee Oe Oee 1 Fd lacy yartreng ig ae aman e 11.111..11 r= [0] 
10% Dees oe ee 8.5: oe Ges eee se ee oe ee UOT CFs ode ee andcew as dees a 1.111111.11 r= [0, 1, 2, 3] 
il: Poh 6 6S AEE EER SEEN E EEG eee eee ee ae eee ee 11.1...111.1 r= [0] 
12% Ce 52a ee ee wees ood sea eae ee teih. CH sews d winless tioetelsxa3% 1 r= [i, 2, 4] 
13: Fi 6555 5S SSE RES EO SERRE deed CPi 546005450654 oS e% 1.11..1.1111.1 r= [0, 3] 
14: pe eee ae ee ee eee eee err eee ee ee ee ee eee TAD pe tds ween 11 r= [0] 
15: Pe sae dig eliaaces wat aoe een damaias esta dod ea Wiese, CS vire. salen alte dee dhe alates) ays Wace aes 1 edd. r= [2] 
16: Bey byes 8 aes 64 FE6 PASSE ESKER Pedscd Eu decks shy bueess 11.1..1111..1.111 r= [0, 2, 4] 
ifs Tob bbe 0b eee d de dees eed ee Gs “CF. iSieas tele aw x Sra eb is ems ba rea 11 r= [0, 1] 
18% TH 5 be eek ek ae ae eS ELOS SRS Leth, CH wskwowuweniu Headed tict..d.d r= Fl, 2,. 4] 
19: Bi AG hE ESSERE ESE EERE RES dew CPissesveea sans bee ee 141.1....11.1 r= [2] 
20: 5 ee ee ee eee ee eee ee 11 “CPideeeeae ees dis wet Deas oe 1...1...1 r= [1, 2] 
21: Fn KORA 4S EEE RES 1th CR eeieuens< 1111.11.1111.1..1.11.1 r= [1, 4, 5] 
22: be a are ae ee a eae ee eee Ved) CFB nksacwens 11.1.111..11.11.11.1.11 r= [0, 1, 3] 
23° Ce 6 wb edad ae ee ee eS eee ewes je ee Vie Weed oi eee 111.1...1 r= [0] 
24: ae ee ee ee ee ee ee eee L.1he  CHy2cen cs 1.1..4.41....11....1..1..1 r= [1, 2, 3, 5] 
25: Bi G4 605 FREES KEE ES EOS RR ORES ye ore 141....1.1...1.11.1....1.1 r= (0, 1, 3] 
26: pS ee ae ee a ee ee 1 Cel cawe Ds ares Or Ice I ane 11.111 r= [0] 
27: pe a en ee ee ee ee eee 111.3 CFecccdd dy dsl le ccsas 1.1111 r= [2, 3, 4] 
23° Bes eA eee ea eee hee ees des Se AAMT 1d cds 1.1.11411 r= [2] 
29: Us bb awie dee ee eke aes ee eae ae i =..11.111..... Th eek eemeeb a 111 r= [0] 
30: Bey bk SOS Sew O48 CEE ONO EOE je = le ee eer ee ye es ree 11 r= [0] 
31: CE ss ose e hess Pie WEES eS isd, eHRALllilisie... cs by renee 1....4.11 r= [1, 3, 4) 


Figure 39.7-C: Low-bit LHCA rules and the corresponding binary polynomials. 


Figure |39.7-C] shows a list of LHCA rules where the highest bit lies in the lowest possible position. 


The list can be produced with [FXT: gf2n/lowbit-lhca-demo.cc|. For software implementation of LHCA 


that need more than one machine word low-bit rules are advantageous. A table of low-bit LHCA rules 


corresponding to primitive polynomials up to n = 400 is given in [FXT: \data/lowbit-lhca-rules.txt|. The 


maximal value of a rule that occurs is r = 1293 for n = 380 so the table can be stored compactly. 


Figure |39.7-D] shows a list of LHCA rules that have minimal weight and the highest bit in the lowest 


possible position. The list can be produced with [FXT: gf2n/minweight-lowbit-lhca-demo.cc). 


39.7.2 Conversion of irreducible binary polynomials to LHCAs 


The LHCA corresponding to an irreducible binary polynomial p(a) proceeds in two steps. Firstly, the 
quadratic equation (over GF(2”)) 


Z? + (2? +2)p'(2)Z+1 = 0 mod p(z) (39.7-2) 


must be solved for Z. The algorithm is given in section on page the implementation is given in 


[FXT: bpol/bitpolmod-solvequadratic.cc|.. The second step is a GCD computation. Set Z,-1 := p and 


[fxtbook draft of 2008-January-19] 


846 Chapter 39: Shift registers 


LHCA rule polynomial 

1: TO aise sh le ge eles Meme ths d audgniane acetate eae sees POS he hie onde dav aeldiae wig heehee dee coments 11 r= [0] 

2: TS es ahead da eunieoks De. e Ena A atin andrangadia Sets 1, 2CSs deci dau bat ee ws oa daabiwansa 111 r= [0] 

3: TO cpoachec dads dsaiseied aed asso Siskstda andy eeace eetaaitente V) SCS Ye cdcdce se Sasare a Gates eae aoa 11.1 r= [0] 

4: TE sicscprisslan gig, & cabs seiee aed, Bi ojos cesar rave ete WA! tals cceeksiee-sasena: Qacsee arecachavied Sia 1..11 r= [0, 2] 
5: PS tg Meads dyodisin ce tecestu & sSUE ca deat dothae Bars de! “CSE 8 hada dek a Ruck eee bee ees 11.111 r= [0] 

6: sa beh scence: wicnn deandidaacaee aches ia, Oye garte Be COS hie ace conden thea Sdrwanedta aie Bere 111..11 r= [0] 

ie ES as ahaa) deat ves Oi Shae eae S ardea era tee Si cacinssceceedens ooeeeas AAS aac 1 r= [2] 

8: Ee eens dosed a erae bow aeenee uldiargerereiecerarenews 11. ed cgidb drape ceca soe elena snare auacee els 1...411.1 r= [1, 2] 
9: eg aside eb ita or ee eatd ord 1 SCH oeaid Ginette adaten 11.111..11 r= [0] 
10: es Sasso acsduce ib Sie chess anes santero beasts Dicceey teat . OS taa ve Sr iece sb actuts rents debe Sane 1...11.1111 r= [1, 6] 
11: Ee pees Sneed aise erecta ce ere teins la Maaecarce ace ae ee anteicd Lo SCP edict tei esas 11.14...111.1 r= [0] 
12: Ps arisen ails decanteislgh-seiesenge Goecene deere Dtbe Wad. > SOA als -ectecsise ican: Riecaeeteecess Desa 11111.1 r= [2, 6] 
13% es Sada isa, Sin Sid eeda etteena de acevo seaa aca eese deed SOS idle Sie kdes tee ai Gacacesees Veg VA i cet 111 r= [4] 
14: sg ioogtends eacee ae ao Selene oSs Se eis DCH ew iicaie wniarehe elie aloes x bs Pee: eee 11 r= [0] 
15: SS ng a ded dates oy sis SARE aD AB aden nee tes CBidecusescranaies 7 rearere 1...4...1 r= [2] 
16: Ee i popes decd aed ae boa erate Gaara eee Lilie: SCP esSehudtscbarce ends ates Wo eon stceecane-g 111111 r= (4, 6] 
17: Da er ee Vicia SCA ad eity-acarese ead 11..44..11.1....11 r= [4] 
18: ea ee be desde vbseneiarse ane aud erence ce was Ds dl CHa. 2. ate en ates 1...411.11.1111111.1 r= [1, 5] 
19: Ee esse Sod alee clara ere das aeienes eee" ace ack e's i ee Finda gileldtaclrenaenace i ik aera 111.4....11.1 r= [2] 
20: Ys osislen ails, drtanie delgh aie sende Qutcace sedans sarees Rats Bs CHa ls eacasig ates baer el be earners 1...4...1 r= [1, 2] 
21: Ee ie sesded send digo aoe dosed aang ee aes TD eceisive i Cee guia kes-ece-3 Lede dd iteses 1.1.1...1 r= [5, 6] 
22: be eee Tiieea COCR Sdcetecieans 1111..441...1.14.1111.11 r= [4] 
23: esas Sede auld daria cela canes end. Bie oets fesse Rue eek Le CHhiccees VE deg We auans tiene 111.1...1 r= [0] 
24: ie sb jaca oasaectes whdve ecole aes 5 ene Geaeere ee Fad ease ack 1 rarer Ped. ec tet..11111..1 r= [7, 11] 
25: Ba sicek ec alaun seid desneissauenaesuee eas Peenda dg atis CHa eckne se Es [eres bt Ren pee eee 111..11 r= [8] 
26: TE nsisen tnd hehe er bela. cde. erases Beane Shs vou ee ops 5 ee ofr ees 111, cd TIT onic seins 11.111 r= [0] 
27: Ee goad dec edges Seow are aeaaer arene aes Leelecd (CBr eciilvdiscecac Lede TTA sss 1.1 r= [8, 6] 
28: Beeld dita tte teste Ae! Sate ated Te. CS 5. cE TTI Ltd og is 1.1.11411 r= [2] 
29: Ee yes sessedi thd aiigie edna ed Baad See are dda 1 .cHe2Td 111... il Os Eee eee oe 111 r= [0] 
30: PA gion e sie wee ace dae eee e ee aoe: we 1 c= .111 201 T ie Tlie scecive evasive aad 11 r= [0] 
31: Pees Did da wee he eae oee Bs pox gatas CH11 i saa sree eee scecans 1...4...1 r= [10] 
Figure 39.7-D: Minimum-weight low-bit LHCA rules and the corresponding binary polynomials. 


Zn—2 := Z, successively compute Zn—3, Zn—4, ---, Zo So that 


Zn-1 = (x a ro) Zn—2 + Zn-—3 (39.7-3a) 
Zn—2 = (x Tr r1) Zn-3 + Zn-—4 (39.7-3b) 
Z2 = (x + Tn—3) Zi +1 (39.7-3c) 
Zi = (x “ Tn—2) Zo +1 (39.7-3d) 
Zo = (@4+7rn_1)14+0 (39.7-3e) 


Each step consists of a computation of polynomial quotient and remainder (see section on page|793). 


The vector [fn—1, Tn—2,---, To] then gives the LHCA rule. The implementation is given [FXT: 
bpol/bitpol2lhca.cc): 


ulong 

poly2lhca(ulong p) 

// Return LHCA rule corresponding to the binary polynomial P. 
v Must have: P irreducible. 


ulong dp = bitpol_deriv(p) ; 

const ulong h = bitpol_h(p); 

ulong b = dp; 

b “= bitpolmod_times_x(b, p, h); // p’ * (x+1) 
b = bitpolmod_times_x(b, p, h); // p’ * (x72+tx) 


ulong r0, ri; // solutions of 1 + (p’*(x*xtx))*z + z*z == 0 modulo p 
bool q = bitpolmod_solve_quadratic(1, b, 1, r0, ri, p); 

if ( 0==q ) return 0; 

// GCD steps: 

ulong r = 0; // rule vector 

ulong x =p, y=r0; // same result with rl 

while ( y ) 


ulong tq, tr; 


[fxtbook draft of 2008-January-19] 


39.8: Additive linear hybrid cellular automata 847 


bitpol_divrem(x, y, tq, tr); 


r <<= 1; 
r l= (tq & 1); 
x= y; 
y = tr; 
} 
return r; 


The described algorithm is given in the very readable paper [71] which is recommended for further studies. 
Note that the paper uses the reversed rule which can be obtained by inserting the line 


r = revbin(r, bitpol_deg(p) ); 


just before the final return statement. The program [FXT: gf2n/poly2lhca-demo.cc| converts a given 


polynomial into the corresponding LHCA rule. 


39.8 Additive linear hybrid cellular automata 


39.8.1 Conversion into binary polynomials 


The algorithm for the conversion of LHCA rules to binary polynomials is a special case of a general 
method for additive cellular automata. An automaton is called additive if, for all words a and 8, 


N(a)+N(b) = N(a+b) (39.8-1) 


where N(x) is the next state after the state x and addition is bit-wise (XOR). 

For additive automata the action of N on a binary word can be described by a matrix over GF(2): Let 
ex be the word with bit number k the only set bit (e,, k = 0,...,n —1 is the canonical basis). The 
matrix whose k-th row is N(e;) is the matrix we seek. For example, for the LHCA with cyclic boundary 


condition (CLHCA) whose action N can be implemented as [FXT: bpol/clhca.h 


ulong clhca_next(ulong x, ulong r, ulong n) 


r & x; 
ulong t = x ~ bit_rotate_right(x, 1, n); 
t “= 17; 
return t; 
} 
we obtain for the rule r := [ro,1r1,...,n—1] the matrix 
SO 1 
1 S1 
1 $92 
1 §3 
M, := . . (39.8-2) 
1 S5n-3 
1 Sn—2 
1 Sn—-1 


where sz is the complement of rz, and blank entries denote zero. The binary polynomial corresponding to 
the automaton is the characteristic polynomial of the matrix M,. We use the routine bitmat_charpoly () 
given in [FXT: bmat/bitmat-charpoly.cc, (which uses a reduction to the Hessenberg form as given in [83]): 
inline ulong clhca2poly(ulong r, ulong n) 


// Compute the binary polynomial corresponding 
// to the length-n CLHCA with rule r. 


ALLOCA(ulong, M, n); 
for (ulong k=0; k<n; ++k) 
t 


[fxtbook draft of 2008-January-19] 


848 Chapter 39: Shift registers 


M[k] = clhca_next( 1UL<<k, r, n ); 


ulong c = bitmat_charpoly(M, n); 
return c; 


} 


The routine computes the polynomial for any additive automaton if the call to clhca_next () is replaced 
by the update for the automaton. Note that with our particular example the matrix is already in 
Hessenberg form so we could directly call bitmat_hessenberg2charpoly(). 


39.8.2 Properties of the CLHCA 


r= .111 r= 1.11 r= 11.1 r= i111 

1 beeen xiedl a Seg saa 
2: eee Denies lene 1..1 
3: oleae gel ens Ey leeee 11.1 
4: pipe .11. pare Be 1111 
5: 1111 .111 vce bb 111. 
6: edt T 1111 1.44 .111 
7: 1.11 1.11 1111 1.1. 
8: ohel 11.1 11... .1.1 
9: ieaee 1.1. 111. 1.11 
10: ols ee okie! Pe eee Ls 
11: asthe 111. alge les .11. 
12: soit eo bl Peele sided 
13: Dees L 1..1 di esecd Dens 
14: ie heee ti... el 1. 

15: 1 seen odbdl Sl 


Figure 39.8-A: Rules of identical weight lead to essentially identical CLHCA: all tracks in the successive 
states of all weight-3 (length-4) automata are cyclic shifts of each other. 


k r = CLHCA rule c = binary polynomial 

0: 1S eh eee ee aa [ei re eer ee ee dis 

ales Te sac fing ch Sid hdoe gress dulsiecs 1 CT precta id oe saben ae 11 

2: eee ee eer 11 e = 1111111111111111.1 

3: te dnicg anaes dae 111 c= 1.1.1.1.1.1.1.1..1 

4: Fs deg anes andr anclsnans 1111 c= 11..11.. sad, 

53 a 11111 c=1... <l P 

6: De ca Sieh dove face 111111 ce = 1111 1 P 

7: r= .. 1111111 CH 1elewies etal 

8: r= 11111111 C= Ade cers eed, 

9: ne 111111111 Ce Dovelccnn ts 1 
10: Te a acd ci bch 1111111111 e = 11111111 1 
11: a eleees 11111111111 CH 1 del dees ess 1 P 
12: BS ais 111111111111 A 5 Vs iors ee cies atin 1 P 
13: r= ....1111111111111 (osm terres emer eet 1 
14: y= ...11111111111111 CG. = AIT ce cae 1 
15: v= ..111111111111111 CoS DM a eee asesire aceon 1 
16: y= .1111111111111111 CSA Let yiecncta et 1 
17: vy = 11111111111111111 Gor Dre eed semen donde doen 1 


Figure 39.8-B: Binary polynomials (right) corresponding to rule vectors for the length-17 cyclic linear 
hybrid cellular automata (left) with k bits set. Automata with maximal period are marked with ‘P’. 


The polynomials for the given automata depend only on the number of bits set in the rule r. eng 
[A]shows the successive states for all length-4 CLHCA with rules of weight 3. As there are essentially only 
n-+1 different automata of length n we only need to investigate the rules with the lowest k bits set for 
k =0,1,...,n. The polynomials for the length-17 automata are shown in figure [39.8-B] The polynomials 


can be computed with the simple routine 


inline ulong clhca2poly(ulong r, ulong n) 
{ 


ulong c = 1UL << n; 

for (ulong k=0; k<n; ++k) 
¢ "= 43 

return c; 


if ( 0O==(r & (AUL<<k)) ) c 7= 


(c>>1); 


[fxtbook draft of 2008-January-19] 


39.8: Additive linear hybrid cellular automata 849 


=2 r=...11 =3: r=..111 w=1 r= 1 
1: steed ds: eeead 1: Danio 
2: Teséers 8 2: pee 2 1 eee 
3: i: ee Be a ees 3 os Ree 
4: 1.1.. 4: Pete. 4: 1.1.. 
5: 1111. 5: 11.1. 5s 1111. 
6: 1..41 6: pies aes 6: deed: 
T: Pe ier ts whi, We Ps aes 
8: 114... 8: 11.14 8: it... 
9: 1...2: 9: 14111. 9: ed ode 

10: 11..1 10: 1.1411 10: 11114 
11: eee ee 11: Pas Pee ha 11: 11..1 
12: pede 12: 111.1 12: Be dst 
13: 111 13: wkd 13% ewhd. 
14: 1.111 14: eased t 14: sided 
15: 1111 15: i ee 15: 1.11. 
16: 11.41 16: ho kee 16: 111.1 
17: eats d oy A addes Af: wove Le 
18: 1.11. 18: 111. 18: 141 
19: 11111 19: 11114 19: Lett 
20: oye 20: 11111 20: 1.11 
21: Tice ok 21: wet 21: 11141 
22: Be eee 22: 1.11 
23: oe le ee 23: Peed 
24: e132 24: 111.. 
25: Pas es bane 25: pee 
26: 11.1. 26: 11.114 
27: 1.1.1 27: scceoabey oh 
28: 111. 28: del 
29: 1.11 29: 11..1 
30: 111.1 30: sheikh se 
31: ees ie 31: 1 


Figure 39.8-C: The length-5, weight-w CLHCA has maximal period for w = 2 and w = 3. The 
successive states are shown for both automata (left and middle). The weight-1 rule leads to a period of 
21 (right). 


n w: c = polynomial 
2 ec = 111 
3. se c=1.11 
4 3: c= i11..1 
5 2: ce = 1111.1 
6 1: ec = 11..111 
7 1: ce = 1.1.1.11 
[8] 
9 4: oe tee! ol tres Oe geeeaees E 
10 3: ce = 11111111..1 
11 2: CS Te esse 11.1 
[12,13,14] 
15. 4: Cc 1111....1111...1 
[16] 
17 3: ce = 1.1.1.1.1.1.1.1..1 
18_ 7: 6S TAT 3 .cd 1 oe 1 
[19] 
20 3: CPI ayer Sales ots ere 4 
21 2: CS TT ee uate sheila 1111.1 
22 21: CoS Th ike, seontia eee sie aes ees 
23_ 5: CS eset ep lavetats 1.1 1 
[24] 
25 dss D eT iseiah sbigte as Dodd ded 
[26,27] 
28 eee kee ee arene pe eens 
29. 2 eS fit... Til... Tit... Tit 
[30] 


Figure 39.8-D: The polynomials (right) corresponding rules of lowest weight (w) so that the length-n 
(n < 30) CLHCA has maximal period. 


[fxtbook draft of 2008-January-19] 


850 Chapter 39: Shift registers 


If we write C,,,(a) for the polynomial for the length-n, k-bit rule then Chn—“(%) = Cn,n(a@ +1). Indeed, 
they can be given in the closed form C,,4(z) =1+2*(1+2)"-*. 


With n = 5 there are just two rules that lead to maximal periods, r = [0,0,0,1,1] (weight 2), and r = 
(0,0,1,1,1] (weight 3). The successive states for both rules are shown in figure BOSC] The polynomials 
corresponding to the rules of minimal weight for all length-n automata where n < 30 are given in 
figure [39.8-D] The sequence of values n so that a primitive length-n CLHCA exists starts: 


2, 3, 4, 5, 6, 7, 9, 10, 11, 15, 17, 18, 20, 21, 22, 23, 25, 28, 29, 31, 33, 
35, 36, 39, 41, 47, 49, 52, 55, 57, 58, 60 . 


It coincides with entry A073726 of [214], values n such that there is a primitive trinomial of degree n. 
The sequence was computed with the program [FXT: gf2n/clhca-demo.cc|. A list of CLHCA rules with 
maximal period is given in [FXT: data/clhca-rules.txt . 


> acta 


[fxtbook draft of 2008-January-19] 


851 


Chapter 40 


Binary finite fields: GF(2”) 


This chapter introduces the binary finite fields GF(2”). The polynomial representation is used for stating 
some basic properties. An introduction of the representation by normal bases follows. Certain normal 
bases are advantageous for hardware implementations of the arithmetic algorithms. Finally, several ways 
of computing the number of irreducible binary normal polynomials are given. 


Binary finite fields are important for applications like error correcting codes and cryptography. 


The underlying arithmetical algorithms are given in chapter [38 


40.1 Arithmetic and basic properties 


In chapter [25] we have met the finite fields Z/pZ = GF(p) for p a prime. The ‘GF’ stands for Galois 
Field, another symbol often used is F,. The arithmetic in GF(p) is the simply the arithmetic modulo p. 


There are more finite fields: for every prime p there are fields with Q = p” elements for all n > 1. 
All elements in a finite field GF(p”) can be represented as polynomials modulo an degree-n irreducible 
polynomial C' with coefficients over the field GF(p). The arithmetic to be used is polynomial arithmetic 
modulo C. As in general there is more than one irreducible polynomial of degree n it might seem that 
there is more than one field GF(Q) for given Q = p”. There isn’t. Using different polynomials as modulus 
leads to isomorphic representations of the same field. The field GF(p”) is called an extension field of 
GF(p). The field GF(p) is called the ground field of GF(p”). 


When speaking about an element of GF(Q) one can think of a polynomial modulo some fixed irreducible 
polynomial C' (modulus). For example, the product of two elements can be computed as the polynomial 
product modulo C. For the equivalent construction using the polynomial x? + 1 with real coefficients 
that leads to the complex numbers, see section [37.12] on page [770] 


The elements zero (the neutral element of addition) and one (neutral element of multiplication) are the 
constant polynomials with constant zero and one, respectively. This does not depend on the choice of 
the modulus. 


Multiplication with an element of the ground field is called scalar multiplication. In this section an 
element of the ground field is denoted by u. Scalar multiplication corresponds to the multiplication of 
every coefficient of (the polynomial representing) the field element a by u. 


We restrict our attention mostly to Q = 2”, that is, the binary finite fields GF(2") in what follows as we 
have seen the algorithms for the underlying arithmetic. 


[fxtbook draft of 2008-January-19] 


852 Chapter 40: Binary finite fields: GF(2”) 
40.1.1 Characteristic and linear functions 


If we add any element of the field GF(p”) p times to zero the result will be zero. One calls p the 
characteristic of the field. For infinite fields such as C the characteristic is said to be zero (while it should 
really be oo). Note that the notion “multiplication is repeated addition” is meaningless in extension 
fields. 


For GF(p”) one has 
(utv)? = uP+u?P (40.1-1) 
because the binomial coefficients (?) are divisible by p for k = 1,2,...,p— 1. For GF(2”): 
(utv)? = wt? (40.1-2) 
We call a function f linear if the relation 
f(ur-atue-b) = ur: f(a) tue: f(b) (40.1-3) 


holds for uw; and uz from the ground field. The linear functions in GF(p”) are of the form 


n—1 
f(z) = Soup-a” (40.1-4) 
k=0 


where the ux are again in the ground field. Linear functions can be computed using lookup tables. In 
GF(2") these are all functions of the form 


n-1 
f(z) = Soug-a™ (40.1-5) 
k=0 


40.1.2 Squaring 


Squaring (and raising to any power 2") is a linear operation in GF(2"). The linearity can be used to 
accelerate the computation of squares. Write 


—~1\2 a 
(up + uy @ + Ug 2? 4 2. bUn_1 2” ) = ug tue? tue? t+... ttn e2 (40.1-6) 
= U9 S80 + Uy 81 + Ug 82 +..-Un—1 Sn—1 
One has to precompute and store the values s; = 27‘ mod C for i = 0,1,2,...,2 —1. For successive 


square computations it is only necessary to add (that is, XOR) those s; corresponding to nonzero u;. For 
example, with n = 13 and the polynomial modulus C = 2!3 + 24+ 23+ 2! +1 one obtains the table 


DOS «enh Sees ga 1 
bese Se dee haute enh 128 
O25 a bea ge D8 
DSi sae dO cheaters 
ps4 = ...,. Testcie Sar 
DOS ads sie kee 
56 = Van eb eels fans 
DLS inet dge stra 11,11 
DOES" Seances 11,11. 
SOS. Nee Tt es 
$10 = .,11,11..,,..,, 
sil = .1,11..,.41.11 
812 = .11....1.11.1 


The squares 89, $1 --- $|(n—1)/2| have the trivial form s; = x? which can be used to further accelerate the 
computation. 


[fxtbook draft of 2008-January-19] 


40.1: Arithmetic and basic properties 853 


40.1.3 Computation of the trace 


The trace of an element u in GF(2”) is defined as 
Tr(a) = ata*+at+a°+...4 a” = S- a?” (40.1-7) 
j=0 


The trace of any element is either zero or one. The trace of zero is always zero. The trace of one in 
GF(2”) equals one for odd n, else zero, that is, Tr(1) =n mod 2. Exactly half of the elements have trace 
one. The trace of the sum of two elements is the sum of the traces of the elements: 


Tr(a+b) = Tr(a) + Tr(d) (40.1-8) 
The trace of the square of an element is the trace of that element: 
Tr(a?) = Tr(a) (40.1-9) 
With wu zero or one (an element of the ground field GF(2)) one has 
Tr(u-a) = u- Tr(a) (40.1-10) 
Thereby, for u; and wu; from the ground field, 
Tr(ur-atug-b) = uzy-atug-b (40.1-11) 
That is, the Tr function is linear. 


A fast algorithm to compute the trace uses the trace vector, a precomputed table t; = Tr(a’) for i = 
0,1,2,...,2.—1, and the linearity of the trace 


n-1 
Tu) = So mk (40.1-12) 
1=0 


where the u; are zero or one. Thereby, when the polynomial fits into a single binary word, precompute 
the trace vector tv whose bits are the traces of the powers of x and later compute the trace of an element 
via [FXT: gf2n_fast_trace() in bpol/gf2n-trace.h': 

inline ulong gf2n_fast_trace(ulong a, ulong tv) 

// Fast trace computation of the trace of a 

// using the precalculated table tv. 

{ return parity( a& tv); } // scalar product over GF(2) 


Given the trace vector it is also easy to find elements of trace zero or one by simply taking the lowest 
unset or set bit of the vector, respectively. There are polynomials such that the trace vector contains just 
one nonzero bit, see section 


40.1.4 Inverse and square root 
The number of elements in GF(Q) equals Q. For any element a € GF(Q) one has 
a®@ = a (40.1-13) 
and thereby a2~! = 1. So we can compute the inverse a~! of a nonzero element a as 
a? = ae (40.1-14) 


We have see this technique of inversion by exponentiation is section |37.6.4| on page which is the 
special case G'F'(p). 


[fxtbook draft of 2008-January-19] 


854 Chapter 40: Binary finite fields: GF(2”) 


All elements except zero are invertible in a field. That is, the number of invertible elements (units) in 
GF(@) equals |GF(Q)*| = @-1=p"-1 


Every element a of GF(2”) has a unique square root s that can easily be computed as 
s = a@/? = (40.1-15) 


It can be computed by squaring the element n — 1 times. But the square root is a linear function, so we 
can again apply table lookup methods. 


A method that uses the precomputed value ,/z is described in [1]: for an element a = >>), a,x" we 
have 


Va = So age? 4+ Je So apc? VP (40.1-16) 


k even k odd 


The only nontrivial operation is the multiplication with /z. 


40.1.5 Order and primitive roots 


The order of an element a is the least positive exponent r so that a” = 1. The maximal order of an 
element in GF(2”) equals 2” —1 = Q—1. An element of maximal order is called a generator (or primitive 
root) as its powers ‘generate’ all nonzero elements in the field. The order of an given element a in GF(2”) 
can be computed like 


function order(a, n) 
if a==0 then return 0 // a not a unit 


h := 2%n - 1 // number of units 


e: 
{np, p[], k[J} := factorization(h) // h==product(i=0..np-1, p[i]**k[i]) 
for i:=0 to np-1 


x 
f := pli)**k[i] 
e:=e/f 
gil := axe // modulo polynomial 
while gi!=1 
{ 
g1 := gi**p[i] // modulo polynomial 
e :=e * pli] 
pli] := pli] - 1 
} 
return e 


} 
The C++ implementation is [FXT: gf2n_order() in |bpol/gf2n-order.cc|. We have seen a very simi- 
lar algorithm in section |38.4.2] on page Indeed, with just minimal changes we obtain a pari/gp 


implementation to compute the order of an element g in GF(2”): 


polorder(p, g=’x) = 
/* Order of g modulo p (p irreducible over GF(2)) */ 
{ 

local(gi, te, tp, tf, tx); 

p *= Mod(1,2); 

te = nn_; 

for(i=1, np_, 

tf = vf_[il; tp = vp_[i]; tx = vx_[il; 


while ( 1!=g1, 
gi = gi°tp; 
te te * tp; 
)5 
Dae 


return( te ); 


[fxtbook draft of 2008-January-19] 


40.1: Arithmetic and basic properties 


855 


The only difference to the original algorithm is that g can have other values than (the polynomial) z. 


The function 


mn_=0; /* 
np_=0; /* 
vp_ = (1; /* 
vf_ = [1]; /* 
vx_ = []; /* 


uses the following global variables that must be set up before call: 


max order = 2n-1 */ 


number 
vector 
vector 
vector 


of primes in factorization */ 
of primes */ 

of factors (prime powers) */ 
of exponents */ 


To check whether g is a primitive root modulo p use the function 


polmaxorder_q(p, g=’x) = 
/* Whether order of g modulo p is maximal (p irreducible over GF(2)) */ 
/* Early-out variant */ 


{ 


local(gi, te, tp, tf, tx, ct); 


p *= Mod(1, 


te = nn_; 


2); 


for(i=1, np_, 


tf 


ct 0; 


vf_[il; 
te / tf; 
Mod(g, p) “te; 


while ( 1!=g1, 


ct 
o 
oud 


); 


gi°tp; 
te * tp; 
ct +13 


tp = vp_[i]; tx = vx_[il; 


if ( ct<tx, return(0) ); 


return(1); 


Let a be an invertible element (that is, a 4 0), then a can be written as a power of a generator: a = g*. 
Then for the order r of a we have 


where N = 2” —1. For N a (Mersenne-) prime the order of all invertible elements except 1 is N. 


N 
1G): = gcd(k, N) 


40.1.6 Implementation 


A C++ class 


class GF2n in 


class GF2n 


for computations in the fields GF 


bpol/gf2n.h): 


/ Implementation of binary finite fields GF(2**n) 
// with arithmetic operations on it. 


ee 
public: 
ulong v_; 


The static (that is, class global) elements support the computations: 


public: 


static ulong n_; 
static ulong c_; 
static ulong h_; 


// the ’n’ in GF(2**n) 
// polynomial modulus 
// auxiliary bitmask for computations 


static ulong mm_; // 2**n - 1 == max order (a Mersenne number) 


static ulong g_; 


// a generator (element of maximal order) 


static ulong tv_; // trace vector 

static ulong sqr_tab[BITS_PER_LONG]; // table for fast squaring 
static factorization mfact_; // factorization of max order 

static char* pc_; // chars to print zero and one: e.g. "01" or ".1" 
[--snip--] 
static GF2n zero; // zero (neutral element wrt. addition) in GF(2**n) 


static GF2n one; 


// one (neutral element wrt. multiplication) in GF(2**n) 


static GF2n trie; // an element with trace == 


[fxtbook draft of 2008-January-19] 


(40.1-17) 


(2”) with n not greater than BITS_PER_LONG is [FXT: 


856 Chapter 40: Binary finite fields: GF(2”) 


Note all data is public, making many methods ‘get_something()’ unnecessary. You can also modify to 
the data. Expect funny results if you do. The constructors from other types are ‘explicit’ to avoid 
surprises: 


public: 
explicit GF2n() { ; } 
explicit GF2n(const ulong i) : v_(i & m_) { ; } 
GF2n(const GF2n &g) : v_(g.v_) {; } 
“GF2n() {; } 


Before doing anything one has to call the initializing function [FXT: GF2n::initQ© in bpol/gf2n.cc!: 


// if INIT_ASSERT is defined, asserts are C asserts, 
// else init() returns false if one of the tests fail: 
#define INIT_ASSERT 


bool // static 

GF2n::init(ulong n, ulong c/*=0*/, bool normalg/*=0*/, bool trustme/*=0*/) 
// Initialize class GF(2**n) for O<n<=BITS_PER_LONG. 

// If an irreducible polynomial c is supplied it is used as modulus, 

// else a primitive polynomial of degree n is used. 

// Irreducibility of c is asserted for deg(c)<BITS_PER_LONG. 

// When normalq is set a primitive normal polynomial is used, 

// if in addition c is supplied, normality of c is asserted. 

// When trustme is set the asserts are omitted. 


[--snip--] 
if ( n_ < BITS_PER_LONG ) // test only works for polynomials that fit into words 
{ 


if ( ! trustme ) 


{ 
#ifdef INIT_ASSERT 
jjassert( bitpol_irreducible_q(c_, h_) ); 


#else 
if ( ! bitpol_irreducible_q(c_, h_) ) return false; 
#endif 
} 
[--snip--] 
} 
n=4 GF(2°n) 
c= 1..11 == x°4 +x + 1 (polynomial modulus) 
mm= .1111 == 15 = 3 %* 5 (maximal order) 
h = .1... (aux. bitmask) 
g= .1. (element of maximal order) 
tv= .1... (traces of x7i) 
trie= .1... (element with trace=1) 
k : f:=g**k Tr(f) ord(f) f*f sqrt (f) 
Shot deck 0 1 sestscll cael 
eased ear das 0) 15 na le 1.1 
edly ea os 0 15 ot a toedes 
11 ee d. 5 11... 1.1. 
odin «eit 0 15 1.1 ae 
1.1 eddies 0 3 111 111 
.i1. i1.. 1 5 1111 i eee 
111 1.11 1 15 1..1 14... 
Wess: 1.2 0) 15 weds zeae td. 
i eee 11. 1 5 1 oe 1111 
pe 111 0 3 11. «4. 
1.411 111. 1 15 1.41 11.1 
11.. 1111 1 5 1A. 11.. 
11.14 11.1 dl. 15 111. 1..1 
111. 1..1 1 15 11.1 1.11 


Figure 40.1-A: Powers of the generator g = x in GF(2+) when a primitive polynomial is used as a 
modulus. 


The class defines all the standard operators like the binary operators ‘+’ and ‘-’ (which are the same 
operation in GF(2”)), ‘*’ and ‘/’, the comparison operators ‘==’ and ‘!=’, also the computation of inverse 

powering, order, and trace. The algorithms used for the arithmetic operations are described in section 38.3] 
on page l0s] We give the method for the inverse and the arithmetic shortcut operators as examples: 


GF2n inv() const 


[fxtbook draft of 2008-January-19] 


40.2: Minimal polynomials 857 


n=4 GF(27n) 

c = 11111 [normal] [NON-primitive] 
== x74 + x73 + x72 +x + 1 (polynomial modulus) 

mm= .1111 == 15 = 3 %* 5 (maximal order) 

h = .1... (aux. bitmask) 

g = ...11 (element of maximal order) 

tv= .111. (traces of x7i) 

trie= .1. (element with trace=1) 
k : f:=g**k Tr(f) ord(f) f*f sqrt (f) 

Sette ec 0) sl ac ol eee 
soe inl. pee el 1. 15 1.1 1..1 
eatdls pa le 1 15 111. 11 
oa LT 1111 1 5 Dicws Pa eee 
ae ieee 111. 1 15 Me 1.1 
Pac eb 11.1 0 3 11.. Malis 
.i1. ‘eee 1 5 wie ds 1111 
111 111 0 15 1.1. 1.11 
oer 1..1 1 15 eset 111. 
pee b Pe ieee 1 5 1111 es ovdirs 
1.1. i1.. 0 3 11.1 11.1 
1.11 1.11 0) 15 111 wi. 
11.. eae i 1 5 ne ee i one 
11.1 11. 0) 15 1.11 1.1. 
t1d. i ee 0) 15 .i1. 111 


Figure 40.1-B: Powers of a generator in GF(2*) when a non-primitive polynomial is used as a modulus. 


GF2n Zz; 

Z.v_= bitpolmod_inverse(v_, GF2n::c_); 

return Z; 
t 
[--snip--] 
friend inline GF2n & operator += (GF2n &z, const GF2n &f) 
{ z.v_ “= f.v_; return z; } 
friend inline GF2n & operator -= (GF2n &z, const GF2n &f) 
{ z.v_ “= f.v_; return z; } 


friend inline GF2n & operator *= (GF2n &z, const GF2n &f) 
{ z.v_ = bitpolmod_mult(z.v_, f.v_, GF2n::c_, GF2n::h_); return z; } 


friend inline GF2n & operator /= (GF2n &z, const GF2n &f) 
{z *= f.inv(); return z; } 


As a simple demonstration of the usage, the program [FXT: |gf2n/gf2n-demo.cc]| prints the successive 


powers of a primitive root, and their squares and square roots. By default computations in GF(2*) are 
shown, both for a primitive polynomial modulus (figure |40.1-A), and for a non-primitive polynomial 


modulus (figure /40.1-B). 


40.2 Minimal polynomials 


The minimal polynomial of an element a in GF(2”) is defined as the polynomial of least degree which 
has a as a root. The minimal polynomial can be computed as the product 


r-1 


ne) = | (« - a”) (40.2-1) 


k=0 


where r is the smallest positive integer so that a?) = a. The minimal polynomial of any element is 
irreducible and its degree is a divisor of n. 


= r-1\ 2 
By construction the zeros of the polynomial are a,a?,a*,a®,...,a2” '. Note that (« ‘) =a, that 


is, Da = Da? = Pat = --- = Dar-1. The elements a?,a*,... are called the conjugates of a. For the field 


GF(p") the minimal polynomial has the form [];—> (« - av"). 


[fxtbook draft of 2008-January-19] 


Chapter 40: Binary finite fields: GF(2”) 


858 


(maximal order) 


(polynomial modulus) 


== x°6 +x+1 
== 68 = 3°2* 7 


GF (27n) 
A: 
.111111 


a a 2 2a a 42a 2 24 a 22 4 42a a 
MHMOOWODOUWOWOOWOOMNOOODO ODODWOUMDOU NOOODUOMOOODDOODODUMOOODDONOOMODDOOODODOMODOOOWMOMW 


RE A ORT ER a SN OO dR DN 
Ba ar Da Bar ne Da De Oe De Oe ee Oe ee ee said 

ed rd ted 8 rd etd edd edi Oe ae ee oe eee | ete ey re 18 On oe are . i . 
Geese ee ee — ee ee ee eee ee eer Pe) ede a, [67 S80 8 Sane. ee ee ee ee ee ee ee ee ee ee ee er 
dt 8 emt neve ee ee er ee er er er er ee ee ee ee er er ee et 
See eee coe tot CD oe Oe emir Oe ee “ol Oe be pee ba pun ba coer ew aut ioe ee ae 


DODO OHA OOOOH HOSO OHAOHOOA FAHAHAOHOOO FHA HAOOHO OHOTFAHOTFHHOFHHAOOHHOHOnHON HN HNHHS 


AMNMAMNMNANMMYMNIMNAMNANAMNMYMNIMIMAIMNAMNMYAMNANMNANAOEOIMNAMNMMMNIMNYEMIMNADNMAMNMYEMOIAAMNMNHMO 
ODONOON O OONO NOOO OO OUONWOWO ONOONO OONDOO OO OON ONDO O NOUONWOO 


A Be sD BD ee Be ee eB ee Stet ets 
* - ae CB DB Be ee De ee ee ee ee 
SS De De Be Da Be Be re Be ee ee 
OD dd rd dt rd rd 8 rd edd edd edd 
il} CD ee ee ee ee ee 
Bo ee ante Se I eB DD De De eB eB De oe ee ee ee 


. el . wad . gelet D ea . wad . wad . sie . sae eat . Sete . aeteat . keane . tad . ie pa . saiet . ape coed 
©, 38 a a De BD ee BD Be 
Ste, oe states vers Ss. Td ee a a 
Ce Oe ee ee ee ee 


MS OANMAHPNO ON ONOANMHOOR ONDAANMNHPHOORWDHOAAMNITNORN DHOAAMHOORDOHOAAMHOONOROHN 
AAA AAA ANNANANANAN AANA 09 09. 09.09.09. 09 09 09 09 09 SB SESH SPSS SHS SSO LO LO LO LO LO LO LO LO LOCO COCO 


that are non-primitive are marked with an ‘N’. The trace of an element equals the coefficient of «”~! of 


Figure 40.2-A: Minimal polynomials of the powers of a generator in GF(2°). Polynomials of degree n = 6 
its minimal polynomial. 


[fxtbook draft of 2008-January-19] 


40.3: Computation of the trace vector via Newton’s formula 859 


From the definition it can be seen that the coefficients of the minimal polynomial lie in GF(2”), however, 
all of them are either zero or one. Thereby the computation has to be carried out using the arithmetic 


in GF(2”) but the final result is a binary polynomial [FXT: |bpol/gf2n-minpoly.cc): 


ulong 

gf2n_minpoly(GF2n a, ulong &bp) 

// Compute the minimal polynomial p(x) of a \in GF(2*#n). 
// Return the degree of p(). 

// The polynomial p() is written to bp 


{ 

GF2n p[BITS_PER_LONG+1] ; 

ulong n = GF2n::n_; 

for (ulong k=0; k<=n; ++k) pl[k] = 0; 

plo] = 1; 

ulong d; 

GF2n s = a; 

= (d=1; d<=n; ++d) 
for (ulong k=d; 0!=k; --k) plIk] = p[k-1]; 
pl0] = 0; 
for (ulong k=0; k<d; ++k) pl[k] t= p[kt1] * s; 
s = s.sqr(); 
if ( s == a) break; 

} 

// Here all coefficients are either zero or one, 

// so we can fill them into a binary word: 

ulong p2 = 0; 

for (ulong j=0; j<=d; ++j) p2 l= @plj].v_ << j); 

bp = p2; 

return d; 

} 


A version of the routine that does not depend on the class GF2n is given in [FXT: bpol/bitpolmod- 
minpoly.h). The program [FXT: gf2n/gf2n-minpoly-demo.cc| prints the minimal polynomials for the 
40.2-A) 


powers of a primitive element g, see figure |40.2-A| The polynomials (of maximal degree) that are non- 
primitive are marked by an ‘N’. The minimal polynomials for g* are non-primitive or of degree smaller 
than n whenever ged(k,2” — 1) £1. 


Let C be a irreducible polynomial of degree n and a an element so that r = ordg¢(a) is the order of a 
modulo C. Then the order of modulo the minimal polynomial of a is also r. Thereby a primitive poly- 
nomial can be determined from an irreducible polynomial C' and a generator g modulo C’ by computing 
the minimal polynomial of g. 


With a primitive polynomial (and the generator g =‘x’) the minimal polynomial of an element f = g* is 
primitive if k is a Lyndon word and gcd(k,n) = 1. With a fast algorithm for the generation of Lyndon 
words one can therefore generate all primitive polynomials as shown in section on page 


40.3. Computation of the trace vector via Newton’s formula 
Let C(x) be a polynomial with n roots ao, a1, --., @n—1 


C(#) = Tf @-) — Yaz (40.3-1) 
k=0 


We define (following [231] sec.32]) 


se = ok tok +... tak, (40.3-2) 
Then, for m= 1,...,n, we have Newton’s formula: 
m—-1 
MeCn—-m = — S- Siiax Cay (40.3-3) 
j=0 


[fxtbook draft of 2008-January-19] 


860 Chapter 40: Binary finite fields: GF(2”) 


Now let C = cotc1 2+ 27+...+¢€, x” be an irreducible polynomial with coefficients in GF(p). Its roots 
are a, (and the conjugates) a?, a, a?’,..., a?” ’. Let to =n and t; = Tr(a’) (computationally 2 is a 
root of C, so t; = Tr(x*)). Note that to,...,tn—1 are the elements of the trace vector, see relation [40.1-12| 
on page [853] Using cp, = 1 (monic polynomial C) and t; = s; we rewrite Newton’s formula as 


t% = —-le-1 (40.3-4a) 
tg = —Cn_1t1 —2Cn_2 (40.3-4b) 
tz = —Cyn_1te — Cn_oti — 3en_3 (40.3-4c) 
t4 = —Cn_1t3 — Cn_ote — Cn_3t) — 4Cn_a (40.3-4d) 
ts = —Cyn—1 ta — Cn—2t3 — Cn—3 te — Cn—ati — 5Cn—5 (40.3-4e) 
th = —Cy—1te_-1 — Cn—atp_g—...— Cp_p_1ti —kCn_p (40.3-4f) 


To compute the trace vector for the field GF(p"), make the assignments in the given order, and finally 
compute tj) = nmodp. The computation does not involve any polynomial modular reduction so the 
method can be worthwhile even for the determination of the trace of just one element. 


With binary finite fields, the components with even subscripts can be computed as ta, = tz. During the 
computation we set to = 0 and correct the value at the end of the routine. An implementation of the 


implied algorithm is [FXT: bpol/gf2n-trace.cc’: 


ulong 

gf2n_trace_vector_x(ulong c, ulong n) 

// Return vector of traces of powers of x, where 
// x is a root of the irreducible polynomial C. 
// Must have: n == degree(C) 


{ 
c & ~( 2UL<<(n-1) ); // remove coefficient c[n] 
ulong t = 1; // set t[0]=1, will be corrected at the end 
for (ulong k=1; k<n; ++k) 
if (k&1) // k odd: use recursion 
{ 
ulong cv = c >> (n-k); // polynomials coefficients [n-1]..[n-k] 
cv & t; // vector (j=1, k, cln-j]*t[k-j]) 
cv = parity(cv); // sum (j=1, k, cln-j]*t[k-j]) 
t |=  (cv<<k); 
} 
else // k even: copy t[k/2] to t[k] 
{ 
t l= ( (t>>(k/2)) & 1) << &k; 
} 
} 
// correct t[0]: 
t “= ((mt1)&1); // change low bit if n is even 
return t; 
} 


The routine involves n computations of the parity. The complexity of the equivalent routine for large n 
has complexity O(n?) (n computations of sums with ~ n summands). 


For a binary polynomial C' of odd degree n and all nonzero coefficients c; at odd indices i we obtain 
to = 1 and t; = 0 for all i 4 0, thereby the trace of any element is just the value of its lowest bit. In 


it is shown that for n = +3 mod 8 the first nonzero coefficient c, (with k <n) must appear at a position 
k > n/3. 

With even degree and all nonzero odd coefficients ¢;, cj, cj, ...at positions i,7,k,--- < n/2 the only 
nonzero components of the trace vector are ty_;, tn—j, tn—p, -... Thereby polynomials of even degree 


with just one nonzero coefficient c, where k < n/2 lead to only t,_, being nonzero. A special case are 
trinomials C = 2” + «* + 1 of even degree n and k < n/2 (k must be odd else C is reducible). The trace 
vector for all-ones polynomials (C' = y= x", see section|38.4.3.9]on page 1821) the only zero component 


[fxtbook draft of 2008-January-19] 


40.4: Solving quadratic equations 861 


of the trace vector is to (the degree must be even, else C is reducible). A detailed discussion of the 
properties of the trace vector is given in [6]. 


The following variant of the algorithm, suggested by Richard Brent [priv.comm.], shows that the compu- 
tation is equivalent to a division of power series. Let R be the reciprocal polynomial of C, then (see [61] 
p.135]) 


log (R(z)) = — So tj27/j (40.3-5) 
j=l 
Differentiating both sides gives 
Ri(@) re 
=. —\ ia 40.3-6 


Using Newton’s method for the inversion we obtain a computational cost of y M(n) where M(n) is the 
cost for the multiplication of two power series up to order x” and ¥ is a constant. The constant y equals 
three if the division is performed by one inversion, which is two multiplications with the second order 
Newton iteration, and one final multiplication with R’(x). For large n the multiplications should be done 
by either one of the splitting schemes suggested in or by FFT methods such as given in [209]. 


40.4 Solving quadratic equations 


We want to solve, in GF(2”), the equation 
az’+bza+e = 0 (40.4-1) 


The fact that extracting a square root of an arbitrary element in GF(2”) is easy does not enable us 
to solve the given equation. The formula ro = (-» + Vb? - 4ac) /(2a) that works fine for real and 
complex numbers is of no help here: how should we divide by two? 


Instead we transform the equation into a special form: divide by a: x? + (b/a) x + (c/a) = 0, substitute 
x = 2z(b/a) to get z? (b/a)? + (b/a)? z + (c/a) = 0, and divide by (b/a)? to obtain 

2+2z+C = 0 where C= B (40.4-2) 
If ro is one solution of this equation then r; = 79 + 1 is the other one: z(z +1) = C. The equation does 
not necessarily have a solution at all, the trace of C must be zero because we have Tr(C) = Tr(z? + z) = 
Tr(z?) + Tr(z) = Tr(z) + Tr(z) = 0 for all z € GF(2”). 
The function [FXT: gf2n_solve_quadratic() in |bpol/gf2n-solvequadratic.cc, transforms the equation 
into the reduced form: 


bool gf2n_solve_quadratic(GF2n a, GF2n b, GF2n c, GF2nk r0, GF2n& r1) 
// Solve a*x*2 + b*x + c == 

// Return whether solutions exist. 

// Tf so, the solutions are written to rO and ri. 


{ 
GF2n cc = axc; 
cc /= (b.sqr()); // cc = (a*c)/(b*b) 
GF2n r; 
bool q = gf2n_solve_reduced_quadratic(cc, r); 
if ( !q ) return false; 
GF2ns=b/a; 
rO =r*s; 
ri = (r+GF2n::one) * s; 
return true; 

} 


[fxtbook draft of 2008-January-19] 


862 Chapter 40: Binary finite fields: GF(2”) 


n= 5 GF(27n) 
c= 1..1.1 == x75 + x°2 + 1 (polynomial modulus) 
mm= .11111 == 31 (prime) (maximal order) 
h = .1.... (aux. bitmask) 
g= .1. (element of maximal order) 
tv= ..1..1 (traces of x7i) 
trie= ..... 1 (element with trace=1) 
k: f:=g**k Tr(f) RootOf(z*2+z=f) 
0: facia 1 
1: sige sce QO Phe kare 
25 seatdyses 0 -1.11 
3: eee 1 
4: aleaeeeee 0 -1111 
5: fades 1 
6: sides dbs 1 
va Teed fe) Seibtecs 
8: vided 0 11111 
9: TAs. al 
10: algae 1 
11: ..111 1 
12: .111. He 
13: is is ee 1 
14: 111.1 fe) : eee 
15: 11111 0 seller 
16: 11.11 0 sleeae Re 
17: 1..11 1 
18: ee ei 1 
19: tide 0 ats 
20: ead. je 1 
21: TA sce 1 
22: 1.1.1 1 
23: 1111 0 1.11. 
24: 1111. 1 
25: 1A cel 0 11.11 
26: 1.111 1 
27: 1.11 ) 110d 
28: algae fe) waded 
29: a bee 0 Leduc 
30: Dele 0 sed dee 


Figure 40.4-A: Solutions of the equation z? + z = f for all elements f € GF(2°) with trace zero. 


The following function checks whether the reduced equation has a solution and if so, returns true and 
writes one solution to the variable r: 


bool 

gf2n_solve_reduced_quadratic(GF2n c, GF2n& r) 
// Solve z2°2+2z== Cc 

// Return whether solutions exist. 

// Tf so, one solutions is written to r. 

// The other solution is r+1. 


if ( 1==c.trace() ) return false; 


GF2n t( GF2n::trie ) 
GF2n z( GF2n::zero ) 
GF2n u( t ); 

for (ulong j=1; j<GF2n::n_; ++j) 
{ 


’ 
’ 


GF2n u2 = u.sqr(); 


Z=z.sqrQ); | z += u2«c; // z= zz + ckUeU 
u=u2+t; //u=urtutt 
i = Z; 
return true; 
} 
Figure |40.4-Al shows the solutions to the reduced equations «7 + 2 = f for all elements f with trace zero 
[FXT: gf2n/gf2n-solvequadratic-demo.cc). 


The implementation of the algorithm takes advantage of a precomputed element with trace one. At the 


[fxtbook draft of 2008-January-19] 


40.5: Representation by matrices * 863 


==—=—=— k=1: ------- 
u=t72 + t 
Z=c*t7~2 
Z72=c72*t74 
Z~2+z=c72*t7~4 + cx*t72 
aaa k=2: ------- 
u=t°4 + t72 +t 
z=(c72 + c)*t74 + c¥#t72 
z~2=(c74 + c72)*t78 + c72Q*t74 
Z°2+z=(c74 + c72)*t78 + c#t74 + c#t72 
—— k=3 ns 
u=t78 + t744+t7°2 +t 
z=(c74 + c72 + c)¥*t78 + (c72 + c)*t74 + ct? 
zZ°2=(c78 + c7™4 + c72)*t716 + (c74 + c72)*t78 + C7 2Q*t74 
Z°2+z=(c78 + c74 + c72)*t716 + c#t™S + c¥t74 + c#E™2 
=(c*8 + c°4 + c72)#t + cx(t78 + t74 + t72) [using t~16=t] 
=(c + trace(c) )-#t + cx( t + trace(t) ) [using x°8+x*4+x*2=x+trace(x)] 
=(c +0 )at +c*C t+ 1) [using trace(c)=0, trace(t)=1] 


Cc [ z°2+z==c ] 


Figure 40.4-B: Solving the reduced quadratic equation z? + z = c in GF(2*). 


end of step k > 1 we have 


k 

ie = Se (40.4-3a) 
j=0 
k-1[ k-1 

Zk = iG el (40.4-3b) 
j=0 i=0 


Figure |40.4-B|shows (for GF(2*)) that this expression is the solution sought. 


Routines for the solution of quadratic equations that do not depend on the class GF2n are given in [FXT: 
bpol/bitpolmod-solvequadratic.cc_. 
For GF(2”) with n odd the solution of the reduced quadratic equation z? + z = A can be computed via 
the half-trace of A which is defined as 

H(A) = A+A*+ A 4...4 4807” (40.4-4) 


We have H(A)?+H(A) = Tr(A)+A, so H(A) is a solution of the reduced quadratic if Tr(A) = 0. The half- 
trace of an element A in the field with field polynomial C' can be computed via [FXT: gf2n_half_trace() 


in bpol/gf2n-trace.cc|: 


ulong 
gf2n_half_trace(ulong a, ulong c, ulong h) 
ti 
ulong t = a; 
ulong d = h; 
while ( d>>=2 ) 
{ 
t = bitpolmod_square(t, c, h); 
t = bitpolmod_square(t, c, h); 
t “=a; 


return t; 


40.5 Representation by matrices * 


With a primitive polynomial modulus C(x) a representation of the elements of GF(2”) as matrices can 
be obtained from the powers of the primitive element (‘x’) in a surprisingly simply way: in the table of 


[fxtbook draft of 2008-January-19] 


864 Chapter 40: Binary finite fields: GF(2”) 


n= 4 GF(2*n) 

c= 1..11 == x°4 +x + 1 (polynomial modulus) 
k: f:=g**k 
O: el 
i wcealisa 
2: e disias Tes od he Ad 
3: Den pret et Fe 
4: vod 1..11.1.1111. 
5: wd des 14.440 ,.1.,00 17 
6: kal ee 
7: 1.11 
8: glverd M_O = M_i = M_2 = M_3 = M_4 = M_5 = 
9: dd. 1 ee ee: geen Lcd sed, 
10: .1i1 1 Lead <p id. 11.1 1d. 
it: 111. 1 i, 1..1 ..11 .11. 11.1 
12: 1111 1 1 ed Lived eed. .11. 
13: 11.1 
14: 1.4 


Figure 40.5-A: Powers of the primitive element in GF(2*) with field polynomial x+ + x + 1 (left), the 
list of powers rotated counter clockwise by 90 degree (top right), and the matrices obtained by taking 4 
consecutive columns of the list (bottom right). 


powers of a generator take row k through k+n—1 to obtain the columns of matrices Mj, see figure 
Now one has M; = MF so one can use the matrices to represent the elements of GF(2"). 


The matrix M := M, is the companion matrix of the polynomial modulus g. The companion matrix of 
a polynomial p(x) = «” — S7"7! ¢; a? of degree n is defined as the n x n matrix 


i=0 
1 0 ao. a oa 
100: 0 «@| 
0 1 0 :--- O ce 
Me= ]..., : : (40.5-1) 
0 0 O 0 Cn—2 
0 0 O 1 Cp-1 
For polynomials p(x) = 7j_) ai 2" set cj = —a;/an. 


The characteristic polynomial c(x) of an x n matrix M is defined as 
c(z) := det(a E, — M) (40.5-2) 


where E,, is the n xX n unit matrix. The roots of characteristic polynomial are the eigenvalues of the 
matrix. The characteristic polynomial of the companion matrix of a polynomial p(x) equals p(a). If p(a) 
is the characteristic polynomial of a matrix M then p(M) = 0 (non-proof: set « = M in relation [40.5-2| 
see [76] for a proof). 


k [ p_k(x) ]°d k [ p_k(x) ]*d 
0 [ 11 174 T: { 1..11 ]71 
1 { 11..1 ]71 8: [ tio.t 172 
2 ie Eee al a 9: { 11111 ]71 
3 { 11111 ]71 10: [ 111 ]°2 
4 [ 11..1 ]71 11s [ 1..11 ]71 
5 [ 111 ]72 12: { 11111 ]71 
6 { 11111 ]71 13: [ 1..11 ]71 
14: [1..11 ]71 


Figure 40.5-B: Characteristic polynomials of the powers of the generator x with the field GF(2*) and 
the polynomial «+ + x + 1. 


Let cz (x) be the characteristic polynomial of the matrix Mj, = M* and p,(a) the minimal polynomial of 
the element g* € GF(2”). Then 


ce(z) = [pe(x)|" where d=n/r (40.5-3) 


[fxtbook draft of 2008-January-19] 


40.6: Representation by normal bases 865 


where r is the smallest positive integer so that MP = M,, For example, for the primitive modulus 
C(x) = 2++a+1 (as above) the sequence of characteristic polynomials of the powers of the generator ‘2’ 


are shown in figure |40.5-B 


The trace of the matrix M* is the d-th power of the polynomial trace of the minimal polynomial of g*. 
The polynomial trace of p(x) = 2” — (¢n_1 2"! +--+» +c," + co) equals c,_1 as can be seen from 


relation |40.5-1}on the facing page. 


By construction, picking the first column of M;, gives the vector of the coefficients of the polynomial x” 
modulo C(z): 


M*(1,0,0,...,0})7 = a* (mod C(z)) (40.5-4) 


Finally, the characteristic polynomial of an element a € GF(2”) in polynomial representation can be 
written as 


pat) = J] (2-0) (40.5-5) 


k=0 


Compare to relation |40.2-1l/on page for minimal polynomials. 


40.6 Representation by normal bases 


As a vector space over GF(2), we so far used the n basis vectors x9, 21, a?,a3,...,2"~! to represent an 
element in GF(2"). The arithmetic operations were the polynomial operations modulo an irreducible 
polynomial modulus C. 


. . < e eam 7 2 n-1 
For certain irreducible polynomials it is possible to use the normal basis x',x?,x*,a°,...,x? to rep- 


resent elements of GF(2”). These polynomials are called normal polynomials or N-polynomials. To check 
whether a polynomial C' is normal, compute rz, = a2 mod C for 1 < k <n, compute the nullspace of 
the matrix M whose k-th row is rz. If the nullspace is empty (that is, M -v = 0 implies v = 0) then the 
polynomial is normal. 


The normality of a polynomial is equivalent to the fact that its roots are linearly independent (see 
section on page for the equivalence of computations modulo a polynomial and computations 
with linear combinations of its roots). 


Addition and subtraction with a normal basis is again a simple XOR. Squaring an element can be achieved 
n—1 

by a cyclic shift by one position. Note that (x? )? = x!. Taking the square root is a cyclic shift in the 

other direction. 


In normal basis representation the element one is the all-ones word. Thereby adding one is equivalent to 
complementing the binary word. 


The trace can be computed easily with normal bases, it equals the parity of the binary word. 


40.6.1 Multiplication 


Multiplication of two elements is achieved via a multiplication matrix M. Given two elements a,b € 
GF(2”) in normal basis representation their product p = a- b is computed as follows: let a, be the 
coefficient (zero or one) of a where0<k<n-—-1.T hen, for the first component po of the product, 


po = at -M-b (40.6-1) 


[fxtbook draft of 2008-January-19] 


866 Chapter 40: Binary finite fields: GF(2”) 
and in general 
aah see 
Pe = (a? ‘) Mp (40.6-2) 


That is, all components of the product are computed like the first but with a and 6 cyclically shifted. 


A routine that checks whether a given polynomial c is normal and, if so, computes the multiplication 
matrix M, is [FXT: bitpol_normal_qQ in bpol/bitpol-normal.cc) which proceeds as follows: 


1. If the polynomial c is reducible, return false. 


2. Compute the matrix A whose k-th row equals x mod. If A is not invertible then (the nullspace 
is not empty and) c is not normal, so return false. 


3. Set D:= A-C™ - A~! where C is the companion matrix of c. 


4. Compute the multiplication matrix M where M;; := Dj, i’ := —i mod n and j’ := j —i mod n. 
Return (true and) the matrix M. 


Examples of the intermediate results for two different field polynomials are given in figure |40.6-A 


Normal poly: c=11111 ="= 4,3,2,1,0 Normal poly: c=111.11 ="= 5,4,2,1,0 
A= Av-1= A= Av-1= 
Fe leer 1111 ee 11111 
ids — gees Wvsrievs 
1111 oi eee Sleep 5 Asie 
ies | bee ai etd. 13 .4.. 
1.111 pe eee 
C°T= D=A*xC“T*A*{-1}= 
re eee eee C°T= D=A*xC“T*A*{-1}= 
edie scouts wld, g ee 
ee 1111 fides Vd 
1111 stds eset ova 
eee odds 
Multiplication matrix: M= 111.1 Peele 
eid 
wel b Multiplication matrix: M= 
i ee ethene 
ee pee ie 
feed 
«41... 
ae eek 


Figure 40.6-A: Matrices that occur with the computation of the multiplication matrix for the field 
polynomials c=1+2+2?+ 23+ 2% (left) andc=1+a24+27+24+2° (right). 


A C++ function implementing the multiplication algorithm is [FXT: normal_mult() in |bpol/normal- 


nultce 


ulong 

normal_mult(ulong a, ulong b, const ulong *M, ulong n) 
// Multiply two elements (a and b in GF(2*n)) 

// in normal basis representation. 

// The multiplication matrix has to be supplied in M. 


{ 
ulong p = 0; 
for (ulong k=0; k<n; ++k) 
{ 
ulong v = bitmat_mult_Mv(M, n, b); 
v = parity( v& a); // dot product 
p= (Cv <k); 
a = bit_rotate_right(a, 1, n); 
b = bit_rotate_right(b, 1, n); 
return p; 
} 


We note that the algorithm is much more attractive for hardware implementations than for software, 


see [94]. 


[fxtbook draft of 2008-January-19] 


40.6: Representation by normal bases 867 


40.6.2 Solving the reduced quadratic equation 


Normal poly: c=1111.1 == x°5 + x°4+ x°3 + x°2+ 1 
k = f=g**k Tr(f) x*2+x== 
Oo seas 11111 1 
PP ceca. 3 ietangat 1 
ay ae gies Des Hl 
A eres ee i hail 1 
4S das 4 seal 1 
b= nad % 1.111 é x=.11.1 
6 =...41. 3 111.. 1 
7 = ..111 : .11.1 1 
OS adie 22 ee 1 
QS dd 4 111.1 : x=.1.11 

10 = .1.1. : .1111 : x=..1.1 
11 = .1.11 : «AL, : x=...1 
12S ele. 3 11..1 a 

13 = .11.1: ee ; x=.1 

14 = .111. : 11.1. 1 

15 = .1111 : ze eee : x=.11 
16 = tee 3 ee Hl 

Lif SS Vesaad: 3 aoe eile 1 

18 =1..1. : 11.11 : x=.1..1 
19 = 41.511) 1.11. 1 

20 =1.1..: 1111. ‘ x=.1.1. 
2i=1.1.1: eeink : x=....1 
22 = 1.11. : sad s : ee ae 
23 = 1.111: od od: ‘ =.011 
24= 11... : 1-211 1 

25 = 11..1: vd ed 1 

26 = 11.1. : 1...1 : x=.1111 
27 = 11.11: wtediad, x=...11 
28 = 111.. : 1.1.1 1 

29 = 111.1: 1..1. x=.111. 
30 = 1111. : ideal x=..111 


Figure 40.6-B: Solving the reduced quadratic equation x? + « = f for powers f = g* of the generator 
g =. The equation is solvable if the trace is zero, that is, the number of bits in the normal representation 
is even. The (primitive) field polynomial is 1 + 27 + 2° + a4 + 2°. 


The reduced quadratic equation x? + 2 = f has two solutions if Tr(f) = 0. If so, one solution 2 = 
[%0,21,---,2n—1] can be obtained as 2, = a, fe where f = [fo,fi,---;fn—i]. This follows from 
observing that 


e+e = [got a¢n—1, 20+ 01, 21+ 22, ..., Cn-2+ fn-1, Pn_1 + 20] (40.6-3) 


Now equate 2 + 2 = f and set tp_1 = 0 ee In—-1 = 1 gives the complement which is also 
29) 


a solution). In C++ this translates to (see page [FXT: normal_solve_reduced_quadratic() in 
bpol/normal-solvequadratic.cc 


ulong 

normal_solve_reduced_quadratic(ulong c) 

// Solve x°2+x=c 

// Must have: trace(c)== 

// Return one solution x, the other solution equals 1+x, 
// that is, the complement of x. 

{ 


} 


return inverse_rev_gray_code(c) ; 


The highest bit of the result is zero exactly if the equation is solvable. The reversed Gray code is given 


in section [I.15.6]on page [41] 


The program [FXT: |gf2n/normalbasis-demo.cc| prints the powers of x in normal basis representation, see 
figure |40.6-B] By default a primitive normal polynomial from [FXT: bpol/normal-primpoly.cc) is used. 


If more than one argument is given the arguments should give the nonzero coefficients of the polynomial 
modulus. 


[fxtbook draft of 2008-January-19] 


868 Chapter 40: Binary finite fields: GF(2”) 


40.6.3. The number of binary normal bases * 


A n: An n: A n: A 


3 


1: 1 11: 93 21: 27783 31: 28629151 
2: 1 12: 128 22: 95232 32: 67108864 
3: 1 13: 315 23: 182183 33: 97327197 
A: 2 14: 448 24: 262144 34: 250675200 
5: 3 15: 675 25: 629145 30: 352149525 
6: 4 16: 2048 26: 1290240 36: 704643072 
es 7 17: 3825 27: 1835001 37: 1857283155 
8: 16 18: 5376 28: 3670016 38: 3616800768 
9: 21 19: 13797 29: 9256395 39: 5282242875 
10: 48 20: 24576 30: 11059200 40: 12884901888 


Figure 40.6-C: The number A,, of degree-n binary normal polynomials up to n = 40. 


n: By, n: B, n: By n: By 
1: 1 11: 87 21: 23579 3l: 28629151 
2: 1 12: 52 22: 59986 32: 33552327 
3: 1 13: 315 23: 178259 33: 78899078 
A: 1 14: 291 24: 103680 
D: 3 15: 562 25: 607522 
6: 3 16: 1017 26: 859849 
a 7 17: = 3825 27: 1551227 
8: t 18: 2870 28: 1815045 
9: 19 19: 13797 29: 9203747 

10: 29 20: 11255 30: 5505966 


Figure 40.6-D: The number B,, of degree-n binary primitive normal polynomials up to n = 33. 


The number A,, of degree-n binary normal polynomials up to n = 40 is given in figure|40.6-C} A table of 
the values A, for 1 <n < 130 and their factorizations is given in [FXT: data/num-normalpoly.txt). The 
sequence A,, is sequence |A027362 of [214]. 


The number B,, of degree-n binary primitive normal polynomials up to n = 30 is given in figure |40.6-D 


This is sequence A107222 of [214]. 


40.6.3.1 Computation via exhaustive search 


For small degrees all normal polynomials can be generated by selecting from the irreducible polynomials 
those that are normal. Using the mechanism that generate all irreducible polynomials via Lyndon words 
that is described in section on page the computation is a matter of minutes for n < 25. 


The program [FXT: |gf2n/all-normalpoly-demo.cc) prints all normal polynomials of a given degree n and 
a ‘P’. 


marks those that are primitive wi e Output for n = 9 is 


avlae] 


+ APape 


far 
a 4 
B REY 
are 
a 


. AR 


NIOOIPWNFOWOONDAOTIRWNFE 
eee as 
he BRR RRR: - 
eS 
RRR 


a 


agaaNggNgNANANAANAANAANANAANAANAN 
BRR RHR RRR 


vwvUUU VUUU VU 


PReeRRRHRHE 


[fxtbook draft of 2008-January-19] 


40.6: Representation by normal bases 869 


18: c=111,111..1 P 
19: c=1111.11..1 P 
20: c=lt..111,11 P 
21: c=11.11.11.1 P 


We can compute the number of normal (=: A,,) and primitive normal (=: B,,) binary polynomials for 
a small degrees n using that program. The table of the values B,, in figure [40.6-D] was produced with 
the mentioned program, the computation up to n = 30 takes about 90 minutes. As noted in [123], no 
formula for the number of primitive normal polynomials is presently known. The proof that primitive 
normal bases exist for all finite extension fields was given 1987 in [I68}. 


40.6.3.2 Cycles in the De Bruijn graph 
Quite surprisingly, it turns out that A, equals the number of cycles in the De Bruijn graph (see sec- 
tions |19.2.2]on page and on page|838). Thereby for n a power of two the number A, equals the 


number of binary De Bruijn sequences of length 2n. No isomorphism between both objects (paths and 
polynomials) is presently known. 


40.6.3.3 Invertible circulant matrices 


Moreover, A, equals the number of invertible circulant n x n matrices over GF(2). 


arg 1: 6 ==n [ nxn- matrices] default=6 
arg 2: 2 == wh [What to do: 0==>just count 1==>print words 
2==>also print matrix] default=2 
vO =1..... [T] vO = 1.11.. [1] 
M= M= 
eer 1.11.. 
pe ahs pied Ds 
int diece. dd 
ee i eee eee 
wd ol ee 
Sethe 1 se A. 
v0 = ee [Ss] vO = ea? [I] v0 = wat [I] 
111s ss 11111. 11.1.. 
-111.. 11111 .11.1. 
.111. 1.1111 «ed ded 
os odd 11.411 1.41. 
ae Bal 111.11 ol. 11 
11.222 1111.1 eee ered 


n=6 #invertible=4 #singular=1 


Figure 40.6-E: The length-6 Lyndon words of odd weight and the corresponding circulant matrices. 
Singular matrices are marked with ‘[S]’, invertible matrices with ‘[1I]’. 


This is demonstrated in [FXT: gf2n/bitmat-circulant-demo.cc| whose output for n = 6 is shown in 


figure |40.6-E| The search uses the Lyndon words as periodic words would trivially lead to singular 
matrices. Further, Lyndon words with an even number of bits can be skipped as the vector [1,1,1,...,1] 
is in the nullspace of the corresponding matrices. 


If the set {a, a2, a4,a°,...,a2” '} is a normal basis of GF(2”) we say that a generates the normal basis. 
Considering the rows of a circulant matrix as some element 7 in a normal basis representation then the 
following rows are (2, 8+, 8°,...,62" ' and the matrix is invertible if @ generates a normal basis. If 
q@ generates a normal basis then an element @ = ssa a;a? generates a normal basis exactly if the 
polynomial =. a,x’ is relatively prime to x” — 1. Thereby, with a fast algorithm to generate Lyndon 
words, determine all elements that generate normal bases if one such element is known as follows: select 
the Lyndon words with an odd number of ones and test whether gcd(L(x),2" — 1) = 1 where L(z) is the 
binary polynomial corresponding to the Lyndon word. If n is a power of two, then «” — 1 = (a—1)” and 
all Lyndon words with an odd number of ones are coprime to x” — 1. 


[fxtbook draft of 2008-January-19] 


870 Chapter 40: Binary finite fields: GF(2”) 


L(x) = 111.11. W(x) = 1....11 L(x) = 1.1.1.. W(x) = 1..1111 
M= M*-1,= M= M*-1 = 
111.11. n Bere Bak ale ee res 1..1111 
111.11 11....1 -1,1,1, 11..111 
1.111.1 sala eee Pee Osi ta pie es 
11.111. -lil... Deeded yi a eae 
211,111 sodites ,1..1.1 11111... 
pe lb es . 111. 1.1,.1, -11111. 
Petit e211 slvdesd se L1111 


Figure 40.6-F: The inverse of a n x n circulant matrix over GF(2) can be found by computing the 
inverse W(x) of its first row as a polynomial L(x) modulo x” — 1. 


If the Lyndon word under consideration is taken as a polynomial L(x) over GF(2) then the corresponding 
matrix is invertible exactly if gcd(L(x),2” — 1) = 1. The first row inverse of a circulant matrix over 
GF(2) can be found by computing W(x) = L(x)~! mod #” — 1 where L() is the binary polynomial with 
coefficients one where the Lyndon word has a one. As the inverse of a circulant matrix is also circulant, 
the remaining rows are cyclic shifts of W(x). Two examples with n = 7 are shown in figure 


40.6.3.4 Factorization of 7” —1 


The factorization of the polynomial 2” — 1 over GF(2) can be used for the computation of A,,. The file 
[FXT: data/polfactdeg.txt) supplies the necessary information: 


# Structure of the factorization of x“n-1 over GF(2): 


L? {1] (1*1] 

2: [2] [41+*1] 

3: [1] [1*1_+ 1*2] 

4: [4] [1*1] 

5: [1] [1*1 + 1*4] 

6: [2] [1*1 + 1*2] 

7: [1] [1*1_+ 23] 

8: [8] [4*1] 

9: [1] [11 + 1*2 + 1*6] 
10: [2] [1*1 + 1*4] 

11: [4] ([1*1 + 1*10] 

12: [4] [1*1 + 1*2] 

13: [4] ([1*1 + 1*12] 

14: [2] [1*1 + 2*3] 

15: [1] [1*1 + 1*2 + 34] 
16: [16] [1*1] 

17: [1] [1*1 + 2*8] 

An entry: n: [e] [mi*di + m2*d2 + ... ] says that (2”—1) = P(x)* and P(z) factors into m1 


different irreducible polynomials of degree di, m2 different irreducible polynomials of degree d2 and so 
on. As an example, for n = 6 we have 


2-1 = [23-1]? = [(e@4+1) (2? +2+41)]’ (40.6-4) 


x® is the square (e = 2) of a product of one irreducible polynomial of degree one and one of degree two. 
Therefore we have the entry: 6: [2] [1*1 + 1*2]. Another example, n = 15, 


gP-1 = [(2@+1) (a? +241) (c* +241) (a* + 2° +1) (ct+a% +a? +04 1)]" (40.6-5) 
corresponding to the entry 15: [1] [1*1 + 1*2 + 3*4]. 


Now one has for the number of normal polynomials: 


n 1 Mma 
oo I (1 : zm) (40.6-6) 


Note that the quantity e does not appear in the formula. For example, with n = 6 and n = 15 we obtain 


96 1" i\' 641 3 

As = = (1-5) ‘ (1 =) nae 4 (40.6-7a) 
gis bere eee i 

A = ee fee) ef ee Sp oe (TO = 40.6- 

. = ( =) ( =) ( zz) 675 (40.6-7b) 


[fxtbook draft of 2008-January-19] 


40.6: Representation by normal bases 871 


40.6.3.5 Efficient computation 


It is actually possible to compute the number of degree-n normal binary polynomials without explicitly 
factorizing 7” — 1. We have 


a”—-1 = |[Ya(c) (40.6-8) 
d\n 


where Yz(x) is the d-th cyclotomic polynomial (see section on page |826). We further know that 
Ya(x) factors into y(d)/r polynomials of degree r where r = ordg(2) is the order of 2 modulo d. Let 
an := A,/ (7), then a, can for odd n be computed as 


1 p(d)/r 
a, = |] ie (40.6-9) 


The following pari/gp code works for any prime p: 


p=2 /* global */ 
num_normal_p(n)= 


: local( r, i, pp ); 
pp = 1; 
fordiv (n, d, 
r = znorder(Mod(p,d)); 
i = eulerphi(d)/r; 
pp *= (1 - 1/p*r)7i; 
return( pp ); 
} 


The number A, can be computed (for arbitrary n) as An = aq (2) where q odd, and n = q2": 
num_normal (n)= 


local( t, q, pp ); 
t=1; q=n; 
while ( 0==(qhp), q/=p; tt=1; ); 
/* here: n==q*p7t */ 
pp = num_normal_p(q); 
pp *= p n/n; 
return( pp ); 
} 


The quantity ¢ is not used in the computation. The implementation is quite efficient: the computation of 
Ay for all n < 10,000 takes less than three seconds. The computation of A, for n = 1234567 = 127-9721 
(A, is a number with 371,636 decimal digits) takes about 200 milliseconds. 


40.6.4 Dual normal bases 


Let A = {ao, G1, G2, ++: , ni} be a basis of GF(2”). A basis B = {bo, by, bz, -+- , bn_1} is said to be 
the dual basis (or complementary basis) of A if 

Tr(anb;) = Onj for O<k,j<n (40.6-10) 
A basis that is its own dual is called self-dual. We treat only normal basis here. If @ is a root of a normal 
polynomial C then A = fa, a?, a*,---, a?” } is a normal basis. 


A necessary condition for C to be normal is that gcd(T, «” — 1) = 1 where 


T = tothetipe’ +...+th107* (40.6-11) 


with t, = Tr(a a2"). The polynomial T can be computed via [FXT: bpol/normalpoly-dual.cc 


[fxtbook draft of 2008-January-19] 


872 Chapter 40: Binary finite fields: GF(2”) 
Cc T Cx D = T*-1 God x*n-1) 
Ie ° delhi: iP ates, TTd sf Ft Fit et set es Ep Dr tt et Ea i 
22° Ale. decd Ped ae LV ted a DTA 
3: ‘d2dtd....d1 PP 4, 12212.11 bt test tt Kees Es st Seer ee 
42 disti.t.tt Poo. Dt et et 1111111.11 .111..1111 
Be Tete OP ced TTI Tie chow tl ode ltl Tt 
6 f1t...d110 -P 10d. Led des a Th TT 
y Gece eer ere 1 eka Beer bt bk L111 .11..40 «2.411211 
Sy “Thetid edd: SR ae eet 1 is Ifa ss ener bs eee oe 1 
O:> DIT Tei. eRe te Tit Dh ed dence D ply eeegeeee! Eb E 
10: 1111..1.11 P .111..1111 11.1.11.11 1.11.1.1 
tis Li.t.d1240 Pd. tL sa fal et eg a 1411..1111 
125°. Ade Ted peed bee elie eee 1 la yet ea eee ae ee ear 1 
13:  1111111.11 P 111..1111 11.11.1.11 Pople it ee ee 
14: 1111...111 P 111..1111 1 ddd ste TdT Ad 
15:. ihe..teds TP Le cdids 11 111...1111 111111.1 
LO: Pde Dae t ddd Re ae diecec 8% 1 sf apie er Es ee 1 
173. 12...40111. Po out. .11. 211 111.111..1  ..111111.1 
182° PELL SP TTT De IIT? tae 
19: Titt.tti.d PP ot. titd.di nin eee Ln seldbeeeeel lh 
20% di. ddiett <P ds. TTt ssf Ft Pt seat Ce mm Eat tt EE 
2h (id Po de Det 1111...111 .111..1111 


Figure 40.6-G: All normal polynomials C' of degree 9 and their polynomials T (left), their duals C* 
and D = T~? (right). Primitive polynomials C are marked with ‘P’, self-dual C = C* are marked with 
‘S’. 


ulong 
gf2n_ntrace(ulong c, ulong deg) 
// Return vector V of traces v[k]=trace(ek), where 
// ek = x*x*(2°k), k=0..deg-1, and 
// x is a root of the irreducible polynomial C. 
// Must have: deg == degree(C) 
{ 
const ulong tv = gf2n_trace_vector_x(c, deg); // traces of x*k 
ulong rt = 2UL; // root of C 
const ulong h = 1UL << (deg-1); // aux 
ulong v = 0; 
for (ulong k=0; k<deg; ++k) 
{ 
ulong ek = bitpolmod_times_x(rt, c, h); // == x*x7* (27k) 
ulong tk = gf2n_fast_trace(ek, tv); // == sum(ek[i] *tk[i]) 
v |= (tk<<k); 
rt = bitpolmod_square(rt, c, h); 
} 


return v; 


} 


Now if C is normal then T has an inverse D = T~! mod x” — 1. Write 


D = dgptdhat+dnz?+...+dyi2™' (40.6-12a) 


then 


B= deta +e +t dcie (40.6-12b) 
is a root of a normal polynomial so B = {@, 8?, 34, --- , 92" '} is the dual (normal) basis of A. The 
following routine computes T, D, B, and finally the minimal polynomial C* of (3: 


ulong 

gf2n_dual_normal(ulong c, ulong deg, ulong ntc/*=0*/, ulong *ntd/*=0*/) 
// Return the minimal polynomial CS for the dual (normal) basis 

// with the irreducible normal polynomial C. 

// Return zero if C is not normal. 

// Must have: deg == degree(C). 

// If ntc is supplied it must be equal to gf2n_ntrace(c, deg). 

// If ntd is nonzero, ntc*-1 (mod x*deg-1) is written to it. 


if ( O==ntc ) ntc = gf2n_ntrace(c, deg); 
const ulong d = bitpolmod_inverse(ntc, 1 | (1UL<<deg) ); // ntc=d*-1 (mod x*deg-1) 


[fxtbook draft of 2008-January-19] 


40.7: Conversion between normal and polynomial representation 


if ( O==d ) return 0; // C not normal 


if ( O!=ntd ) *ntd = d; 


const ulong h = 1UL << (deg-1); 
ulong alpha = 2UL; // ’x’, 


ulong beta = 0; 


for (ulong m=d; m!=0; m>>=1) 


if (m&1) beta “= 


// aux 


a root of C 
// root of the dual polynomial 


alpha; 


alpha = bitpolmod_square(alpha, c, h); 


ulong cs; // minimal polynomial of beta 
bitpolmod_minpoly(beta, c, deg, cs); 


return cs; 


gf2n/normalpoly-dual-demo.cc). 
in |143}. 


873 


Figure |40.6-G|shows the normal bases of degree 9 and their duals, it was created with the program [FXT: 


A (complicated) expression for the number of self-dual normal bases is 


given in [143] 

n: Sy ne Sx n: Sy n Sa n: Sn 
1: 0 9: 3 17: 17 25 205 33: 3267 
2: 1 10: 4 18: 48 26 320 34: 4352 
3: 1 11: 3 19: 27 27 513 35: 

4: 0 12: 0 20 0 28 0 36: 

5: 1 13: 5 21: 63 29 565 37: 

6: Y 14: 8 22: 96 30: 1920 38: 

G 1 15: 15 23: 89 31 961 39: 

8: 0 16: 0 24 0 32 0 40: 

n: Zp n: Ly Ve Lig n Zn n: Zn 
1: 0 9: 2 17: 17 25: 200 33: 2660 
2: 1 10: 3 18: 25 26: 215 34: 2917 
3: 1 11: 3 19: 27 27: 428 35: 

A: 0 12: 0 20: 0 28: 0 36: 
5: 1 13: 5 21: 57 29: 562 37: 
6: 1 14: 4 22: 60 30: 997 38: 
76 1 15: 11 23: 87 31: 961 39: 
8: 0 16: 0 24: 0 32: 0 AO: 


Figure 40.6-H: Number of self-dual normal basis (.S,,) and self-dual primitive normal basis (Z,). 


40.7 Conversion between normal and polynomial representation 


If the field polynomial C' is normal then conversion between the representations in polynomial and normal 
basis can be achieved as follows: Let Z be the n x n matrix whose k-th column equals a2 mod C where 


n is the degree of C. If a is the polynomial representation then the normal representation is b = Z~!- a 
(both a and 6 shall be column vectors). 


The implementation [FXT: class GF2n in bpol/gf2n.h| allows the conversion to the normal representation 


if the field polynomial is normal. In the initializer |FXT: GF2n::init(Q in 


(n2p_tab[]) and Z~! (p2n_tab[]) are computed with the lines 


// conversion to and from normal representation: 
for (ulong k=0,s=2; k<n_; ++k) 
{ 


[fxtbook draft of 2008-January-19] 


bpol/gf2n.cc| the matrix Z 


874 Chapter 40: Binary finite fields: GF(2”) 


k = bin(k): f= g**k == (normal) trace (f) 

OS ssravien : Keeraivetl 1 

ae re warihs ectiackd 1 

aes ae als er 1 

3 = ...11: wlees SS a1. 1 

ae ee Datige == aeedis.. 1 

> eee eae 111.1 == 1,111 

6=..11. : ..d11 == 111.. 1 

7 = ..111 : e111. == .11.1 1 P2N= 
SS g1ine. 3 111... == dts 1 11... 
OS lead. % eeled == Tit . tT. 
10. = stats 3 1.1. == .1111 . tid 
Di td Ls Pele. SS oat, ; ee 
1202 1004-3 Pit.2 == 41..1 1 ee 
13 = .11,.1 : 1.111 == 11... 

14 = .111. : Pecedd: Sr Ted, 1 

15 = .1111 : 11.11 5 ae ee . N2P= 
16> dicaa 3 Pe es | 5 ee 1 aac 
Lf= Aswad 3 hett.. == 2.011 1 Dacca dl 
18 =1..1. : diccdh == 11.44 . Led. 
ge ae eee be 11111 == 1.11. 1 ...11 
20 = 1.1.. : ...d1 == 1111. ; 11. 
21 = 1.1.1: welds SS axoht 
22 = 1.11. : etd Se ats. . 
23 = 1.111 : Tee = abet. . 
24> T1ade 3 11.1 == 1..11 1 
25 = 11..1: 11.1. == .1.11 al 
26 = 11.1. : ediencd, “SS decesd: 
27 = 11.11: Lick. -== .1.1 . 
28 = 111.. : Ttcd) Sse ded 1 
29 = 111.1: elt. S= “ded, 
30 = 1111. : tit. eS .1..d 


Figure 40.7-A: Conversion between normal- and polynomial representation with the (primitive) poly- 
nomial c= 1+ 2?2+23+a++ 2°. The conversion matrices are given as P2N and N2P. 


n2p_tab[k] = s; 
s = bitpolmod_square(s, c_, h_); 


} 
bitmat_transpose(n2p_tab, n_, n2p_tab); 
is_normal_ = bitmat_inverse(n2p_tab, n_, p2n_tab); 


The last line records whether the field polynomial is normal which is the case exactly if Z is invertible. 


The functions [FXT: |bpol/gf2n.cc 


ulong // static 
GF2n::p2n(ulong f) 
{ 


} 


ulong // static 
GF2n: :n2p(ulong f) 
{ 


return bitmat_mult_Mv(p2n_tab, n_, f); 


return bitmat_mult_Mv(n2p_tab, n_, f); 
} 


allow conversions between the normal and polynomial representations. The method 


ulong get_normal() const ‘{ return p2n(v_); } 


provides a convenient way to obtain the normal representation of a given element. 


This is demonstrated in [FXT: gf2n/gf2n-normal-demo.cc) where both the polynomial and the normal 
representation are given, see figure 


If the last argument of the initialization routine of the C++ class GF2n, init(m, c, normalq), is set then 
a (primitive) normal polynomial will be used as field polynomial. A list of primitive normal polynomials 


is given in [FXT: bpol/normalprimpoly.cc). 


[fxtbook draft of 2008-January-19] 


40.8: Optimal normal bases (ONB) 875 


40.8 Optimal normal bases (ONB) 


The number of nonzero terms in the multiplication matrix determine the complexity (operation count) 
for the multiplication with normal bases. It turns out that for certain values of n there are normal bases 
of GF(2") whose multiplication matrices have at most two nonzero entries in each row (and column). 
Such bases are called optimal normal bases (ONB). 


Optimal normal bases are especially interesting for hardware implementations because of both the highly 
regular structure of the multiplication algorithm and the minimal complexity with ONBs. 


40.8.1 Type-1 optimal normal bases 


A so-called type-1 optimal normal basis exists for n when p := n+ 1 is prime and 2 is a primitive root 
modulo p (and for n = 0 and n = 1). The sequence of such n starts 


0, 1, 2, 4 12, 18, 28, 36, 52, 58, 60, 66, 82, 100, 106, 130, 138, 148, 
162, °172, i782’ 180? 196, 210, 226,’ 268, 992, 316, 346, 348, 372, 378, 388, 
418? 420? 442? 460; 466? 490? 508; 


This is entry A071642 of [214]. One has always n = 2 or n = 4 modulo 8. A list of the corresponding 
primes is given in figure}39.6-B]on page The field polynomial corresponding to a type-1 ONB is the 
all-ones polynomial 


Pia 
rs = l+etaer¢e? +... +2" 
x—1 


(40.8-1) 


These polynomials are non-primitive for all n F 2. 


Normal poly: c=11111111111 


A= A°-1= 
ll ccraysemet enero 1111111111 
etal i gneh Geren Wns gatuinact ies 
cere eereree WS ecu aise Base 
ere ds studies eos s 
Pigenbea 1... stai debaie te, £50, 36 
Vidi iii eee ere = 
iitoeee hs he ar ne 
descaceracdes Deb erse. asd 
scasestanieste Als 14 atts seco Rsicg 
D=A*C“T*A*{-1}= Multiplication matrix: M= 

clggeegdemie | | | auisudvaess Dede 2 

bicie Siva sacs 1. beeen i Ree 

glia coer etree 

soda Soe 1. peer ee 

Pee ee eee ee 1.1 

ae ioe il eae eeenecee 

testers sl edhe. ees ements dis 

Sd ebntantese eb edigos a ae 

i seers csc ieee 
VOTTAIIAT Teaco ees 1 sida p acerk 


Figure 40.8-A: Matrices that occur with the computation of the multiplication matrix for the field 
polynomial e=1+a@+4+...4+ 21. 


The multiplication matrices are sparse: there is exactly one entry in the first row and column and exactly 
two in the other rows and columns. That is, the multiplication matrices for GF(n) with optimal normal 
basis have exactly 2n—1 nonzero entries. For example, with n = 10 we obtain the matrix shown (together 
with the intermediate results) in figure [40.8-A] The equivalent data for n = 4 is shown in figure 


on page [866] 


[fxtbook draft of 2008-January-19] 


876 Chapter 40: Binary finite fields: GF(2”) 


0: [0] 1 

1: [1] 11 

2: [41] 111 

3: [1] 11.1 <--= x°4 + x73 +1 

4: [0] 141.1 

5: [1] 141.411 

6: [1] 144..11 

7: [OJ] 414.4...1 

8: [O] 1441.1...1 

9: [1] 11. 111. <1 

10: [0] 411..14.411 

11: [4] 11.1...441.1 

12° fO], Wattles. d al 

13: [0] 11.114..... Lai 

14: [41] 111..11...... 11 

P52 OY Ais Aes cusses dee aeend 1 

16: [0] 1411.1...1....... 1 

17: [0] 11.111..11...... Tt 

18: [4] 111..11.111..... Titi 

19: [0] 11.1...111.1....141.1 

20: [0] 111. 1. Pa 1. Pa es Os 

21: [0] 11.111. Se las aa 111. elt.111 

22: [0] 111..11...... 11.111..11 

238 FU] Wetec Pesce T10s de ecd 

24: [O] 111.1...1........ tU.1 1 

25% Ol] Wd. tdd Te kes 111.41 

26: [1] 111..11.111.......... 11.111 

27: [0] 11.1 plas os eee ae L111 

28: [0] 111.1 pl dis Dale sme 5 cbe Rs (a 

29: [1] 11.111..... DET fern ecanece eas 111 

30: [1] 111..11...... US 54-64 easehée a Ss 11 

31: [OJ] 11.1...1....... Neco ane, 26. S18 aise al 1 

32%: (OU, Aa dee eds os ocss ad Weds eos OSA ORS 1 

33: [1] 11.111..11...... ye aera ee ee eee 11 
34: [0] 111..11.111..... TAA ome ee eek do Tt 
B58 A Sede We ene hee a 11.1 
36: [0] 111. 1. xii. i. gold We Wacd ext evente egrets t1t.4 
37: [0] 11.111. rere 111. Pes Wap Se [rear eee ear Ti .144 
38: [0] 111..11...... 41.111..41 “id omathass ps Pe 
39: [1] 11.141...1....... sl | Reems (ere Eee eres 1s Dede dh 
40: [0] 111.1...1........ sy Oy Geer rare eer pi Ge ge 1 


Figure 40.8-B: The polynomials py, up to k = 40 as binary strings. The entry in the second column is 
‘[1]’ is the polynomial is irreducible (a field polynomial for a type-2 optimal normal basis). 


40.8.2. Type-2 optimal normal bases 


A type-2 optimal normal basis exists for n if p:= 2n-+ 1 is prime and either 
e n=1orn=2 modulo 4 and the order of 2 modulo p equals 2 n. 


e n=3mod 4 and the order of 2 modulo p equals n. 


A type-2 basis exists for the following n < 200: 


1, 22,3) ,55 18, 23, 26, 29, 30, 33, 35, 39, 41, 50 
Bit aaa Bi gee vis. he $3, 86; 89 499: 235 $855 ghee teh ie! ga 


The corresponding normal polynomial (see figure|40.8-B) of degree n can be computed via the recursion 


po = 1, p= £+1 (40.8-2a) 
Pk i= £Pe-1 + Pr-2 (40.8-2b) 
Compare to the recursion that transforms a linear hybrid cellular automaton into a binary polynomial 
relation |39.7-1]on page the type-2 ONBs correspond to the most trivial LHCA defined by the rule 


having a single one as the lowest bit of the rule word. 


[fxtbook draft of 2008-January-19] 


40.9: Gaussian normal bases 877 


As with type-1 ONBs, the multiplication matrices are sparse. The polynomials and multiplication ma- 
trices for n = 6 and n = 9 are 


6,5,4,1,0 9,8,6,5,4,1,0 
lide Auda, Sereda 
i eer es Mheterked coeepesa 
weg dd duane dane 
se re ree 1.1 
td +h eerree 
Med, kes 11 
ere Gat hee 
Deedee 
sence euadecd 


The intermediate values with the computation of the multiplication matrix for n = 5 are shown in 
figure [40.6-A] on page [866] 


We note a relation of the polynomials p; to the Fibonacci polynomials defined by 


fo = 0) freed (40.8-3a) 
fe := &fe1+ fra (40.8-3b) 

We have 
Pe = farsi (40.8-4) 


40.9 Gaussian normal bases 


The type-t Gaussian normal basis (GNB) generalize the optimal normal basis. The type-1 and type-2 
GNBs are the corresponding ONBs. The multiplication matrices for type-t GNBs for t > 2 have more 
nonzero entries than the ONBs. 
A type-t GNB exists for n when p := tn +1 is prime and gcd(n,tn/r2) = 1 where rg is the order of 2 
modulo p. Implementation of the test using pari/gp: 
gauss_test(n, t)= 
{ /* test whether a type-t Gaussian normal basis exists for GF(2*n) */ 

local( p, r2, g, ad); 

p = t*n + 1; 

if ( !isprime(p), return( 0 ) ); 

if ( p<=2, return( 0 ) ); 

r2 = znorder( Mod(2, p) ); 

d = (t*n)/r2; 

g = gcd( d, n); 

return ( if ( 1==g, 1, 0) ); 
} 


For n divisible by 8 no GNB exist. If a type-t GNB exists it is unique. 


40.9.1 Computation of the multiplication matrix 
An algorithm that computes the multiplication matrix for a type-t GNB proceeds as follows (The algo- 
rithm uses a vector F{1,2,...,p—1]): 

1. Set p=tn+1 (this is a prime), and compute an element r of order t modulo p. 

2. For k=0,1,...,¢—1 do the following: set 7 = r* and for i=0,1,...,n—1 set F[j2*] =i. 

3. Set the multiplication matrix M to zero. 

4. For i=1,2,...,p—2 add one to Mppy_4 rpi44y- 

5. If t is odd set h = n/2 and do the following: for 1 =0,1,...,4—1 increment Mj .,4; and Mn+i,i. 


Implementation in pari/gp: 


[fxtbook draft of 2008-January-19] 


878 Chapter 40: Binary finite fields: GF(2”) 


gauss_nb(n, t)= 
{ /* return multiplier matrix for type-t Gaussian normal basis */ 
/* returned matrix is over Z and has to be multiplied by Mod(1,2) */ 
local(p, r, F, w, x, nh, m, ir, ic); 
if ( 0==gauss_test(n, t), print("No type-",t, " GNB for n=",n); return(0)); 


p = t*n + 1; 
r = zgnprimroot(p); r=r(n); /* r has order t */ 
F = vector(p-1); 
w = Mod(1, p); 
for (k=0, t-1, 
j = lift(w); 
for (i=0, n-1, 
F[j] = i; 
jt=j; if (j>=p, j-=p); /* 2*j mod p */ 
digs v3 
)5 


m = matrix(n, n); 
for (i=1, p-2, 
ir = F[p-i]; ic = F[it1]; 
m{ irti, icti ] += 1; 
)3 
if ( 1==(t%2), 
nh = n/2; /* odd t ==> even n */ 
for (i=0, nh-i, 
ir =i; ic =nht+ i; 
ir += 1; ic t= 1; 
m[ir, ic] += 1; 
mic, ir] += 1; 


); 
); 
return (Mm); 
} 
n=7, t=4 n=12, t=3 
M= M*Mod(1,2)= M= M*Mod(1,2)= 
edd Dee eer etcete keds cco dbs fei died Ls 
se leer | x es eee Seu Belt hess eee rel es era 
1.441. Ps Pee I I ee vec bubsandk dis ane peer Geer 
oe eee sg dise-o dt 11 orale 141..1 1 
2A ell weve «rae enang dedds  -- “Daeeescecn 11 
es is is ergs | -111..1 hs Wire, Bgl dod 4 Ate caring 124 
1..111 1..411 11 aes VWs: ceanice dics aise 
ol ee ee 1 5 is es ae 1 
Deb. tee Dede eset ated ng 
14d dle ees ll di. 
1 dog Vee i eee eee 1 
shea 1.1.41 Seretvsltee kad 


Figure 40.9-A: Multiplication matrices over Z and GF(2) for Gaussian normal bases with n = 7, t = 4 
(left), and n = 12, t = 8 (right). Dots denote zeros. 


The implementation computes M with entries in Z and has to be reduced modulo 2 before usage. Fig- 


ure gives two examples. 


The file [FXT:|d t| lists for each 2 <n < 1032 the smallest ten values of t so that 
there is a type- e ren values of t do not necessary lead to different multiplication 
matrices, especially ee ao values of n. For example, the modulo 2 reduced multiplication matrices for 
n= 6 and the 10 smallest values of ¢ are: 


t=2: t=3: t=6: t=10: t=11: t=23: t=27: t=30: t=35: t=55: 
MQseeea. ansdiicd fins alews sted, ohjtd .1.d. Wess - od 14: Pos Wea ie 
decade Gelden-. Lett dade woktes teddt, D2ettt. List. Led. Led. 
sewdds: Died adewsd «decd 11.241 sdawds adeste accth, otlyds pe Fees 
vadiecd Posen olecds.. afeccdl. Vee Theses Gdasse ovhecd ddsass le eee 
wiWece - pled. neve «6 caked “Did. Tilted. «tess Atf..1 141..1 
seeded: edt dah dt 11.411 Pett sped: weet. weadied cet seed 


[fxtbook draft of 2008-January-19] 


40.9: Gaussian normal bases 879 


40.9.2 Determination of the field polynomial 


We give two algorithms for the determination of the field polynomial when n and ¢ are given, the first 
uses computations with complex numbers, the second uses polynomial modular arithmetic over GF(2). 


40.9.2.1 Algorithm with complex numbers 


n=4 t=1: p=5 
a(1)=2 w(1)=(+0.309016994374947 + 0.951056516295153 I) 
a(2)=4 w(2)=(-0.809016994374947 + 0.587785252292473 I) 
a(3)=8 w(3)=(+0.309016994374947 - 0.951056516295153 I) 
a(4)=6 w(4)=(-0.809016994374947 - 0.587785252292473 I) 

z(x)=x°4 + x°3 + x72+x+1 

p(x)=x°4 + x°3 + x72 +x+1 


n=4 t=3: p=13 
a(1)=18 w(1)=(+0.65138781886599 
a(2)=10 w(2)=(-1.15138781886599 
a(3)=20 w(3)=(+0.65138781886599 
a(4)=14 w(4)=(-1.15138781886599 
z(x)=x74 + x73 + 2x72 - 4*x + 3 
p(x)=x°4 + x73 + 1 
n=4 t=7: p=29 
a(1)=40 w(1)=(+1.09629120178362 
a(2)=22 w(2)=(-1.59629120178362 
a(3)=44 w(3)=(+1.09629120178362 
a(4)=30 w(4)=(-1.59629120178362 
zZ(x)=x74 + x73 + 4#x72 + 20#x + 23 
p(x)=x°4 + x73 +1 


.52241580345640 I) 
. 72542218842200 I) 
.52241580345640 I) 
. 72542218842200 I) 


lrett 
FORO 


.64399848798350 I) 
.50918758384404 I) 
.64399848798350 I) 
.50918758384404 I) 


++141 
ONON 


Figure 40.9-B: Numerical values with the computation of the field polynomial for n = 4 and types 
t € {1, 3, 7}. Note that the final result is identical for the types t = 3 and t = 7. 


The normal polynomial corresponding to a type-t Gaussian basis can be computed with the following 
algorithm. 


1. Set p=tn+1 and determine r so that the order of r modulo p equals t. 

2. For 1 <k <n compute wz = a, exp(az, 7i/p) where az = 2" r7 mod 2p. 
3. Let z(x) = [][p_, (x — wx), this is a polynomial with real integer coefficients. 
4. Return the polynomial with coefficients reduced modulo 2. 


The computation of the polynomial z(x) uses complex (inexact) arithmetics. That its coefficients should 
be close to real integers can be used as a check. 


The following pari/gp routine computes the complex polynomial. In order to keep the arguments for the 
exponential function small the values a, are computed modulo 2p, the periodicity of exp(.7i/p). 


gauss_zpoly(n, t)= 
{ /* return field polynomial for type-t Gaussian normal basis 
as polynomial over the complex numbers */ 


local(p, r, wk, tki, tk, a, zp); 


p = n*t + 1; 
r = znprimroot(p); r=rn; \\ r has order t (mod p) 
r = Mod(lift(r), 2*p); 
zp = 1; 
tk1 = Mod(2,2*p); tk = Mod(1,2*p); 
for (k=1, n, 
tk *= tki; \\ == Mod(2,2*p)"k; 
wk = 0; 
a = tk; 


for (j=0, t-1, 
wk += exp(1.0*I*Pi*lift(a)/p) ; 
a *= 7; 


a 


[fxtbook draft of 2008-January-19] 


880 Chapter 40: Binary finite fields: GF(2”) 


a(1)=44 w(1)=(+1.92583457469559 - 5.69206140 E-19 I) 
a(2)=42 w(2)=(+1.70883880909297 - 2.71050543 E-19 I) 
a(3)=38 w(3)=(+0.92013007546230 - 2.98155597 E-19 I) 
a(4)=30 w(4)=(-1.15336064422973 + 2.43945488 E-19 I) 
a(5)=14 w(5)=(-0.66975922434197 + 1.08420217 E-19 I) 
a(6)=28 w(6)=(-1.55142258140884 + 3.25260651 E-19 I) 
a(7)=10 w(7)=(+0.40691202610526 - 6.60685698 E-20 I) 
a(8)=20 w(8)=(-1.83442260301090 + 1.89735380 E-19 I) 
a(9)=40 w(9)=(+1.36510628643730 - 8.13151629 E-20 I) 


a(10)=34 w(10)=(-0.13648482672934 + 3.68459331 E-20 I) 
a(11)=22 w(11)=(-1.98137189207266 + 4.33680868 E-19 I) 
z(x)=x*11 + x710 - 10*x79 - 9*x78 + 36*x°7 + 28x76 - 56*x75 \ 
- 35*x74 + 35*x73 + 15*x72 - 6*x - 1 
p(x)=x711 + x710 + x°8 + x°4 4+ x°3 + x°2 +1 


n=11 t=6: p=67 
[--snip--] 
z(x)=x711 + x710 - 30*x79 - 63+*x°8 + 220*x~7 + 698*x76 - 101*x75 \ 
- 1960*x74 - 1758*x73 - 35*x72 + 243*x - 29 
p(x)=x711 + x710 + x°8+ x75 + x°2+ x41 
n=11 t=8: p=89 
[--snip--] 
z(x)=x711 + x710 - 40*x79 - 19*x°8 + 482*x~7 + 84*x76 - 2185*x75 \ 
+ 102*x74 + 3152*x73 - 781*x72 + 57*x - 1 
p(x)=x711 + x710 + x78 + x75 + x72 + x41 
n=11 t=18: p=199 
[--snip--] 
z(x)=x711 + x710 - 90*x79 - 115*x*8 + 2349%*x°7 + 943*x°6 - 26327*x75 \ 


+ 21284*x74 + 102168*x73 - 217794*x"2 + 148930*x - 30647 
p(x)=x711 + x710 + x°8 + x°7 + x76 + x75 4+ 1 


Figure 40.9-C: Numerical values with the computation of the field polynomial for n = 11 and types 
t € {2, 6, 8, 18}. The final results are identical for t = 6 and t = 8. 


Zp *= (x-wk) ; 
return ( zp ); 
} 
The final step uses pari/gp’s function round() which rounds all coefficients of its polynomial argument: 


gauss_poly(n, t)= 
{ /* return field polynomial for type-t Gaussian normal basis */ 
local(pp, zp); 
zp = gauss_zpoly(n, t); 
pp = round(real(zp)); /* rounds all coefficients */ 
pp *= Mod(1,2); /* coefficients modulo 2 */ 
return( pp ); 


} 


The results for type-1 bases can be verified using relation |40.8-1]on page |875| results with type-2 bases 


with relations |40.8-2a] . . |40.8-2b] on page The intermediate values occurring with the computation 
for n = 4 and the types t € {1,3,7} are shown in figure |40.9-B| The values for n = 11 and the types 


t € {2,6,8, 18} are shown in figure |40.9-C 


40.9.2.2 Algorithm working in GF(2) 


The following algorithm is a variation of what is given in |234]. 
1. Set p=tn+1 and determine r so that the order of r modulo p equals t. 
2. Set M(x) = — z*, All computations are done modulo M. 
3. If t equals 1 return M. 
4. Set Fo =1 (modulo M). 


[fxtbook draft of 2008-January-19] 


40.9: Gaussian normal bases 881 


n=4 t=3: p=13 \\ integer computation 


r= Mod(3, 13) ord(r)=3 == t 

= x712 + x711 + x710 + x79 + x78 + x77 + x76 + x75 + x744+ x73 + x72 + x+ 1 
cate k=1 

=x°9+x°3+x 

= x79 + x73 + 2*x 

Sa k=2 

= x76 + x75 + x72 

= x7il es + x79 + x78 + 2*x77 + 24x76 + x75 + x74 + 2x73 + 34x72 + x 

= -x711 - x79 - x78 - x77 -_x76 - x75 - x73 - x72 -x-i 

= ce x710 - 2*x79 + x77 + 2ex76 + x73 - 1 


= x7i1+ x78 + x°7 
= x74 - x73 + 2*x72 + 4*x + 3 


==> x74 - x73 + 2kx72 + 4kx + 3 == x74 + x73 + 1 (mod 2) 


n=4 t=3: p=13 \\ computation over GF(2) 


3, 13) ord(r)=3 == t 


r= Mod( 
“12 4+ x711 + x710 + x79 + x°8 + x77 + x76 4+ x°5 + x74 4+ x73 4+ x724+ x41 


> 


yy 
va 


y 
Il 4 > i 
11 Ww 


"9+ x78 + x75 + x74 4+ x72 +x 


| 
| 
| 
| 
>>] 
RE | 
BRE I 
+++ 
tad Ul 
pd DSPd md COP ODD 


9+ x78 + x77 + x76+ x75 + x7°3+x72+ x41 
“10 + x77 + x73 4+ 1 
8 


i] 
ta ata 
B® Be 


==> 


Figure 40.9-D: Computation of the field polynomial for n = 4 and t = 3 with polynomials over the 
integers (top) and polynomials over GF(2) (bottom). 


5. Forl<k<n: 


(a) Set Z, = a x%(*J) (modulo M) where a(k,j) = 2" ri mod p. 


(b) Set Fi, = (a+ Z,) Fj-1 (modulo M). 
6. Return F;, with coefficients reduced modulo 2. 


The intermediate quantities in the computation for n = 4 and t = 3 are shown at the top of figure|40.9-D 
The result is a polynomial over the integers identical to the one computed with the algorithm that uses 
complex numbers. When all polynomials are taken over GF(2) the computation proceeds as shown at 


the bottom of figure |40.9-D} Implementation in pari/gp: 


gauss_poly2(n, t)= 
{ /* return field polynomial for type-t Gaussian normal basis */ 
local(p, M, r, F, t21, t2, Z); 


p = ten + 1; 
r = znprimroot(p)“n; \\ element of order t mod p 
M = sum(k=0, p-1, ’x*k); \\ The polynomial modulus 


M *= Mod(1,2); \\ ... over GF(2) 
if ( 1==t, return( M) ); \\ for type 1 


F = Mod(1, M); 
t21 = Mod(2,p); t2 = Mod(1,p); 
for 


(?x+Z) *F; 


); 
return ( lift(F) ); 


[fxtbook draft of 2008-January-19] 


882 Chapter 40: Binary finite fields: GF(2”) 


While the algorithm avoids inexact arithmetic the polynomial modulus M is of degree p — 1 = nt which 
can be large for large t. In practice the computation with complex numbers is much faster. It finishes in 
less than a second for n = 620 and t = 3 (and a working precision of 150 decimal digits) while the exact 
method needs about two minutes. 


[fxtbook draft of 2008-January-19] 


Appendix A 


Machine used for benchmarking 


883 


The machine used for performance measurements is a AMD64 (Athlon64) clocked at 2.2 GHz with dual 
channel double data rate (DDR) clocked at 200 MHz (‘800 MHz’). It has 512 kB (16-way associative) 
second level cache and separate first level caches for data and instructions, each 64 kB (and 2-way 
associative). Cache lines are 64 bytes (8 words, 512 bits). The memory controller is integrated in the 


CPU. 


The CPU has 16 general purpose (64 bit) registers that are addressable as byte, 16 bit word, 32 bit word, 
or 64 bit (full) word. These are used for integer operations and for passing integer function arguments. 
There are 16 (128 bit, SSE) registers that are used for floating point operations and for passing floating 
point function arguments. The SSE registers are SIMD registers. Additionally, there are 8 (legacy, x87) 


FPU registers. 


The performance-wise interesting information reported by the CPUID instruction is: 


Vendor: AuthenticAMD 

Name: AMD Athlon(tm) 64 Proc 
Family: 15, Model: 15, 

Level 1 cache (data): 64 kB 
64 bytes per line, lines 


essor 3400+ 


Stepping: 0 


, 2-way associative. 


Level 1 cache (instr): 64 kB, 2-way associative. 


64 bytes per line, lines 
Level 2 cache: 512 kB, 16- 
64 bytes per line, lines 


Max virtual_addr width: 48 
Max physical addr width: 40 
Features: 
Im: Long Mode (64-bit mode 
mtrr: Memory Type Range Re 
tsc: Time Stamp Counter 
fpu: x87 FPU 
3dnow: AMD 3DNow! instruct 
3dnowext: AMD Extensions t 
mmx: Multimedia Extensions 
mmxext: AMD Extensions to 
sse: Streaming SIMD Extens 
sse2: Streaming SIMD Exten 


cmov: CMOV instruction (plus FPU FCMOVCC and FCOMI) 


cx8: CMPXCHG8 instruction 
clflush: CLFLUSH instructi 
fxsr: FXSAVE and FXRSTOR i 


Special instructions as SIMD, prefetch and non-temporal moves are not used unless explicitly noted. 


per tag: 1. 
per tag: 1. 
way associative 
per tag: 1. 


) 


gisters 


ions 
o 3DNow! 


MMX 
ions 
sions-2 


on . 
nstructions 


See for a comparison of instruction latencies and throughput for various x86 CPU cores. You do 


want to study the cited document before buying an x86-based system. 


[fxtbook draft of 2008-January-19] 


884 Chapter A: Machine used for benchmarking 


[fxtbook draft of 2008-January-19] 


885 


Appendix B 


The pseudo language Sprache 


Many algorithms in this book are given in a pseudo language called Sprache. Sprache is meant to be 
immediately understandable for everyone who ever had contact with programming languages like C, 
FORTRAN, Pascal or Algol. Sprache is hopefully self explanatory. The intention of using Sprache 
instead of completely relying an mathematical formulas (like tensor formalism) or algorithm description 
by words is to minimize the work it takes to translate the given algorithm to one’s favorite programming 
language. It should be mere syntax adaptation. 


By the way, ‘Sprache’ is the German word for language. 


// a comment: 
comments are useful. 


// assignment: 
t:= 2.71 


// parallel assignment: 
{s, t, u} := {5, 6, 7} 
// same as: 

t i= 8 

ute 
{s, t} := {s+t, s-t} 

// same as (avoiding the temporary): 


temp :=st+t 
t:=s-t 
s := temp 


// if conditional: 
if a==b then a:=3 


// with block 
if a>=3 then 


// do something ... 
} 


// a function returns a value: 
function plus_three(x) 


{ 


return x + 3 


// a procedure works on data: 
procedure increment_copy(f[],g[],n) 
// veal £[0..n-1] input 

// veal g[0..n-1] result 

{ 


ach k:=0 to n-1 
g[k] := f[k] + 1 
} 


// for loop with stepsize: 


[fxtbook draft of 2008-January-19] 


886 Chapter B: The pseudo language Sprache 


for i:=0 to n step 2 // i:=0,2,4,6,... 


// do something 
} 


// for loop with multiplication: 
for i:=1 to 32 mul_step 2 


print i, ", " 
} 
will print 1, 2, 4, 8, 16, 32, 


// for loop with division: 
for i:=32 to 8 div_step 2 
{ 


print i, ", " 
will print 32, 16, 8, 

// while loop: 

i:=5 

while i>0 
// do something 5 times... 
Loss 1 

} 


The usage of foreach emphasizes that no particular order is needed in the array access (so parallelization 
is possible): 
procedure has_element (f[] ,x) 
foreach t in f[] 
if t==x then return TRUE 


return FALSE 
Emphasize type and range of arrays: 
real al[O..n-1], // has n elements (floating point reals) 
complex b[0..2**n-1] // has 2**n elements (floating point complex) 
mod_type m[729..1728] // has 1000 elements (modular integers) 


integer i[] // has ? elements (integers) 


Arithmetical operators: +, -, *, /, % and ** for powering. Arithmetical functions: min(), max(), 
gcd(), 1lcm(), 


Mathematical functions: sqr(Q), sqrt(), pow(), exp(), log(), sin(), cos(), tan(), asinQ), 
acos(), atan(), 


Bitwise operators: ~, &, |, ~ for bit-wise complement, AND, OR, XOR, respectively. Bit shift opera- 
tors: A<<3 shifts (the integer) A 3 bits to the left A>>1 shifts A 1 bits to the right. 


Comparison operators: ==, !=, <, > ,<=, >= 

There is no operator ‘=’ in Sprache, only ‘==’ (for testing equality) and ‘:=’ (assignment operator). 
A well-known constant: PI = 3.14159265... 

The complex square root of minus one in the upper half plane: I = /—1 

Boolean values: TRUE and FALSE 

Logical operators: NOT, AND, OR, XOR 


Modular arithmetic: x := a * b mod m shall do what it says, i := a**(-1) mod m shall set i to the 
modular inverse of a. 


[fxtbook draft of 2008-January-19] 


887 


Appendix C 


The pari/gp language 


We give a short introduction to the pari/gp language. 
From the manual page of pari [189] (slightly edited): 


NAME gp - PARI calculator 
SYNOPSIS’ gp [-emacs] [-f] [test] [-q] [-s stacksize] [-p primelimit] 
DESCRIPTION 


Invokes the PARI-GP calculator. This is an advanced programmable calcu- 
lator, which computes symbolically as long as possible, numerically 
where needed, and contains a wealth of number-theoretic functions 
(elliptic curves, class field theory...). Its basic data types are 


integers, real numbers, exact rational numbers, algebraic numbers, 
p-adic numbers, complex numbers, 

modular integers, 

polynomials and rational functions, 

power series, 

binary quadratic forms, 

matrices, vectors, lists, 

character strings, 

and recursive combinations of these. 


Interactive usage 


To use pari/gp interactively, just type gp at your command line prompt. A startup message like the 
following will appear: 


GP/PARI CALCULATOR Version 2.3.1 (released) 
amd64 running linux (x86-64 kernel) 64-bit version 
compiled: Oct 11 2006, gcc-3.3.5 20050117 (prerelease) (SUSE Linux) 
(readline v5.0 enabled, extended help available) 


Copyright (C) 2000-2006 The PARI Group 


PARI/GP is free software, covered by the GNU General Public License, and comes WITHOUT ANY 
WARRANTY WHATSOEVER. 


Type ? for help, \q to quit. 
Type 712 for how to get moral (and possibly technical) support. 


parisize = 8000000, primelimit = 500000 

? 

The question mark in the last line is a prompt, the program is waiting for your input. 
? 1+1 

“1 = 2 


Here we successfully computed one plus one. Next we compute a factorial: 


? 44! 
42 = 2658271574788448768043625811014615890319638528000000000 


[fxtbook draft of 2008-January-19] 


888 Chapter C: The pari/gp language 


Integers are of unlimited precision, the practical limit is the amount of physical RAM. For floating point 
numbers, the precision (number of decimal digits) can be set as follows 


? default (realprecision,55) 

43 = 

? sin(1.5) 

h4 = 0.9974949866040544309417233711414873227066514259221158219 


The history numbers %N (where N is a number) can be used to recall the result of a prior computation: 


ms 
45 = 0.99749498660405443094172337 11414873227066514259221158219 


The output of the result of a calculation can suppressed using a semicolon at the end of the command. 
This can be useful for timing purposes: 


? default (realprecision, 10000) 
%5 = 10000 
? sin(2.5); 


? ## 
RK last result computed in 100 ms. 


The command ## gives the time used for the last computation. 
The printing format can be set independently of the used precision: 


? default (realprecision, 10000) ; 
? default (format ,"g.15"); 

? sin(2.5) 

46 = 0.598472144103956 


Command line completion is available, typing si, then the tab-key, gives a list of builtin functions whose 
names start with si: 


? si 
sigma sign simplify sin sinh sizebyte sizedigit 


You can get the help text by using the question mark, followed by the help topic: 


? ?sinh 
sinh(x): hyperbolic sine of x. 


A help overview is invoked by a single question mark 


fielp topics: for a list of relevant subtopics, type ?n for n in 


user-defined identifiers (variable, alias, function) 
Standard monadic or dyadic OPERATORS 
CONVERSIONS and similar elementary functions 
TRANSCENDENTAL functions 

NUMBER THEORETICAL functi 

Functions related to ELLIPTIC CURVES 

Functions related to general NUMBER FIELDS 
POLYNOMIALS and power series 

Vectors, matrices, LINEAR ALGEBRA and sets 
SUMS, products, integrals and similar functions 
GRAPHIC functions 

PROGRAMMING under GP 

The PARI community 


NFO © 0 N OUIBRW NO 


ee 


Select a section by its number: 


2? 
rg deriv eval factorpadic 
intformal padicappr polcoeff polcyclo 
poldegree poldisc poldiscreduced polhensellift 
polinterpolate polisirreducible  pollead pollegendre 
polrecip polresultant polroots polrootsmod 
polrootspadic polsturm polsubcyclo polsylvestermatrix 
polsym poltchebi polzagier serconvol 
serlaplace serreverse subst substpol 
substvec taylor thue thueinit 


You should try both of the following 


? ??tutorial 
displaying ’tutorial.dvi’. 
? 22 


displaying ’users.dvi’. 


A short overview (which you may want to print) of most functions can be obtained via 


[fxtbook draft of 2008-January-19] 


889 


? ??refcard . 
displaying ’refcard.dvi’. 


A session can be ended by either entering quit or just hitting control-d. 


Builtin operators and basic functions 


There are the ‘usual’ operators +, -, *, /, ~ (powering), and % (modulo). The operator \ gives the integer 
quotient without remainder. The assignment operator is =. C-style shortcuts are available, for example 
t+=3 is the same as t=t+3. 


The increment by one can be abbreviated as t++, the decrement as t--. [Technical note: these behave as 
the C-language pre-increment (and pre-decrement), that is the expression evaluates to t+1, not t. There 
is no post-increment or post-decrement in pari/gp.] 


Comparison operators are ==, != (alternatively <>), >, >=, <, and <=. Logical operators are && (and), 
(or), and ! (not) 
Bit-wise operations for integers are 

bitand bitneg bitnegimply bitor bittest bitxor 


and 


shift(x,n): shift x left n bits if n>=0, right -n bits if n<0. 
shiftmul(x,n): multiply x by 2*n (n>=0 or n<0) 


One can also use the operators >> and <<, as in the C-language, and the shortcuts >>= and <<=. 


An overview of basic functions is obtained as 


2? 

* G1 List Mat Mod Pol Polrev Qfb 
Ser Set Str Strchr Strexpand Strtex Vec 
Vecsmall binary bitand bitneg bitnegimply bitor bittest 
bitxor ceil centerlift changevar component conj conjvec 
denominator floor frac imag length lift norm 
norml2 numerator numtoperm padicprec permtonum precision random 
real round simplify sizebyte sizedigit truncate valuation 
variable 


Here are a few: 


sign(x): sign of x, of type integer, real or fraction. 
max(x,y): maximum of x and y. 

min(x,y): minimum of x and y. 

abs(x): absolute value (or modulus) of x. 


floor(x): floor of x = largest integer<=x. 
ceil(x): ceiling of x=smallest integer>=x. 
frac(x): fractional part of x = x-floor(x) 


An overview of sums, products, and some numerical functions: 


? 79 
intcirc intfouriercos intfourierexp intfouriersin 
intfuncinit intlaplaceinv intmellininv intmellininvshort 
intnum intnuminit intnuminitgen intnumromb 
intnumstep prod prodeuler prodinf 
solve sum sumalt sumdiv. . 
suminf sumnum sumnumalt sumnuminit 
sumpos 


For example: 


sum(X=a,b,expr,{x=0}): x plus the sum (X goes from a to b) of expression expr. 
prod(X=a,b,expr,{x=1}): x times the product (X runs from a to b) of expression. 


Basic data types 
Strings: 


[fxtbook draft of 2008-January-19] 


890 Chapter C: The pari/gp language 


? a="good day!" 
"good day!" 


Integers, floating-point numbers (real or complex), and complex integers: 


? factor (239+5*I) 
[-I 1] 
(1 + I 1] 
(117 + 122*I 1] 


Exact rationals: 
? 2/3+4/5 
22/15 
Modular integers: 


? Mod(3,239)*77 
Mod(128, 239) 


Vectors and matrices: 


? v=vector(5,j,j~2) 
[1, 4, 9, 16, 25] 

? m=matrix(5,5,r,c,rt+c) 
[2345 6] 
[3 456 7] 
[4567 8] 
[5678 9] 
[6 7 8 9 10] 


The vector is a row vector, trying to right-multiply it with the matrix fails: 


? t=m*tv . : a : a 
RK impossible multiplication t_MAT * t_VEC. 


The operator ~ transposes vectors (and matrices), we multiply with the column vector: 


? t=m*v~ 
%14 = [280, 335, 390, 445, 500]~ 


The result is a column vector, note the tilde at the end of the line. 


Vector indices start with one: 


? t[1] 
%15 = 280 


Symbolic computations 


Univariate polynomials: 


? (1t+x)°7 

x77 + 7*x76 + 21*x75 + 35*x74 + 35*x73 + Q21*x72 + 7*x + 1 
? factor ((1+x) *6+1) 

[x°2 + 2x + 2 1] 

[x74 + 4*x73 + 5*x72 + 2*x + 1 1] 


Power series: 


? (1+x+0(x*4))°7 

1 + 7¥*x + 21*x72 + 35*x73 + 0(x74) 
? log((1+x+0(x*4))*7) 

7T*x - 7/2*x72 + 7/3*x73 + O(x74) 


Types can be nested, here we compute modulo the polynomial 1+ 2+ 27 with coefficients over GF(2): 


? t=Mod(1+x, Mod(1,2)*(1+x+x*7))°77 

Mod(Mod(1, 2)*x*3 + Mod(1, 2)*x + Mod(1, 2), Mod(1, 2)*x77 + Mod(1, 2)*x + Mod(1, 2)) 
? lift(t) \\ discard modulo polynomial 

Mod(1, 2)*x*3 + Mod(1, 2)*x + Mod(1, 2) 
? lift(lift(t)) \\ discard modulo polynomial, then modulus 2 with coefficient 

x°3 +x+i1 


Symbolic computations are limited when compared to a computer algebra system: for example, multi- 
variate polynomials cannot (yet) be factored, and there is no symbolic solver for polynomials. 


An uninitialized variable evaluates to itself, as a symbol: 


[fxtbook draft of 2008-January-19] 


891 


? hello 
hello 


To create a symbol, prepend a tick: 
? w=3 
3 


? hello=’w /* the symbol w, not the value of w */ 
W 


Here is a method to create symbols: 


? sym(k)=eval(Str("A", k)) 
? t=vector(5, j, sym(j-1)) 
[AO, A1, A2, A3, A4] 


The ingredients are eval() and Str(): 


eval(x): evaluation of x, replacing variables by their value. 
Str({str}*): concatenates its (string) argument into a single string. 


Some more trickery to think about: 


sym(k)=eval(Str("A", k)) 
t=vector(5, j, sym(j-1)); print ("1: t=", t); 
{ for (k=1, 5, 

sy = sym(k-1); 


v = 1/k°2; 
/* assign to the symbol that sy evaluates to, the value of v: */ 
eval( Str( Str( sy ), "=", Str( v) ) ); 

D5 


print("2: t=", t); /* no lazy evaluation with pari/gp */ 
t=eval(t); print("3: t=", t); 


The output of this script is 
1: t=[AO, A1, A2, A3, A4] 


2: t=[AO, A1, A2, A3, A4] 
3: t=[1, 1/4, 1/9, 1/16, 1/25] 


More builtin functions 


The following constants and transcendental functions are known by pari: 


2? 2 

: hates I Pi abs acos acosh agm arg 
asin asinh_. atan _. atanh_ | bernfrac bernreal bernvec besselhi 
besselh2 besseli besselj besseljh besselk besseln cos cosh 
cotan dilog eint1i erfc eta exp gamma gammah 
hyperu incgam incgamc lngamma log polylog psi sin 
sinh sqr sqrt sqrtn tan tanh teichmuller theta 
thetanullk weber zeta 


To obtain information about a particular function, use a question mark: 


? ?sinh 
sinh(x): hyperbolic sine of x. 


Transcendental functions will also work with complex arguments and symbolically, returning a power 
series: 
? sinh(x) 


“49 = x + 1/6*x*3 + 1/120*x75 + 1/5040*x*7 + 1/362880*x79 \ 
+ 1/39916800*x*11 + 1/6227020800*x~13 + 1/1307674368000*x*15 + O(x717) 


The line break (and the backslash indicating it) was manually entered for layout reasons. The ‘precision’ 
(that is default order) of power series can be set by the user: 


? default (seriesprecision,9) ; 
? sinh(x) 
fit = x + 1/6*x73 + 1/120*x75 + 1/5040*x77 + 1/362880*x79 + O(x710) 


One can also manually give the O(x”) term: 
? sinh(x+0(x*23) ) 
#12 = x + 1/6*x73 + 1/120*x*5 + 1/5040*x"7 + \ 
[--snip--] \ 
+ 1/121645100408832000*x~19 + 1/51090942171709440000*x*21 + O(x*23) 


[fxtbook draft of 2008-January-19] 


892 Chapter C: The pari/gp language 


Functions operating on matrices are (type mat, then hit the tab-key) 


matadjoint matalgtobasis matbasistoalg matcompanion 
matdet matdetint matdiagonal mateigen 
matfrobenius mathess _. mathilbert mathnf 
mathnfmod mathnfmodid matid matimage 
matimagecompl matindexrank matintersect matinverseimage 
matisdiagonal matker matkerint matmuldiagonal 
matmultodiagonal matpascal matrank matrix 
matrixqz matsize matsnf matsolve 
matsolvemod matsupplement mattranspose 


Builtin number theoretical functions are 


2? 

; Shasends bestappr bezout bezoutres bigomega binomial 
chinese content contfrac contfracpnqn core coredisc 
dirdiv direuler dirmul divisors eulerphi factor 
factorback factorcantor factorff factorial factorint factormod 

init fibonacci gcd hilbert isfundamental ispower 

isprime ispseudoprime issquare issquarefree kronecker lcm 
moebius nextprime numbpart numdiv omega precprime 
prime primepi primes qfbclassno qfbcompraw qfbhclassno 
qfbnucomp qfbnupow qfbpowraw qfbprimeform gqfbred qfbsolve 
quadclassunit quaddisc quadgen quadhilbert quadpoly quadray 
quadregulator quadunit removeprimes sigma sqrtint zncoppersmith 
znlog znorder znprimroot znstar 


Functions related to polynomials and power series are 


? 27 
0 


deriv eval factorpadic 
intformal padicappr polcoeff polcyclo 
poldegree poldisc poldiscreduced polhensellift 
polinterpolate polisirreducible pollead pollegendre 
polrecip polresultant polroots polrootsmod 
polrootspadic polsturm polsubcyclo polsylvestermatrix 
polsym poltchebi polzagier serconvol 
serlaplace serreverse subst substpol 
substvec taylor thue thueinit 


Plenty to explore! 


Control structures for programming 


Some loop constructs available are 


while(a,seq): while a is nonzero evaluate the expression sequence seq. Otherwise 0. 
until(a,seq): evaluate the expression sequence seq until a is nonzero. 
for (X=a,b,seq): the sequence is evaluated, X going from a up to b. 


forstep(X=a,b,s,seq): the sequence is evaluated, X going from a to b in steps of s 
(can be a vector of steps) 


forprime(X=a,b,seq): the sequence is evaluated, X running over the primes between a 
and b. 


fordiv(n,X,seq): the sequence is evaluated, X running over the divisors of n. 
The expression seq is a list of statements: 
for ( k=1, 10, stati; stat2; stat3; ) /* last semicolon optional */ 


for ( k=1, 10, stati; ) 
for ( k=1, 10, ; ) /* zero statements (do nothing, ten times) */ 


(The comments enclosed in /* */ were manually added.) 
The loop-variable is local to the loop: 

? for(k=1,10, ; ) /* do nothing, ten times */ 

?k 


k /* not initialized in global scope ==> returned as symbol */ 


A global variable of the same name is not changed: 


[fxtbook draft of 2008-January-19] 


893 


t6 7 
? for(k=1,3, print(" k=",k)) 
k=1 
k=2 
k=3 
?k 
7 /* global variable k not modified */ 


For the sake of clarity, avoid using global and loop-local variables of the same name. 


A loop can be aborted with the statement break(). The n enclosing loops are aborted by break(n). 
With next(), the next iteration of a loop is started (and the statements until the end of the loop are 
skipped). With break(n) the same is done for the n-th enclosing loop. 


And yes, there is an if statement: 


if(a,seqi,seq2): if a is nonzero, seqi is evaluated, otherwise seq2. seqi and seq2 
are optional, and if seq2 is omitted, the preceding comma can be omitted also. 


To have more than one statement in the branches use semicolons between the statements: 
if ( a==3, /* then */ 

b=b+1; 

c=7; 
/* else */ 
‘b-1; 
0 


Non-interactive usage (scripts) 


Usually one will create scripts that are fed into gp (at the command line): 
gp -q < myscript.gp 

The option -q suppresses the startup message and the history numbers %N. 
If the script contains just the line 

exp (2.0) 

the output would be 


7 .3890560989306502272304274605750078131 


To also see the commands in the output, add a default (echo,1); to the top of the file. The output will 
then be 


? exp(2.0) 
7 .3890560989306502272304274605750078131 


You should use comments in your scripts, there are two types of them: 
\\ a line comment, started with backslashes 
/* a block comment 

can stretch over several lines, as in the C-language */ 
Comments are not visible in the output. With the script 
default(echo, 1); 
\\ sum of square numbers: 
s=0; for (k=1, 10, s=stk*k); s 
the output would be 
? default (echo,1); 


? s=0;for(k=1,10,s=s+k*k) ;s 
385 


Note that all whitespaces are suppressed in the output. 


A command can be broken into several lines if it is inclosed into a pair of braces: 


[fxtbook draft of 2008-January-19] 


894 Chapter C: The pari/gp language 


{ for (k=1, 10, 
s=stk*k; 
print(k,": s=", s); 
); 
This is equivalent to the one-liner 


for (k=1, 10, s=stk*k; print(k,": s=", s); ); 


User-defined Functions 


Now we define a function: 


powsum(n, p)= 
{ /* return the sum 1*p+2*pt3*p+...tn*p */ 
local (t); 
t=0; 
for (k=1, n, 
t = tt+k*p); \\ ’*? is the powering operator 
return( t ); 


} 


The statement local(t); makes sure that no global variable named t (if it exists) would be changed 
by the function. It must be the first statement in the function. The variable k in the for()-loop is 
automatically local and should not be listed with the locals. Note that each statement is terminated with 
a semicolon. The output would be 


? powsum(n,p)=local(t) ;t=0;for(k=1,n,t=t+k*p) ;return(t) ; 


? powsum(10,2) 
385 


Note how the function definition is changed to a one-liner in the output. 
If you have to use global variables, list them at the beginning of your script as follows: 
global(vari, var2, var3); 


Any attempt to use the listed names as names of function arguments or local variables in functions will 
trigger an error. 


Arguments are passed by value. There is no mechanism for passing by reference, global variables can be 
a workaround for this. 
Arguments can have defaults, as in 


powsum(n, p=2)= /* etc */ 


Calling the function as either powsum(9) or powsum(9,) would compute the number of the first 9 squares. 
Defaults can appear anywhere in the argument list, as in 


abcsum(a, b=3, c)= return( atbtc ); 
So abcsum(1,,1) would return 5. 
All arguments are implicitly given the default zero, so the sequence of statements 


foo(a, b, c)= print(a,":",b,":",c); 


will print three times 0:0:0. This feature is rarely useful and does lead to obscure errors. It will hopefully 
be removed in future versions of pari/gp. 


[fxtbook draft of 2008-January-19] 


BIBLIOGRAPHY 895 


Bibliography 


= ha 
Milton Abramowitz, Irene A. Stegun, (eds.): Handbook of Mathematical Functions, National 


Bureau of Standards, 1964, third printing, (1965). (667 


Ramesh C. Agarwal, James W. Cooley: New algorithms for digital convolution, [IEEE Trans- 
actions on Acoustics, Speech, and Signal Processing, vol. ASSP-25, pp.392-410, (October-1977). 
[525] 


Simon Joseph Agou, Marc Deléglise, Jean-Louis Nicolas: Short Polynomial Representations for 
Square Roots Modulo p, Designs, Codes and Cryptography, vol.28, pp.33-44, (2003). |751 


Manindra Agrawal, Neeraj Kayal, Nitin Saxena: PRIMES is in P, Annals of Math., vol.160, no.2, 


pp.781-793, (September-2004). Online at http: //www.math.princeton.edu/~annals/ 
Omran Ahmadi, Alfred Menezes: Irreducible polynomials of maximum weight, Utilitas Math- 


ematica, vol.72, pp.111-123, (2007). Online at |http://www.math.uwaterloo.ca/~ajmeneze/ 
research. html] [822] 


Omran Ahmadi, Alfred Menezes: On the number of trace-one elements in polynomial bases 
for Fyn, Designs, Codes and Cryptography, vol.37, no.3, pp.493-507, (December-2005). Online at 


http://citeseer.ist.psu.edu/677930.html 


W. R. Alford, Andrew Granville, Carl Pomerance: There are infinitely many Carmichael num- 
bers, Annals of Mathematics, vol.139, pp.703-722, (1994). |753 


Jean-Paul Allouche, Jeffrey Shallit: The ubiquitous Prouhet-Thue-Morse sequence, In: C. 
Ding, T. Helleseth, H. Niederreiter, (eds.), Sequences and Their Applications: Proceedings of 


SETA’98, pp.1-16, Springer-Verlag, (1999). Online at http://www.cs.uwaterloo.ca/~shallit/ 
FO 


Jean-Paul Allouche, Michael Cosnard: The Komornik-Loreti constant is transcendental, Amer. 


Math. Monthly, vol.107, pp.448-449, (2000). Online at http://www. 1lri.fr/~allouche/ 


Jean-Paul Allouche, Jeffrey Shallit: Automatic Sequences, Cambridge University Press, (2003). 


[334] 


Advanced Micro Devices (AMD) Inc.: AMD Athlon Processor, x86 code optimization guide, 
Publication no.22007, Revision K, (February-2002). Online at |http://developer.amd.com/ 


Advanced Micro Devices (AMD) Inc.: AMD64 Architecture Programmer’s Manual. Volume 3: 
General-Purpose and System Instructions, Publication no.24594, Revision 3.11, (December- 


2005). Online at http: //developer.amd.com/ 


Advanced Micro Devices (AMD) Inc.: Software Optimization Guide for AMD64 Processors, 


Publication no.25112, Revision 3.06, (September-2005). Online at http: //developer.amd.com/ 
fd 


[fxtbook draft of 2008-January-19] 


896 


[14] 


[15 


[16 


17 


18 


19 
20 


21 


22 


23 


24 


25 


[26] 


27 


28 


29 


30 


31 
32 


BIBLIOGRAPHY 


Ray Andraka: A survey of CORDIC algorithms for FPGA based computers, In: Proceedings 
of the Sixth ACM/SIGDA International Symposium on Field-Programmable Gate Arrays (FPGA 


98), ACM, pp.191-200, (1998). Online at http: //www.andraka.com/papers.htm 
George E. Andrews, Richard Askey, Ranjan Roy: Special functions, Cambridge University Press, 


(1999). 


Francisco Argiiello, Emilio L. Zapata: Fast Cosine Transform based on the Successive Doubling 
Method, Electronics Letters, vol.26, no.19, pp.1616-1618, (September-1990). Online at http:// 


citeseer.ist.psu.edu/400246. html 


Jorg Arndt, Christoph Haenel: Pi — Unleashed, Springer-Verlag, (2000). (translation of: Pi. Al- 
gorithmen, Computer, Arithmetik, 1998). |583 


Jorg Arndt: Arctan relations for Pi, Online at http://www. jjj.de/arctan/arctanpage. html 
(596) 

Jorg Arndt: FXT, a library of algorithms. Online at http://www. jjj.de/fxt/ 

Jorg Arndt: hfloat, a library for high precision computations. Online at http://www.jjj.de/ 
hfloat/ 


Mikhail J. Atallah, Samuel S. Wagstaff, Jr.: Watermarking With Quadratic Residues, In: Proc. 
of IS-T/SPIE Conf. on Security and Watermarking of Multimedia Contents, SPIE vol.3657, pp.283- 


288, (1999). Online at http: //homes.cerias.purdue.edu/~ssw/water.html 

— B— 
John C. Baez: The Octonions, Bull. Amer. Math. Soc., vol.39, pp.145-205, (2002). Online at 
http://math.ucr.edu/home/baez/octonions/ 
David H. Bailey: FFTs in External or Hierarchical Memory, Journal of Supercomputing, vol.4, 
no.1, pp.23-35, (March-1990). Online at http: //crd.1bl.gov/~dhbailey/dhbpapers/ 
David H. Bailey, P. N. Swarztrauber: The Fractional Fourier Transform and Applications, SIAM 


Review, vol.33, no.3, pp.389-404, (September-1991). Online at http://crd.1bl.gov/~dhbailey/ 


David H. Bailey, Jonathan M. Borwein, Peter B. Borwein, Simon Plouffe: The Quest for Pi, 
Mathematical Intelligencer, vol.19, no.1, pp.50-57, (January-1997). Online at 


gov/~dhbailey/dhbpapers/, [585| 


David H. Bailey, Richard E. Crandall: On the Random Character of Fundamental Constant 
Expansions, Experimental Mathematics, vol.10, no.2, pp.175-190, (June-2001). Online at 


//www.expmath.org/ 


Robert Baillie, S. Wagstaff, Jr.: Lucas Pseudoprimes. Mathematics of Computation, vol.35, 
no.152, pp.1391-1417, (October-1980). |768 


Dominique Roelants van Baronaigien: A Loopless Gray-Code Algorithm for Listing k-ary Trees, 
Journal of Algorithms, vol.35, pp.100-107, (2000). |308 


F. L. Bauer: An Infinite Product for Square-Rooting with Cubic Convergence, The Mathe- 
matical Intelligencer, vol.20, pp.12-13, (1998). |653 


M. Beeler, R. W. Gosper, R. Schroeppel: HAKMEM, MIT AI Memo 239, (29-February-1972). 


Retyped and converted to html by Henry Baker, April-1995. Online at |nttp://home.pipeline. 


Albert H. Beiler: Recreations in the Theory of Numbers, Dover Publications, (1964). 


Hacéne Belbachir, Farid Bencherif: Linear Recurrent Sequences and Powers of a Square Matrix, 


INTEGERS, vol.6, (2006). Online at http://www. integers-ejcnt.org/vol6. html 


[fxtbook draft of 2008-January-19] 


BIBLIOGRAPHY 897 


33 


34 


35 


[36] 


37 


38 


39 


40 


41 


44 


45 


46 


[47] 


[48] 


[49] 


A. A. Bennett: The four term Diophantine arccotangent relation, Annals of Math., vol.27, no.1, 
pp.21-24, (September-1925). |594 


Lennart Berggren, Jonathan Borwein, Peter Borwein, (eds.): Pi: A Source Book, Springer, (1997). 


583) 


Bruce C. Berndt, 5. Bahrgava, Frank G. Garvan: Ramanujan’s Theories of Elliptic Functions 
to Alternative Bases, Trans. Amer. Math. Soc., vol.347, no.11, pp.4163-4244, (1995). Online at 


http://www.math.ufl.edu/~frank/publist.html 


Bruce C. Berndt: Flowers which we cannot yet see growing in Ramanujan’s garden of hyper- 
geometric series, elliptic functions and q’s, In: J. Bustoz, M. E. H. Ismail, S. K. Suslov, (eds.): 
Special Functions 2000: Current Perspective and Future Directions Kluwer, Dordrecht, pp.61-85, 


(2001). Online at http://www.math.uiuc.edu/~berndt/publications. html 

Daniel J. Bernstein: Multidigit multiplication for mathematicians, draft, (August-2001). Online 
at http://cr.yp.to/djb.html 

Daniel J. Bernstein: Pippenger’s exponentiation algorithm, draft, (18-January-2002). Online at 
http://cr.yp.to/djb. html 

Daniel J. Bernstein: Computing Logarithm Intervals with the Arithmetic-Geometric-Mean 


Iteration, draft, (2003). Online at http://cr.yp.to/djb. html 


Pedro Berrizbeitia, T. G. Berry: Generalized Strong Pseudoprime tests and applications, Jour- 
nal of Symbolic Computation, no.11, (1999). |758 


James R. Bitner, Gideon Ehrlich, Edward M. Reingold: Efficient generation of the binary re- 
flected Gray code and its applications, Communications of the ACM, vol.19, no.9, pp.517-521, 


(September-1976). [196] [310] 


Ian F. Blake, Shuhong Gao, Ronald C. Mullin: Explicit Factorization of a +1 over F, with 
Prime p = 3 mod 4, Applicable Algebra in Engineering, Communication and Computation 4, pp.89- 


94, (1993). Online at |http://www.math.clemson.edu/~sgao/pub.html 


Tan F. Blake, Shuhong Gao, Robert J. Lambert: Construction and Distribution Problems for 
Irreducible Trinomials over Finite Fields, In: D. Gollmann, (ed.): Applications of finite fields, 


pp.19-32, (1996). Online at |http://www.math.clemson.edu/~sgao/pub.html 


Leo I. Bluestein: A linear filtering approach to the computation of the discrete Fourier trans- 
form, IEEE Transactions on Audio and Electroacoustics, vol.18, pp.451-455, (December-1970). 
[423] 


Antonia W. Bluher: A Swan-like theorem, Finite Fields and Their Applications, vol.12, pp.128- 
138, (28-June-2006). |860 


Marco Bodrato: Towards Optimal Toom-Cook Multiplication for Univariate and Multivariate 
Polynomials in Characteristic 2 and 0, Lecture Notes in Computer Science, vol.4547, pp.116-133, 


(2007). 


Marco Bodrato, Alberto Zanoni: What About Toom-Cook Matrices Optimality?, Technical 
Report 605, Centro Vito Volterra, Université di Roma Tor Vergata, (October-2006). Online at 


http://bodrato.it/papers/WhatAboutToomCookMatricesOptimality.pdf rn 


Marco Bodrato, Alberto Zanoni: Integer and Polynomial Multiplication: Towards Optimal 
Toom-Cook Matrices, Proceedings of the 2007 international symposium on Symbolic and algebraic 


computation, pp.17-24, (2007). [527| 


J. M. Borwein, P. B. Borwein: Cubic and higher order algorithms for 7, Canad. Math. Bull., 
vol.27, pp.436-443, (1984). |587 


[fxtbook draft of 2008-January-19] 


898 


50 


51 


52 
53 


54 


[55] 


[56] 


[57] 


[58 


59 


60 


61 


62 


(63 


[64 


[65 


[66] 


BIBLIOGRAPHY 


J. M. Borwein, P. B. Borwein: More quadratically converging Algorithms for 7, Mathematics 
of Computation, vol.46, no.173, pp.247-253, (January-1986). |583 


J. M. Borwein, P. B. Borwein: An explicit cubic iteration for 7, BIT Numerical Mathematics, 
vol.26, no.1, (March-1986). |588 


J. M. Borwein, P. B. Borwein: Pi and the AGM, Wiley, (1987). 


J. M. Borwein, P. B. Borwein: On the Mean Iteration (a,b) — (243%, ¥@%+*), Mathematics of 
Computation, vol.53, no.187, pp.311-326, (July-1989). a ea 


J. M. Borwein, P. B. Borwein: A cubic counterpart of Jacobi’s Identity and the AGM, Trans- 
actions of the American Mathematical Society, vol.323, no.2, pp.691-701, (February-1991). 578} 
587 


J. Borwein, P. Borwein, F. Garvan: Hypergeometric Analogues of the Arithmetic-Geometric 


Mean Iteration, Constr. Approx., vol.9, no.4, pp.509-523, (1993). Online at 


J. M. Borwein, P. B. Borwein, F. G. Garvan: Some cubic modular identities of Ramanujan, 
Transactions of the American Mathematical Society, vol.343, no.1, pp.35-47, (May-1994). Online 


at http://citeseer.ist.psu.edu/borwein94some. html 


J. M. Borwein, F. G. Garvan: Approximations to 7 via the Dedekind eta function, Organic 
mathematics (Burnaby, BC, 1995), pp.89-115, CMS Conf. Proc., vol.20, Amer. Math. Soc., Provi- 


dence, RI, (1997). Online at http: //www.math.ufl.edu/~frank/publist.html, [587| 


Florian Braun, Marcel Waldvogel: Fast Incremental CRC Updates for IP over ATM Networks, 
In: Proceedings of the 2001 IEEE Workshop on High Performance Switching and Routing, (2001). 


Online at |http://citeseer.ist.psu.edu/braun0lfast .html 


Richard P. Brent: Algorithms for minimization without derivatives, Prentice-Hall, (1973) (out 
of print). |564 


Richard P. Brent: Fast multiple-precision evaluation of elementary functions, Journal of the 
ACM (JACM), vol.23, no.2, pp.242-251, (April-1976). Online at http: //www.rpbrent.com/ 
Richard P. Brent: On computing factors of cyclotomic polynomials, Mathematics of Computa- 
tion, vol.61, no.203, pp.131-149, (July-1993). Online at http: //www.rpbrent.com/ 


Richard P. Brent: On the periods of generalized Fibonacci recurrences, Mathematics of Compu- 


tation, vol.63, no.207, pp.389-401, (July-1994). Online at http: //wwwmaths.anu.edu.au/~brent/ 


Richard P. Brent: Computing Aurifeuillian factors, in: Computational Algebra and Number 
Theory, Mathematics and its Applications, vol.325, Kluwer Academic Publishers, Boston, pp.201- 


212, (1995). Online at 


Richard P. Brent, Alfred J. van der Poorten, Herman J. J. te Riele: A comparative Study of Algo- 
rithms for Computing Continued Fractions of Algebraic Numbers, In: Lecture Notes in Com- 


puter Science, vol.1122, Springer-Verlag, Berlin, pp.35-47, (1996). Online at 
anu.edu.au/~brent/pub/pubsall.html 


Richard P. Brent, Samuli Larvala, Paul Zimmermann: A Fast Algorithm for Testing Irreducibil- 
ity of Trinomials mod 2 and some new primitive trinomials of degree 3021377, Mathematics 


of Computation, vol.72, pp.1443-1452, 2003. Online at http://www. rpbrent.com/ 


Richard P. Brent: Primality Testing, Slides of talk to the Oxford University Invariant Soci- 


ety, (25-November-2003). Online at |http://web.comlab.ox.ac.uk/oucl/work/richard.brent/ 
talks.html) [770] 


[fxtbook draft of 2008-January-19] 


BIBLIOGRAPHY 899 


67 


68 


69 


[70] 


[74] 


[75] 


[76] 


[77] 


[80] 


[81] 


John Brillhart, Derrick H. Lehmer, John L. Selfridge: New primality criteria and factorizations 
of 2” +1, Mathematics of Computation, vol.29, no.130, pp.620-647, (April-1975). |762 


- Brillhart, D. H. Lehmer, J. L. Selfridge, B. Tuckerman, 5. S. Wagstaff, Jr.: Factorizations of 
™+1 6b = 2,3,5,6,10,11 up to high powers, Contemporary Mathematics, Volume 22, second 


as American Mathematical Society, (1988). Online at |nttp://www.ams.org/ [r64] [770] [B17] 


Bette Bultena, Frank Ruskey: An Eades-McKay Algorithm for Well-Formed Parenthesis 


Strings, Information Processing Letters 68, pp.255-259, (1998). Online at 
ca/~ruskey/Publications/ 


Ronald Joseph Burthe, Jr.: Further Investigations with the Strong Probable Prime Test, Math- 
ematics of Computation, vol.65, no.213, pp.373-381, (January-1996). |757 


—C..—— 


K. Cattel, S. Zhang, X. Sun, M. Serra, J. C. Muzio, D. M. Miller: One-Dimensional Linear Hybrid 
Cellular Automata: Their Synthesis, Properties, and Applications in VLSI Testing, tutorial 


paper. Online at http://citeseer.ist.psu.edu/260274.html 


Kevin Cattel, Shujian Zhang: Minimal Cost One-Dimensional Linear Hybrid Cellular Au- 
tomata of Degree Through 500, Journal of Electronic Testing: Theory and Applications, vol.6, 


pp.255-258, (1995). Online at |http://citeseer.ist.psu.edu/cattel195minimal.html 


Kevin Cattell, Frank Ruskey, Joe Sawada, Micaela Serra, C. Robert Miers: Fast Algorithms to 
Generate Necklaces, Unlabeled Necklaces, and Irreducible Polynomials over GF (2), Journal of 


Algorithms, vol.37, pp.267-282, (2000). Online at |http://www.cis.uoguelph.ca/~sawada/pub. 
50] BZ 


Heng Huat Chan: On Ramanujan’s cubic transformation formula for 2Fi(4, 3; 1;z), Mathemat- 


ical Proceedings of the Cambridge Philosophical Society, vol.124, pp.193-204, (September-1998). 
[578] 


Heng Huat Chan, Kok Seng Chua, Patrick Solé: Quadratic iterations to 7 associated with elliptic 
functions to the cubic and septic base, Trans. Amer. Math. Soc., vol.355, pp.1505-1520, (2003). 


B73} [583] [589] 


Busiso P. Chisala: A Quick Cayley-Hamilton, The American Mathematical Monthly, vol.105, 
no.9, pp.842-844, (November-1998). |864 


D. V. Chudnovsky, G. V. Chudnovsky: The computation of classical constants, Proceedings of 
the National Academy of Sciences of the United States of America, vol.86, no.21, pp.8178-8182, 
(1-November-1989). |611 


Fan Chun, Persi Diaconis, Ron Graham: Universal cycles for combinatorial structures, Dis- 


crete Mathematics, vol.11, pp.43-59, (1992). Online at http: //www-stat.stanford.edu/~cgates/ 
839 


Jaewook Chung, M. Anwar Hasan: Asymmetric Squaring Formulae, Centre for Applied Cryp- 
tographic Research, University of Waterloo, Ontario, Canada, (3- (BeA tut. 2006). Online at 


//wow.cacr.math.uwaterloo.ca/tech_reports.html [525] [527] B23] 3D] 


Frédérick Chyzak, Peter Paule, Otmar Scherzer, Armin Schoisswohl, Burkhard Zimmermann: The 
construction of orthonormal wavelets using symbolic methods and a matrix analytical ap- 
proach for wavelets on the interval, Experimental Mathematics, vol.10, no.1, pp.67-86, (2001). 


[519] 


Mathieu Ciet, Jean-Jacques Quisquater, Francesco Sica: A Short Note on Irreducible Trinomials 


in Binary Fields, (2002). Online at http://www.dice.ucl.ac.be/crypto/publications/2002/ 
Su) 


[fxtbook draft of 2008-January-19] 


900 


[82] 


[83 


[84 


[85] 


86 


87 
88 


89 


90 


94 


95 


96 


97 


98 


99 


BIBLIOGRAPHY 


Douglas W. Clark, Lih-Jyh Weng: Maximal and Near-Maximal Shift Register Sequences: Effi- 
cient Event Counters and Easy Discrete Logarithms, IEEE Transactions on Computers, vol.43, 
no.5, pp.560-568, (May-1994). |819 


Henri Cohen: A Course in Computational Algebraic Number Theory, Springer-Verlag, (1993). 


Online ervata lst at nbtp: /7uww math u-bordeaux. fr/-cohen/) [14] [592] [750] [51] [62] [770) [52] 
53] 07 


Henri Cohen: On the equation a™ +b” = c?, Note, (January-1998). Online at http: //www.math. 
u-bordeaux.fr/~cohen/fermatgen 


Henri Cohen, Fernando Rodriguez Villegas, Don Zagier: Convergence acceleration of alternating 
series, Experimental Mathematics, vol.9, no.1, pp.3-12, (2000). Online at http: //www.expmath. 


Henri Cohen: Analysis of the flexible window powering method, Preprint. Online at 


//waw.math.u-bordeaux.fr/~cohen/ 


Louis Comtet: Advanced Combinatorics, revised edition, D. Reidel Publishing, (1974). 


Stephen A. Cook: On the minimum computation time of functions, PhD thesis, Department of 


Mathematics, Harvard University, (1966). Online at http://www.cs.toronto.edu/~sacook/ 
Thomas H. Cormen, Charles E. Leiserson, Ronald L. Rivest, Clifford Stein: Introduction to Al- 


gorithms, MIT Press, second edition, (2001). ). [115] [149] [524] [553] 


Richard Crandall, Barry Fagin: Discrete Weighted Transforms and Large-Integer Arithmetic, 
Mathematics of Computation, vol.62, no.205, pp.305-324, (January-1994). |412 


Richard E. Crandall, Ernst W. Mayer, Jason S. Papadopoulos: The twenty-fourth Fermat number 
is composite, Mathematicians of Computation, vol.72, no.243, pp.1555-1572, (6-December-2002). 


[762] 


Richard Crandall, Carl Pomerance: Prime Numbers: A Computational Perspective, second 
edition, Springer, (2005). |770 


R. Creutzburg, M. Tasche: Parameter Determination for Complex Number-Theoretic Trans- 
forms Using Cyclotomic Polynomials, Mathematics of Computation, vol.52, no.185, pp.189-200, 
(January-1989). |775 


—_ D — 


Ricardo Dahab, Darrel Hankerson, Fei Hu, Men Long, Julio Lopez, Alfred Menezes: Software 
Multiplication using Normal Bases, IEEE Transactions on Computers, vol.55, pp.974-984, (2006). 


[866] 


Ivan Damgard, Peter Landrock, Carl Pomerance: Average case error estimates for the strong 
probable prime test, Mathematics of Computation, vol.61, no.203, pp.177-194, (July-1993). |757 


Ivan B. Damgard, Gudmund Skovbjerg Frandsen: An extended quadratic Frobenius primality 
test with average and worst case error estimates, IEEE Transactions on Computers, vol.19, 


pp.783-793, (February-2003). Online at http://www. brics.dk/RS/03/9/index. html 


Leonard Eugene Dickson: History of the Theory of Numbers, vol.I, Divisibility and Primality, 
Carnegie Institute of Washington, 1919, unaltered reprint of the AMS, (2002). 


Leonard Eugene Dickson: History of the Theory of Numbers, vol.II, Diophantine Analysis, 
Carnegie Institute of Washington, 1919, unaltered reprint of the AMS, (2002). 


Geoffrey Dixon: Division Algebras, Galois Fields, Quadratic Residues, arXiv:hep-th/9302113, 


(23-February-1993). Online at http://arxiv.org/abs/hep-th/9302113 


[fxtbook draft of 2008-January-19] 


BIBLIOGRAPHY 901 


100] P. Duhamel, H. Hollmann: Split radix FFT algorithm, Electronics Letters, vol.20, no.1, pp.14-16, 
(5-January-1984). 394 


101] Pierre Duhamel: Implementation of “split-radix” FFT algorithms for complex, real and real- 
symmetric data, IEEE Transactions on Acoustics, Speech and Signal Processing, vol.34 pp.285-295, 
(1986). 401 


102] Richard Durstenfeld: Algorithm 235: random permutation, Communications of the ACM, vol.7, 
no.7, p.420, (July-1964). |113 


103] Jacques Dutka: On Square Roots and Their Representations, Archive for History of Exact 
Sciences, vol.36, no.1, pp.21-39, (March-1986). |653 


— -— 


[104] Peter Eades, Brendan McKay: An algorithm for generating subsets of fixed size with a strong 
minimal change property, Information Processing Letters, vol.19, p.131-133, (19-October-1984). 


[173] 
[105] H.-D. Ebbinghaus, H. Hermes, F. Hirzebruch, M. Koecher, K. Mainzer, J. Neukirch, A. Prestel, R. 
Remmert: Zahlen, second edition, (english translation: Numbers), Springer-Verlag, (1988). |56} 


[-88} [791] 


[106] Karen Egiazarian, Jaako Astola: Discrete Orthogonal Transforms Based on Fibonacci-type 
recursions, Note, Signal Processing Lab, Tampere University, Finland. 


[107] Gideon Ehrlich: Loopless Algorithms for Generating Permutations, Combinations, and Other 
Combinatorial Configurations, Journal of the ACM, vol.20, no.3, pp.500-513, (July-1973). 


[108] Doron Zeilberger (‘Shalosh B.EKHAD’): Forty “Strange” Computer-Discovered Hypergeomet- 


ric Series Evaluations, (12-October-2004). Online at http: //www.math.rutgers.edu/~zeilberg/ 
585 
— ff -— 
[109] Steven R. Finch: Mathematical Constants, Cambridge University Press, (2003). 


[110] N. J. Fine: Infinite Products for k-th Roots, The American Mathematical Monthly, vol.84, no.8. 
pp.629-630, (October-1977). |653 


[111] K. Fong, D. Hankerson, J. Lopez, A. Menezes: Field inversion and point halving revisited, 
Technical Report, CORR 2003-18, Department of Combinatorics and Optimization, University of 


Waterloo, Canada, (2003). Online at http: //citeseer.ist.psu.edu/fong03field.html 
[112] The Free Software Foundation (FSF): GCC, the GNU Compiler Collection. Online at 
//gcc.gnu.org/ 
[113] The Free Software Foundation (FSF): Other built-in functions provided by GCC, section 5.44 


of the documentation for GCC version 3.4.4. Online at http://gcc.gnu.org/onlinedocs/gcc-3. 
4.4/gcc/Other-Builtins.html 
— G — 
[114] Yves Gallot: Cyclotomic polynomials and prime numbers, Note, revised version, (5-January- 
2001). Online at http: //perso.wanadoo.fr/yves.gallot/papers/cyclotomic.html 
Shuhong Gao: Normal Bases over Finite Fields, Thesis, University of Waterloo, Ontario, Canada, 


(1993). Online at |http://www.math.clemson.edu/~sgao/pub. html 


[116] Shuhong Gao, Daniel Panario: Tests and Constructions of Irreducible polynomials over Finite 
Fields, In: F. Cucker, M. Shub, (eds.): Foundations of Computational Mathematics, Springer, 


pp.346-361, (1997). Online at http: //www.math.clemson.edu/~sgao/pub.html) |811| 


[fxtbook draft of 2008-January-19] 


[115 


902 


[117] 


[118] 


119 


120 


121 


122 


123 


124 


125 


126 


127 


128 


129 


130 


131 


132 


133 


[134 


BIBLIOGRAPHY 


Frank Garvan: Cubic modular identities of Ramanujan, hypergeometric functions and ana- 
logues of the arithmetic-geometric mean iteration, Contemporary Mathematics, vol.166, pp.245- 


264, (1993). Online at http://www.math.ufl.edu/~frank/publist.html 


Frank Garvan: Ramanujan’s theories of elliptic functions to alternative bases — a symbolic 
excursion, J. Symbolic Computation, vol.20, no.5-6, pp.517-536, (1995). Revised 16-December- 


2005 edition online at |http://www.math.ufl.edu/~frank/publist .html 


Joachim von zur Gathen, Jiirgen Gerhard: Modern Computer Algebra, Cambridge University 


Press, second edition, 2003. |656} 


Solomon W. Golomb: Cyclotomic Polynomials and Factorization Theorems, The American 
Mathematical Monthly, vol.85, no.9, pp.734-737, (November-1978). |768 


Daniel M. Gordon: A survey of fast exponentiation methods, Journal of Algorithms, vol.27, no.1, 
pp.129-146, (1998). Online at http: //citeseer.ist.psu.edu/gordon97survey.html 


Mark Goresky, Andrew Klapper: Fibonacci and Galois Representations of Feedback with 
Carry Shift Registers, IEEE Transactions on Information Theory, vol.48, no.11, pp.2826-2836, 


(November-2002). Online at http://www.math.ias.edu/~goresky/ 
Johannes Grabmeier, Alfred Scheerhorn: Finite Fields in AXIOM, AXIOM Technical Report no. 


ATR/5, (1992). Online at |http://citeseer.ist.psu.edu/121340. html 


R. L. Graham, D. E. Knuth, O. Patashnik: Concrete Mathematics, second printing, Addison- 
Wesley, New York, (1988). 27] 263] 64] 

Torbjorn Granlund, Peter L. Montgomery: Division by Invariant Integers using Multiplication, 
SIGPLAN Notices, vol.29, pp.61-72, (June-1994). Online at http: //swox.com/~tege/ 
Torbjorn Granlund: Instruction latencies and throughput for AMD and Intel x86 processors, 
(6-September-2005). Online at http: //swox.com/doc/x86-timing. pdf 


Andrew Granville: It is easy to determine whether a given integer is prime, Bulletin (New Series) 


of the AMS, vol.42, no.1, pp.3-38, (2004). Online at |http://www.dms.umontreal.ca/~andrew/ 
(770) 


S. Gudvangen: Practical Applications of Number Theoretic Transforms, NORSIG-99, Norwe- 
gian Signal Processing Symposium, (1999). Online at http: //www.norsig.no/norsig99/ 
— H — 


Bruno Haible, Thomas Papanikolaou: Fast multiprecision evaluation of series of rational 


numbers, Technical Report no. TI-7/97, (18-March-1997). Online at |nttp://www.informatik. 
th-darmstadt .de/TI/Veroeffentlichung/TR/Welcome.html 


R. V. L. Hartley: A More Symmetrical Fourier Analysis Applied to Transmission Problems, 
Proceedings of the IRE, vol.30, pp.144-150, (March-1942). |483 


B. R. Heap: Permutations by Interchanges, Computer Journal, vol.6, pp.293-294, (1963). 234 


Gerben J. Hekstra, Ed F. A. Deprettere: Floating Point Cordic (extended version), Tech- 
nical Report ET/NT 93.15, Delft University of Technology, (8-March-1993). Online at 


//citeseer.ist.psu.edu/hekstra93floating. html 


Nicholas J. Higham: The Matrix Sign Decomposition and its Relation to the Polar De- 
composition, Linear Algebra and its Applications, 212-213, pp.3-20, (1994). Online at 
//citeseer.ist.psu.edu/higham94matrix.html 


Nicholas J. Higham: Stable Iterations for the Matrix Square Root, Numerical Algorithms, vol.15, 


no.2, pp.227-242, (1997). Online at |http://www.ma.man.ac.uk/~higham/ 


[fxtbook draft of 2008-January-19] 


BIBLIOGRAPHY 903 


[135] 


136 


137 


138 


[139] 


140 


141 


142 


143 


[144] 


145 


146 


147 


148 


149 


150 


Christian W. Hoffmann: 7 und das arithmetisch-geometrische Mittel, Swiss Federal Research 


Institute WSL, (9-April-2002). Online at http://www.wsl.ch/staff/christian.hoffmann/pi. 
[588] 


Alston S. Householder: Polynomial Iterations to Roots of Algebraic Equations, Proceedings of 
the American Mathematical Society, vol.2, no.5, pp.718-719, (October-1951). |561 


Alston $. Householder: The Numerical Treatment of a Single Nonlinear Equation, McGraw-Hill, 
(1970). [564] 569 


Thomas D. Howell, Jean-Claude Lafon: The Complexity of the Quaternion Product, Technical 
Report TR-75-245, Department of Computer Science, Cornell University, Ithaca, NY, (June-1975). 


Online at |http://home.pipeline.com/~hbaker1/ 
— [| — 


F. M. Ives: Permutation enumeration: four new permutation algorithms, Communications of 


the ACM, vol.19, no.2, pp.68-72, (February-1976). 
— 


Gerhard Jaeschke: On strong pseudoprimes to several bases, Mathematics of Computation, 
vol.61, no.204, pp.915-926, (October-1993). |756 


T. A. Jenkyns: Loopless Gray Code Algorithms, Technical Report CS-95-03, Brock University, 


Canada, (July-1995). Online at http://citeseer.ist.psu.edu/134169. html 


S. M. Johnson: Generation of permutations by adjacent transposition, Mathematics of Compu- 
tation, vol.17, no.83, pp.282-285, (July-1963). |239 


Dieter Jungnickel, Alfred J. Menezes, Scott A. Vanstone: On the Number of Self-Dual Bases of 
GF(q™") Over GF(q), Proceedings of the American Mathematical Society, vol.109, no.1, pp.23-29, 
(May-1990). |873 


— k — 


Bahman Kalantari, Jiirgen Gerlach: Newton’s Method and Generation of a Determinan- 
tal Family of Iteration Functions, Technical Report DCS-TR 371, Dept. of Computer Sci- 


ence, Rutgers University, New Brunswick, NJ, (1998). Online at http://citeseer.ist.psu.edu/ 
kalantari98newtons. html 


Dan Kalman: A Singularly Valuable Decomposition: The SVD of a Matrix, preprint, Col- 


lege Math Journal, vol.27, no.1, (January-1996). Online at http: //www.american.edu/academic. 
depts/cas/mathstat/People/kalman/pdffiles/index.html 


K. Karamanos: From symbolic dynamics to a digital approach, International Journal of Bifur- 
cation and Chaos, vol.11, no.6, pp.1683-1694, (2001). |700 


Anatoly A. Karatsuba, Y. Ofman: Multiplication of multidigit numbers on automata, Soviet 
Physics Doklady, vol.7, no.7, pp.595-596, January-1963. Translated from Doklady Akademii Nauk 
SSSR, vol.145, no.2, pp.293-294, (July-1962). |524 


Richard Kaye: A Gray Code For Set Partitions, Information Processing Letters, vol.5, no.6, 


pp.171-173, (December-1976). Online at http: //www.kaye.to/rick/ 
Wilfried Keller: Fermat factoring status. Online at http://www. prothsearch.net/fermat .html 


(63. 


Louis V. King: On the Direct Numerical Calculation of Elliptic Functions and Integrals, 


Cambridge University Press, (1924). 


[fxtbook draft of 2008-January-19] 


904 BIBLIOGRAPHY 


[151] V. Kislenkov, V. Mitrofanov, E. Zima: How fast can we compute products?, in ISSAC: Pro- 
ceedings of the ACM SIGSAM International Symposium on Symbolic and Algebraic Computation, 


(1999). Online at http://citeseer.ist.psu.edu/434789. html 


Andrew Klapper, Mark Goresky: Feedback Shift Registers, 2-Adic Span and Combiners With 


Memory, Journal of Cryptology, vol.10, pp.111-147, (1997). Online at http: //www.math.ias.edu/ 
~goresky/EngPubl . html 


Donald E. Knuth: Structured programming with go to statements, ACM Computing Surveys, 
vol.6, no.4, (December-1974). |138 


[152 


[153 


[154] Donald E. Knuth: The Art of Computer Programming, third edition, Volume 1: Fundamental 


Algorithms, Addison-Wesley, (1997). Online errata list at |http://www-cs-staff.stanford.edu/ 


Donald E. Knuth: The Art of Computer Programming, third edition, Volume 2: Seminumerical 


Algorithms, Addison-Wesley, (1997). Online errata list at http: //www-cs-staff.stanford.edu/) 
539 


Donald E. Knuth: The Art of Computer Programming, second edition, Volume 3: Sorting and 


Searching, Addison-Wesley, (1997). Online errata list at http://www-cs-staff.stanford.edu/ 


[157] Donald E. Knuth: The Art of Computer Programming, pre-fascicles for Volume 4. Online at 
http: //www-cs-staff.stanford.edu/~knuth/ 212) 259} 


Wolfram Koepf: Orthogonal Polynomials and Computer Algebra, In: R. P. Gilbert et al., (eds.): 
Recent Developments in Complex Analysis and Computer Algebra, Kluwer, pp.205-234, (1999). 
Online at |http://www.mathematik.uni-kassel .de/~koepf/Publikationen/index. html 


[155 


[156 


[158 


[159 


Kenji Koike, Hironori Shiga: A three terms Arithmetic-Geometric mean, Journal of Number 
Theory, vol.124, pp.123-141, (2007). |578 


[160 


Ramanujachary Kumanduri, Cristina Romero: Number theory with computer applications, 


Prentice-Hall, (1998). 
= [== 


[161] Clement W. H. Lam, Leonard H. Soicher: Three new combination algorithms with the minimal 
change property, Communications of the ACM, vol.25, no.8, pp.555-559, (August-1982). 


[162 


Susan Landau, Neil Immermann: The Similarities (and Differences) between Polynomials and 
Integers, International Conference on Number Theoretic and Algebraic Methods in Computer 


Science (1993), pp.57-59, version of (8-August-1996). Online at http: //citeseer.ist.psu.edu/ 


landau94similarities.html 


[163] Glen G. Langdon, Jr.: An algorithm for generating permutations, Communications of the ACM, 
vol.10, no.5, pp.298-299, (May-1967). |261 


[164 


Benoit Leblanc, Evelyne Lutton, Jean-Paul Allouche: Inverse problems for finite automata: a 
solution based on Genetic Algorithms, Lecture Notes in Computer Science vol.1363, pp.157-166, 


(1998). Online at |http://www.1lri.fr/~allouche/bibliorecente. html 


[165] D. H. Lehmer: On arccotangent relations for 7, American Mathematical Monthly, vol.45, pp.657- 
664, (1938). |594 


[166 


Charles E. Leiserson, Harald Prokop, Keith H. Randall: Using de Bruijn Sequences to Index a 
1 in a Computer Word, MIT Lab for Computer Science, Cambridge, MA, (June-1998). Online at 


http://citeseer.ist.psu.edu/leiserson98using. html 


[fxtbook draft of 2008-January-19] 


BIBLIOGRAPHY 905 


[167] Arjen K. Lenstra: Integer Factoring, Designs, Codes and Cryptogaphy, vol.19, pp.101-128, 


168 


169 


170 


171 


172 


173 


[174] 


(175 


176 


177 


178 


179 


180 
181 


182 


[183] 


(2000). Online at |http://modular.fas.harvard.edu/edu/Fal12001/124/misc/arjen_lenstra_ 
factoring.pdf| |77/0| 


H. W. Lenstra, Jr., R. J. Schoof: Primitive Normal Bases for Finite Fields, Mathematics of 
Computation, vol.48, no.177, pp.217-231, (January-1987). |869 


Rudolf Lidl, Harald Niederreiter: Introduction to finite fields and their applications, Cambridge 
University Press, revised edition, (1994). |817 


J. H. van Lint, R. M. Wilson: A Course in Combinatorics, Cambridge University Press, (1992). 


[354] 839] 


W. Lipski, Jr.: More on permutation generation methods, Computing, vol.23, no.4, pp.357-365, 
(December-1979). 
Lisa Lorentzen, Haakon Waadeland: Continued Fractions and Applications, North-Holland, 


(1992). 


Ya Yan Lu: Computing the Logarithm of a Symmetric Positive Definite Matrix, Applied 
Numerical Mathematics: Transactions of IMACS, vol.26, no.4, pp.483-496, (1998). Online at http :| 


//citeseer.ist.psu.edu/331019. html 
—_ M — 


Robert SS. Maier: A generalization of Euler’s Hypergeometric Transform, 


arXiv:math.CA/0302084, (8-April-2003). Online at |hnttp://arxiv.org/abs/math.CA/0302084 


Robert 5S. Maier: Algebraic Hypergeometric Transformations of Modular Origin, 


arXiv:math.NT/0501425, (25-July-2005). Online at |http://arxiv.org/abs/math.NT/0501425 


Kei Makita, Yasuyuki Nogami, Tatsuo Sugimura: makita-primedeg-irred-via-aop.pdf, Electronics 
and Communications in Japan (Part III: Fundamental Electronic Science), vol.88, no.7, pp.23-32, 
(2005). |814 


H. Malvar: Fast computation of the discrete cosine transform through fast Hartley transform, 


Electronics Letters, vol.22, no.7, pp.352-353, (1986). 


Henrique 8S. Malvar: Fast Computation of the discrete cosine transform and the discrete Hart- 
ley transform, IEEE Transactions on Acoustics, Speech and Signal Processing, ASSP-35, no.10, 
pp.1484-1485, (October-1987). |501 


M. D. McIlroy: A Killer Adversary for Quicksort, Software Practice and Experience, vol.29, 
p.1-4, 1999. [IT7] 


Z. A. Melzak: Bypasses: a simple approach to complexity, Wiley, (1983). |317 


Helmut Meyn, Werner Gotz: Self-reciprocal Polynomials Over Finite Fields, Séminaire 


Lotharingien de Combinatoire, B21d, 8 pp, (1989). Online at http://www.emis.de/journals/ 


SLC/) |815 


Peter L. Montgomery: A Survey of Modern Integer Factorization Algorithms, CWI Quarterly, 


vol.7, no.4, pp.337-365, (1994). Online at http://citeseer.ist.psu.edu/montgomery94survey . 
[770] 


James A. Muir, Douglas R. Stinson: Minimality and Other Properties of the Width-w Nonadja- 
cent Form, Technical report CORR 2004-08, Centre for Applied Cryptographic Research (CACR) 


at the University of Waterloo, Canada, (2004). Online at http: //www.cacr.math.uwaterloo.ca/ 
techreports/2004/tech_reports2004. html 


[fxtbook draft of 2008-January-19] 


906 


[184] 


[185] 


[186] 


[187 


[188 


189 


190 


191 


192 


193 


[194 


[195 


196 


197 


198 


[199 


BIBLIOGRAPHY 


Jean-Michel Muller: Elementary Functions: algorithms and implementation, Birkhauser, 
(197), (27) 3 


David R. Musser: Introspective Sorting and Selection Algorithms, Software — Practice and 
Experience, vol.8, pp.983-993, (1997). 


—— N — 
H. J. Nussbaumer: Fast Fourier Transform and Convolution Algorithms, second edition, 
Springer-Verlag, (1982). |418 

—s O — 
C. D. Olds: Continued Fractions, The Mathematical Association of America, (1963). ). [689} [779] 


Michael Orchard: Fast bit-reversal algorithms based on index representations in GF(2"), [IEEE 
International Symposium on Circuits and Systems, (1989), vol.3, pp.1903-1906, (1989). |837 


— Pp — 


The PARI Group (PARI): PARI/GP, version 2.3.1, Online at http://pari.math.u-bordeaux. 


Michael S. Paterson, Larry J. Stockmeyer: On the number of nonscalar multiplications necessary 
to evaluate polynomials, SIAM J. Comput., vol.2, no.1, pp.60-66, (March-1973). |617 


W. H. Payne, F. M. Ives: Combination Generators, ACM Transactions on Mathematical Software 
(TOMS), vol.5, no.2, pp.163-172, (June-1979). |172 


Carl Pomerance, J. L. Selfridge, S. Wagstaff, Jr.: The Pseudoprimes to 25- 10°. Mathematics of 
Computation, vol.35, no.151, pp.1003-1026, (July-1980). [756] [768] 


Peter John Potts: Computable Real Arithmetic Using Linear Fractional Transformations, 
Report, Department of Computing, Imperial College of Science, Technology and Medicine, London, 


(June-1996). Online at http: //citeseer.ist.psu.edu/potts96computable. html 


Helmut Prodinger: On Binary Representations of Integers with Digits -1, 0, +1, INTEGERS, 


vol.0, (14-June-2000). Online at http: //www.integers-ejcnt.org/vol0.html 
— Q — 
— R —= 


Michael O. Rabin: Probabilistic algorithms in finite fields, Technical Report MIT-LCS-TR-213, 


Massachusetts Institute of Technology, (January-1979). Online at |hnttp://publications.csail. 


Charles M. Rader: Discrete Fourier Transforms When the Number of Data Samples is Prime, 
Proceedings of the IEEE, vol.56, iss.6, pp.1107-1108, (June-1968). |427 


Janusz Rajski, Jerzy Tyszer: Primitive Polynomials Over GF(2) of Degree up to 660 with 
Uniformly Distributed Coefficients, Journal of Electronic Testing: Theory and Applications, 
vol.19, pp.645-657, (2003). |823 


David Rasmussen, Carla D. Savage, Douglas B. West: Gray code enumeration of families of 
integer partitions, Journal of Combinatorial Theory, Series A, vol.70, no.2, pp.201-229, (1995). 


Online at |http://www.csc.ncsu.edu/faculty/savage/papers.html 


Phillip A. Regalia, Sanjit K. Mitra: Kronecker Products, Unitary Matrices and Signal Process- 
ing Applications, SIAM Review, vol.31, no.4, pp.586-613, (December-1989). |436 


[fxtbook draft of 2008-January-19] 


BIBLIOGRAPHY 907 


[204] 


[205] 


(211 


(212 


(213 


206 


207 


208 


209 


210 


200 


201 


202 


203 


[214] 


[215 


[216 


Hans Riesel: Prime Numbers and Computer Methods for Factorization, Birkhauser, (1985). 


Frank Ruskey, Carla Savage, Terry MinYih Wang: Generating Necklaces, Journal of Algorithms, 
vol.13, pp.414-430, (1992). |342 


Frank Ruskey, Joe Sawada: An Efficient Algorithm for Generating Necklaces with Fixed Den- 
sity, SIAM J. Comput., vol.29, no.2, pp.671-684, (1999). Online at http://www.cs.uvic.ca/ 


Frank Ruskey, Aaron Williams: Generating combinations by prefix shifts, Lecture Notes in 
Computer Science, 3595, (2005). Extended Abstract for COCOON 2005. Online at 


cs.uvic.ca/~ruskey/Publications/ 
= S —— 
Eugene Salamin: Computation of 7 Using Arithmetic-Geometric Mean, Mathematics of Com- 


putation, vol.30, no.135, pp.565-570, (July-1976). |583 


Eugene Salamin: Application of Quaternions to Computation with Rotations, Working Paper, 
Stanford AI Lab, 1979. Edited and TeX-formatted by Henry G. Baker, (1995). Online at 


//nome.pipeline.com/~hbaker1/ 

Carla Savage: A Survey of Combinatorial Gray Codes, SIAM Review, vol.39, no.4, pp.605-629, 
(1997). Online at http://www.csc.ncsu.edu/faculty/savage/papers html 

Joe Sawada: Generating Bracelets in Constant Amortized Time, SIAM J. Comput, vol.31, no.1, 


pp.259-268, (2001). Online at |http://citeseer.ist.psu.edu/470511.html) /336 


Joe Sawada: A fast algorithm to generate necklaces with fixed content, Theoretical Computer 
Science, vol.301, no.1-3, pp.477-489, (May-2003). |346 


Arnold Schénhage: Schnelle Multiplikation von Polynomen iiber Kérpern der Charakteristik 
2, Acta Informatica, vol.7, no.4, pp.395-398, (December-1977). [804] [861] 


E. Schroder: On Infinitely Many Algorithms for Solving Equations, translation by G. W. Stew- 
art of: Ueber unendlich viele Algorithmen zur Auflé6sung der Gleichungen, Mathematische 


Annalen, (1870). Online at |http://citeseer.ist.psu.edu/93609.htm1, |564 
Robert Sedgewick: Permutation Generation Methods, ACM Computing Surveys (CSUR), vol.9, 


no.2, pp.137-164, (June-1977). Online at |http://www.princeton.edu/~rblee/ELE572Papers/ 
236 


Robert Sedgewick: Algorithms in C++. Parts 1-4: Fundamentals, Data Structures, Sorting, 
Searching, third edition, Addison-Wesley, (1998). ). [115} [137] 


Jeffrey Shallit, David Swart: An Efficient Algorithm for Computing the ith Letter of y"(a), 


In: Proc. 10th Annual SODA conference, pp.768-775, (1999). |http://www.cs.uwaterloo.ca/ 


N. J. A. Sloane: The On-Line Encyclopedia of a Sequences. Online at http://www. 


research.att.com/~njas/sequences/ Sey oe ay Peay P| PS] ST Tf bene fon 58} [60] [66] [67| [75] [86] 130} {131} |234{ 


David M. Smith: Efficient multiple precision evaluation of elementary functions, Mathematics 
of Computation, vol.52, pp.131-134, (1989). |617 


Jerome A. Solinas: Generalized Mersenne Numbers, Technical report CORR 99-39, University 


of Waterloo, Canada, (1999). Online at http://www.cacr.math.uwaterloo.ca/ 


[fxtbook draft of 2008-January-19] 


908 


[217] 


[218] 


[219 


[220 


(221 


[222 


(223 


[224] 


[225 


[226] 


227 


228 


229 
230 


231 


[232 


BIBLIOGRAPHY 


Hong-Yeop Song: Examples and Constructions of Hadamard Matrices, Dept. of Electical 


and Electronics Engineering, Yonsei University, Korea, (June-2002). Online at |http://calliope. 
uwaterloo.ca/~ggong/710T4/Song-lecture.ps 


H. Sorensen, D. Jones, C. Burrus, M. Heideman: On computing the discrete Hartley transform, 
IEEE Trans. on Acoustics, Speech and Signal Processing, vol.33, no.5, pp.1231-1238, (October- 
1985). |493 


Henrik V. Sorensen, Douglas L. Jones, Michael T. Heideman, C. Sidney Burrus: Real-Valued Fast 
Fourier Transform Algorithms, IEEE Transactions on Acoustics, Speech and Signal Processing, 
vol.35, no.6, pp.849-863, (June-1987). |401 


Damien Stehlé, Paul Zimmermann: A Binary Recursive Ged Algorithm, INRIA research report 
RR-5050, (December-2003). 


Ralf Stephan: Divide-and-conquer generating functions. Part I. Elementary sequences, (2003). 
Online at |hnttp: //arxiv.org/abs/math.C0/0307027 


Carl Stormer: Sur Vapplication de la théorie des nombres entiers complexes a la solution en 
nombres rationnels 71 %2 ...%n C1 Co... Cn k de Péquation: c; arctg x1 + co arctg v2 +... +c 
arctg tn =k , Archiv for Mathematik og Naturvidenskab, B.XIX, Nr.3, (vol.19, no.3), pp.1-96, 
(1896). |590 


Richard G. Swan: Factorization of polynomials over finite fields, Pacific J. Math., vol.12, no.8, 
pp.1099-1106, (1962). |819 


Paul N. Swarztrauber: Bluestein’s FFT for Arbitrary N on the Hypercube, Parallel Comput- 


ing, vol.17, pp.607-617, (1991). Online at\http://www.cisl.ucar.edu/css/staff/pauls/papers/ 


— 


Tadao Takaoka, Stephen Violich: Combinatorial Generation by Fusing Loopless Algorithms, 
In: Computing: The Australasian Theory Symposium (CATS2006), Hobart, Australia. Confer- 
ences in Research and Practice in Information Technology (CRPIT), vol.51. Barry Jay, Joachim 
Gudmundsson, (eds.), (2006). |306 


M. A. Thornton, D. M. Miller, R. Drechsler: Transformations Amongst the Walsh, Haar, 
Arithmetic and Reed-Muller Spectral Domains, International Workshop on Applications of 
the Reed-Muller Expansion in Circuit Design (RMW), pp.215-225, (2001). Online at 


//engr.smu.edu/~mitch/publications.html 


John Todd: A problem on arc tangent relations, Amer. Math. Monthly, vol.56, no.8, pp.517-528, 
(October-1949). |594 


Mikko Tommila: apfloat, A High Performance Arbitrary Precision Arithmetic Package, (1996). 


Online at |http://www.apfloat.org/ 
J. F. Traub: Iterative Methods for the Solution of Equations, Chelsea, (1964). |564| 


H. F. Trotter: Algorithm 115: Perm, Communications of the ACM, vol.5, no.8, pp.434-435, 
(August-1962). 


H. W. Turnbull: Theory of Equations, fifth edition, Oliver and Boyd, Edinburgh, (1952). 
a ee 
=e 


Vincent Vajnovszki: Generating a Gray Code for P-Sequences, Journal of Mathematical Mod- 
elling and Algorithms, vol.1, pp.31-41, (2002). |306 


[fxtbook draft of 2008-January-19] 


BIBLIOGRAPHY 909 


[233] 


[234] 


[235 


[236 


[237 


[238] 


[239] 


240 
241 


242 


243 


244 


245 


246 


247 


248 


249 


[250] 


Raimundas Vidiinas: Expressions for values of the gamma function, arXiv:math.CA/0403510, 
(30-March-2004). Online at |nttp://arxiv.org/abs/math/0403510 


San C. Vo: A Survey of Elliptic Cryptosystems, Part I: Introductory, NASA Advanced 


Supercomputing (NAS) Division, (August-2003). Online at http://www.nas.nasa.gov/News/ 
580 

—_ W — 
Timothy Walsh: Generating Gray codes in O(1) worst-case time per word, In: DMTCS 2003, 
C. S. Calude et al. (eds.), Lecture Notes in Computer Science, vol.2731, pp.73-88, (2003). }161 


Xiaoyun Wang, Dengguo Feng, Xuejia Lai, Hongbo Yu: Collisions for Hash Functions MD4, 
MD5, HAVAL-128 and RIPEMD, Cryptology ePrint Archive, Report 2004/199, revised version, 


(17-August-2004). Online at http: //eprint.iacr.org/2004/199/ 


Zhong-De Wang: New algorithm for the slant transform, IEEE Transactions Pattern Anal. Mach. 
Intell. (PAMI), vol.4, no.5, pp.551-555, (September-1982). 


André Weimerskirch, Christoph Paar: Generalizations of the Karatsuba Algorithm for Poly- 


nomial Multiplication, (March-2002). Online at http://citeseer.ist.psu.edu/571363. html 


André Weimerskirch, Christoph Paar: Generalizations of the Karatsuba Algorithm for Effi- 
cient Implementations, Technical Report, Ruhr-Universitat-Bochum, Germany, corrected version, 


(2003). Online at http://www.crypto.ruhr-uni-bochum.de/en_publications.html 
Eric Weisstein: MathWorld. Online at |http://mathworld.wolfram.com/ 


Mark B. Wells: Generation of Permutations by Transposition, Mathematics of Computation, 
vol.15, no.74, pp.192-195, (April-1961). 


Mark Weston, Vincent Vajnovszki: Gray codes for necklaces and Lyndon words of arbitrary 
base, Proceedings of GASCOM’06, Dijon, France, pp.55-62, (30-May-2006). |340 


Michael Roby Wetherfield, Hwang Chien-lih: Lists of Machin-type (inverse integral cotangent) 


identities for Pi/4, Online at http://machination.mysite.wanadoo-members.co.uk/index. 
[594] 


Michael Roby Wetherfield: The enhancement of Machin’s formula by Todd’s process, The 
Mathematical Gazette, vol.80, pp.333-344, (July-1996). |594 


E. T. Whittaker, G. N. Watson: A Course of Modern Analysis, Cambridge University Press, 
fourth edition, (1927), reprinted 1990. 1665} 


Mladen Victor Wickerhauser: Adapted Wavelet Analysis from Theory to Software, AK Peters, 
Ltd., Wellesley, Mass., (1994). |518 


Herbert S. Wilf: generatingfunctionology, second edition, Academic Press, (1992). Online at 
http: //www.math.upenn.edu/~wilf/DownldGF .html 


Hugh C. Williams: Eduard Lucas and primality testing, Wiley, (1989). |770 
——— xX —— 


Limin Xiang, Kazuo Ushijima: On O(1) Time Algorithms for Combinatorial Generation, The 
Computer Journal, vol.44, pp.292-302, (2001). |306 


—. Y —2 
—= Z — 
S. Zaks: A new algorithm for generation of permutations, BIT 24, pp.196-204, (1984). |233 


[fxtbook draft of 2008-January-19] 


910 BIBLIOGRAPHY 


[251] Pawel Zielinski, Krystyna Zietak: The Polar Decomposition — Properties, Applications and Al- 


gorithms, Annals of the Polish Mathematical Society, vol.38, (1995). Online at 
ist.psu.edu/zielinski95polar.html 


[252] Neal Zierler: On a Theorem by Gleason and Marsh, Proceedings of the American Mathematical 
Society, vol.9, no.2, pp.236-237, (April-1958). 


[fxtbook draft of 2008-January-19] 


Index 911 


Symbols db awa wets bildawseies abet Pees alternating series, and continued fractions [686] 
—2, representations with radix —2 6] alternating series, sumalt algorithm |621 

99”, computation [429] AND-convolution [463 

E, elliptic function [576] apply permutation () 

K, elliptic hon Bo approximations, initial, for iterations 
O(1) algorithms arbitrary length FFT 

®, cyclic convolution [409] arc (edge) of a rh 

®yy}, weighted convolution arctan relations for 7 


arctan, computation by rectangular scheme 
argument reduction 


®un, linear convolution 
n-product (eta-product) 


m computation, AGM vs. binary splitting |615 — for arctan, [601] 
mT, computation — for cos, 
y(n), Euler’s totient function [741] — for exp, |605 
i, computation [603] — for log, [601 
z*, series for [676] arithmetic transform [455] 
Wy [], weighted transform [417| arithmetic transform, convolution property |462 
2-adic, inverse and square root arithmetic, modular [731] 
2D Hilbert curve arithmetic-geometric mean (AGM) [573 
3D Hilbert curve [333 array notation [161] 
array, of bits[152| 

GR, tadahaesbrtgstatieanndetuey spe sesatereasseraess asm trick, with GCC 
AC (adjacent changes), Gray code [363] asymptotics, of an algorithm 
ac_gray_delta() auto correlation function (ACF) 
acceleration of convergence, sumalt algorithm |621 average, of two integers, without overflow [22] 
ACF (auto correlation function) 
acyclic (linear) convolution |412 ME sages Soe ston sata wees iaacereceensed: 
acyclic (linear) correlation backtracking |355 
addition, modulo m|731 base (radix) conversion [616] 
additive inverse, modulo m[734 base field 
adjacency matrix of a graph|[355| basis functions, Reed-Muller transform [459] 
adjacent changes (AC), Gray code [363] Beatty sequence with [721] 
adjacent nodes in a graph [355] Bell numbers 
AGM Ben-Or test for irreducibility [810] 

— (arithmetic-geometric mean), |573 Berlekamp’s Q-matrix algorithm [827] 

— 4-th order variant, Bhaskara equation [778] 

—and hypergeometric functions, [578] big endian machine 

—vs. binary splitting, |615 binary 
algebra [787] ~ exponentiation, [537] 
all-ones polynomial [821] — finite field, 
all-ones polynomials, trace vector [860] — GCD algorithm, |734 
all_irredpoly (C++ class) - heap, [148] 


[fxtbook draft of 2008-January-19] 


912 


— powering, 

— relation, 

— search, 
binary splitting 

— for rational series, 

—vs. AGM, 

— with continued fractions, [685] 
binary_necklace (C++ class) 
Binet form, of a recurrence [643] 
binomial coefficient 
bit combinations 
bit counting 
bit subsets, via sparse counting 
bit-array |152 
bit-array, fitting in a word [21] 
bit-block boundaries, determination [13] 
bit-reversal 
bit-reversal permutation 
bit-subset, testing [6] 
bit-wise 

— reversal, 

— rotation, 

— zip, 
bit_fibgray (C++ class) 
bit_necklace (C++ class) 
bit_rotate_sgn() 
bit_subset (C++ class) 
bitarray (C++ class) 
bitpol factor () 
bitpol_mult () of 
bitpol_normal_q() 
bitpol_refine factors() 
bitpol_sreduce() 
bitrev eretacen BED 
BITS_PER_LONG 
blocks of bits, counting 
blocks of bits, creation [12] 
blocks, swapping via quadruple reversion [92] 
blue code 
blue code, fixed points 
bracelets, as equivalence classes 
branches, avoiding them [22] 
bsearch 
bsearch() 
bsearch_approx() 
bsearch_ge 
bubble sort 
builtins, GCC 
butterfly diagram, for radix-2 transforms [431] 
byte-wise Gray code and parity 
BYTES_PER_LONG 


C++ class XYZ see XYZ (C++ class) 


Index 


C2RFT see real FFT 

C2RFT (complex to real FT) |398 
canonical sequence 

carries with mixed radix counting |210 
carry, in multiplication 

CAT, constant amortized time 
catalan (C++ class) 
Catalan constant 

Catalan numbers 

Cayley numbers 
Cayley-Dickson construction [788] 
characteristic polynomial 

— of a matrix, [864] 

~ of a recurrence relation, [635] 

— with Fourier transform, |504 
characteristic, of a field [852] 

Chase’s sequence, for combinations [178] 
Chebyshev polynomials 

— and Pell’s equation, 

— and products for the square root, 

— and recurrence for subsequences, 

— and square root approximants, 

— as hypergeometric functions, 

— definition, 

~ fast computation, [650] 

— with accelerated summation, 
Chinese Remainder Theorem (CRT) 
Chinese Remainder Theorem, for convolution [514] 
chirp z-transform [423] 
circuit in a graph|355| 
circulant matrix |869 
Clausen’s products 
CLHCA (a class of cellular automata) |847 
clz (Count Leading Zeros), GCC builtin 
co-lexicographic order 

— (definition), /161 

— for combinations, 

— for compositions, 

— for permutations, 

— for subsets of a multiset, |275 

— with bit combinations, 
colex (co-lexicographic) order 
comb_rec (C++ class) 
combination chase (C++ class) 
combination_colex (C++ class) 
combination_emk (C++ class) 
combination_enup (C++ class) 
combination_lex (C++ class) 
combination pref (C++ class) 
combination_revdoor (C++ class) 
combinations, Gray code, with binary words[69] 
combinations, of k bits [61] 
combinatorial Gray code 


companion matrix 


[fxtbook draft of 2008-January-19] 


Index 


comparison function, for sorting |121 
compiler, smarter than you thought 
complement, of a permutation [105] 
complement-shift sequences [361] 
complementary basis 
complementing the sequency [43] 
complete graph 
complex numbers, construction [771] 
complex numbers, mult. via 3 real mult. 
complex numbers, sorting |122 
composite modulus 
compositeness of an integer, test for 
composition, of permutations 
composition_colex (C++ class) 
composition_colex2 (C++ class) 
composition_ex_colex (C++ class) 
compositions |183 
computation of 7, AGM vs. binary splitting |615 
concave sequence 
conditional search, for paths in a graph [362| 
conditional swap 
conference matrix |349 
conjugates of an element in GF(2”) |857 
connected permutation [269] 
connection polynomial |833 
constant 

— Catalan, 


— CORDIC scaling, |631} 
— Fibonacci parity, 


— Gray code, 

— Komornik-Loreti, |694 
— parity number, 
— Pell, |723 

~ Pell Gray code, 

— Pell palindromic, |723 
— period-doubling, |700 
— rabbit, |718 
— revbin, 


— ruler, 
—sum of Gray code digits, [709] 
— sum-of-digits, |705 
— Thue, 
— weighted sum of Gray code digits, |711 
— weighted sum-of-digits, |706 
constant amortized time (CAT) 
continued fraction [680 
continued fractions, as matrix products [685] 
convergent, of a continued fraction [680] 
conversion, float to int 
conversion, of the radix (base) |616 
convex sequence [132] 
convolution 
— acyclic (linear), |412 


913 


— and Chinese Remainder Theorem, |514 
— and multiplication, [532] 
— AND-convolution, [463] 
~ by FFT, without revbin permutations, [411] 
— by FHT, |493 
— cyclic, 
— cyclic, by FHT, |493 
— dyadic, 
~ exact, [514] 
~ linear, [412] 
— mass storage, 
— negacyclic, 
— OR-convolution, 
— property, of the Fourier transform, |410 
— right-angle, 
— skew circular, 
— weighted, 
~ XOR-convolution, [445] 
cool-lex, order for combinations 
Cooley-Tukey FFT algorithm |378 


copy_reverse_0() 
copying one bit 
CORDIC algorithms 
coroutine (C++ class) 
coroutines [156 
correlation |414 
cos_rot() 
cosine transform (DCT) 
cosine, by rectangular scheme [620] 
cosine, CORDIC algorithm |630 
cosine, in a finite field [775] 
counting bits of a sparse word [20] 
counting bits of a word [19] 
counting sort 
coupled iteration, for the square root 
CPU instructions, often missed 
CRC (cyclic redundancy nee 
crc32 (C++ class) 
crc64 (C++ class) 
cross correlation |414 
CRT (Chinese Remainder Theorem) |747 
ctz (Count Trailing Zeros), GCC builtin [21] 
cube root extraction [543 
cubic convergence 
cycle in a graph 
cycle type, of a permutation [268] 
cycle-leaders, for the Gray code permutation [341] 
cycle-leaders, for the Gray permutation [97] 
cycles (C++ class) 
cycles of a permutation and in-place routines [111] 
cycles, of a permutation [106] 
cyclic 
~ convolution, [409] 
— convolution, by FFT, |411 


[fxtbook draft of 2008-January-19] 


914 


— correlation, [414] 
— distance, with binary words, 
— period, of a binary word, 


— permutations, and factorial numbers, [229] 
— permutations, recursive generation, [264] 
— redundancy check (CRC), 
— ring, {743 
~ XOR, 
cyclic_perm (C++ class) 
cyclotomic polynomials 
— (definition), }655 
— and primes, 
— and primitive binary polynomials, 


Daubechies wavelets [519 

De Bruijn sequence, to compute bit position [15] 
De Bruijn graph [359] 

De Bruijn sequence 

De Bruijn sequence, as path in a graph [359] 
De Bruijn sequences, number of|839 
debruijn (C++ class) 

decimation in frequency (DIF) [381] 
decimation in frequency FFT algorithm |381 
decimation in time (DIT) |378 

decimation in time FFT algorithm [378] 


delta sequence [416] 
delta set 


delta squared process 
deque (C++ class) 
deque (double-ended queue) |146 
derangement 
derangement order, for permutations 
DFT (discrete Fourier transform) 
DIF (decimation in frequency) 
difference sets, and correlation 
digraph 
digraph (C++ class) 
digraph: :sort_edges() 
digraph paths (C++ class) 
digraph_paths: : print ne 
directed graph 
discrete cosine transform (DCT) 
discrete Fourier transform (DFT) 
discrete sine transform (DST) 
DIT (decimation in time) |378 
division 

— algorithm using only multiplication, 

— CORDIC algorithm, |632 

— exact, by C = 2* +1, 

— exact, with polynomials over GF(2), |798 
divisionless iterations for polynomial roots |560 


(378 


Index 


divisors (C++ class) 

Dobinski’s formula, for Bell numbers 
double-ended queue (deque) |146 

dragon curve sequence 

DST (discrete sine transform) |501 
dsth() 

dual basis [871] 

dyadic convolution [445] 
dyadic_convolution() 


E, elliptic function [576] 
Eades-McKay sequence, for combinations 
easy case, with combinatorial generation [163] 
edge of a graph [355] 
edge sorting, with graph search 366] 
element of order n [507 
elementary functions, as hypergeometric f. |671 
elliptic E'|576 
elliptic K 
elliptic functions, as hypergeometric functions|677| 
endian-ness, of a computer [3] 
endo (Even Numbers DOwn) order 
endo order, for mixed radix numbers 
enup (Even Numbers UP) order 
enup order for combinations 
enup order, with permutations [255] 
equivalence classes 
equivalence relation [127] 
equivalence relations, number of 
equivalence _classes() 

738 


Eratosthenes, prime sieve 
eta-product 
Euclidean algorithm |734 
Euler numbers [269] 
Euler’s identity, for hypergeometric functions |667| 
Euler’s totient function [741 
exact convolution [514 
exact division 
exact division, by C = 2 +1 
exact division, with polynomials over GF (2) |798 
exponent, of a group]|740 
exponential convergence [563] 
exponential function 
— bit-wise computation, 
— by rectangular scheme, |620 
— computation via g = exp(—7 K'/K), 
— iteration for, 
— of power series, 
exponentiation 
~ algorithms, [537] 
— modulo m, 
extension field |770} 
external algorithms 


[fxtbook draft of 2008-January-19] 


factorial number system [222] 
factorial, binsplit algorithm for [611] 
factorization of binary polynomials|827| 
falling factorial basis [222] 
fast Fourier transform (FFT) |376 
fast Hartley transform (FHT) |483 
fcsr (C++ class) 
FCSR (feedback carry shift register) |840 
feedback carry shift register (FCSR) 
Fermat numbers [762] 
Fermat primes 
ffact2cyclic() 
ffs (Find First Set), GCC builtin [21] 
FFT 
—as polynomial evaluation, [534] 
— radix-2 DIF, 
— radix-2 peg 
— radix-4 DIF, |390 
— radix-4 DIT, |387 
— split-radix algorithm, 
FFT (fast Fourier transform) |376 
FFT caching |539 
FFT, for multiplication [532] 
fft_complex_convolution() 
fft_dif41() 
fft_dit4_core_p1() 
FHT 
— convolution by, 
— DIF step, |487 
— DIF, recursive, [487] 
— DIT, recursive, 
— radix-2 DIF, 
— radix-2 DIT, 
— radix-2 DIT step, 484 
— shift operator, 
FHT (fast Hartley transform) |483 
fht_dif2() 
fht_dif_core() 
fht_real_complex_fft() 
Fibbinary numbers 
Fibonacci 
— k-step sequence, 
— numbers, 
— parity, |719 
— parity constant, 
— polynomials, [877] 
— representation, 
— setup, of a shift register, 
— words, 
— words, Gray code, 
— words, shifts-order, [200] 
Fibonacci-Haar transform [478] 
Fibonacci-Walsh transform [479] 


915 


FIFO (first-in, first-out), queue 
filter, for wavelet transforms 
finite field 

finite-state machine [154] 

fixed point, of a function [563] 

fixed points, of the blue code [47| 
FKM algorithm |336 

four step FFT |406 

Fourier shift operator 

Fourier transform (FT) |375 

Fourier transform, convolution property |410 
fractional Fourier transform [425] 


FT (Fourier transform) |375 
full path in a graph 


Galois Field 
Galois setup, of a shift register 
Gauss’ transformation |667 
Gaussian normal basis|[877] 
GCC, builtins 
GCD, computation 
generator in GF(2”) 
generator of a group 
generator, modulo p 
generator, program producing programs [502| 
GF(2”) (binary finite field) |851 
GF2n (C++ class) 
GF2n: : init () 
gf2n_fast_trace() 
gf2n_half_trace() 
gf2n_order () 
gf2n_solve_quadratic() 
GNB (Gaussian normal basis) |877 
Golay-Rudin-Shapiro sequence 
Goldschmidt algorithm [555] 
Gray code 

— and radix —2 representations, 

— binary, reversed, 

— combinatorial (minimal-change order), 

— constant, 

— for bit-subsets, 

— for combinations, 

— for combinations of a binary word, 

— for Fibonacci words, 

— for Lyndon words, |367 

— for mixed radix numbers, [210] 

— for Pell words, 

— for sparse signed binary words, 

— for subsets, with shifts-order, 

— of a binary word, 

— permutation, 

— powers of, 

— single track, 


[fxtbook draft of 2008-January-19] 


916 


Gray permutation 

gray_cycle leaders (C++ class) 

green code 

grep 

ground field 

GRS (Golay-Rudin-Shapiro) sequence 
grs_negate() 


gslex order, for mixed radix numbers [213] 


haar () 

Haar transform [465] 
haar_inplace vata 
haar_rev_nn() 
Hadamard matrix 
Hadamard transform 
half-trace, in GF(2") with n odd|863] 
Halley’s formula 567 
Hamiltonian cycle 
Hanoi, towers of, puzzle |701 
Hartley shift 

Hartley transform (HT) [483] 
hashing, via CRC [77] 


heap 
Heap’s algorithm for permutations [234] 
heapsort 


hexanacci numbers 
hidden constant, with asymptotics |524 
high bits of a word, operations eRe 
Hilbert curve 
— 3D, [333 
— by string substitution, 
— finite state machine for, 
— function encoding it, 


~ moves, [51] 
~ turns, [714] 


homogeneous moves, with combinations [T73] 
homogenous moves, with k-subsets [205] 
Householder’s iteration [566 
Householder’s method 
HT (Hartley transform) |483 
hyperbolic sine and cosine, by CORDIC [633] 
hypercomplex numbers 
hypergeometric function 

— (definition), |663 

~ AGM algorithms, [578] 

~ conversion to continued fraction, [688] 


(eS) 


| ee eee ee eer mere ener re er 
identical permutation [104] 
idsth() 


i’, computation [603] 
indecomposable permutation 
index of an element modulo m [740 


Index 


index of the single set bit 
index sort 
infinite products, from series [659] 
inhomogeneous recurrence [639] 
initial approximations, for iterations 
integer partitions |311 
integer sequence 
— Beatty seq. with ®, 
~ Carmichael numbers, [753] 
— Catalan numbers, |306| 
~ Euler function y(n), Foy 
— Euler numbers, 
— Feigenbaum symbolic seq., |700 
— Fibbinary numbers, 
— Fibonacci numbers, 288 
— fixed points in lex-rev seq., 
— Golay-Rudin-Shapiro seq., 
— Gray codes, 
— GRS (Golay-Rudin-Shapiro) seq., 
— hexanacci numbers, 
— hypercomplex multiplication, 
— indecomposable permutations, |270 
— integer partitions, |316 
— involutions, [268] 
~ irreducible polynomials, 
— Kronecker symbols (=), 710 
— Lyndon words, 
— Mephisto Waltz seq., 
— Moser — De Bruijn sequence, 
— necklaces, 
— non-generous primes, |/45 
— number of XYZ, see number of, XYZ 
— numbers both triangular and square, 
— optimal normal bases, type-l, 
— optimal normal bases, type-2, |876 
— paper-folding seq., 
— paper-folding seq., signed, 
— paren words, 
— partitions into distinct parts, 
— Pell equation not solvable, 
— pentanacci numbers, 
— period-doubling seq., 
— primes with primitive root 2, 
— primitive roots of Mersenne primes, |3839 
— primitive trinomials, 
— quadratic residues all non-prime, 
— rabbit seq., 
— radix —2 representations, 
— restricted growth strings, 
— ruler function, [698] 
— sparse signed binary words, 
— Stirling numbers of the second kind, 
~ subfactorial numbers, [270] 
— subset-lex words, 


[fxtbook draft of 2008-January-19] 


Index 917 


— sum of binary digits, [704 — A004211, 
—sum of digits of binary Gray code, — A004212, 
— swaps with revbin permutation, — A004213, 
— tetranacci numbers, — A005351, |5 
— Thue-Morse seq., — A005352, [5 
— tribonacci numbers, 288 — A005418, 697 
— type-l optimal normal bases, — A005578, [2 
— type-2 optimal normal bases, |876 — A005614, |718 
~ values of the Mébius function, [658] — A005727, 
— Wieferich primes, — A005811, 
integer sequence, by OEIS number — A006130, |2 
— A000009, — A006131, |2 
— A000010, — 006206, [660 
— A000011, — A006498, |296 
— A000013, ~ A006945, 
~ A000029, ~ 007895, 
— A000031, (130) [B43] ~ 008275, [267 
— 000041, [316] — 008277, 
— A000045, [286] pa [288] [290] [293] [295] [778] — A008683, 
— A000048, — A010060, |40} |692 
~ A000073, 2 — A011260, 
— A000078, — A014577, 
— A000085, |2 — A014578, _ 
~ 4000108, BOG — A015440, |2 
— A000110, {131} |320} |329 — A015441, 
~ A000111, 2 ~ A015 442, 
~ A000123, ~ A015443, 2 
— 4000129, — A015448, [2 
~ 4000166, 2 — A015449, [2 
~ A000201, ~ A019320, 
— 4000213, 2 — A020229, |7 
~ A000288, ~ 4020985, [40] qu [696] 
~ A000322, 2 ~ A022342, 
— A000383, |2 — A027362, = 
— 000695, — 028859, 2 
~ A001037, ~ A031399, 
— A001045, |291} |293 — A032908, |720 
— A001110, ~ A034947, 
— A001122, ~ A035263, [1] [700] [704 
= A001220, 745 — A036991, 
~ A001262, ~ A045687, 
— A001333, [290] [722 ~ A046116, 
— A001511, |698 — A046699, 
~ A001591, 2 ~ 055578, 
— A001592, 2 — A055881, 2 
= A001764, 308 — A057460, |819 
~ A002293, ~ A057461, 
— A002294, — A057463, 
— A002475, |819 — A057474, |819 
~ 4002997, — 4064990, 
— A003188, — A065428, 
~ A003319, 2 ~ A071642, 
— 4003688, 2 — 4072226, 
— A003714, [60} [719] ~ 072276, [756 


[fxtbook draft of 2008-January-19] 


918 


— A073639 
— A073726, 
— A079471, 
— A079559, 
— A079972, 
— A080337, 


— A080764, 
— A086347, 
— A093467, 
— A095076, 
— A096393, 
— A100661, 


— A104521, 
— A106400, 
— A107220 
— A107222 
— A108918, 
— A118666, 
— A118685, 
— A125145, 


1 
5 
i 


2 


EEEBEEE 
PEEEEEE 


2 
9 


NO 
Ov 


elas 
Co] Fy] dO 
SO} SOj] 


66) 
2 


“J 
w 


No} 


694 


cS Col Coll ay 
SERRE 


~] 


I 
j=) 


9 
29 


E 


interior bit blocks, determination [13] 
interleaving process 


~ for set partitions, 


— for Trotter’s permutations, [239] 


interpolation binary search 
interpolation, linear [118] 


introsort 


inverse 


— 2-adic, 


— additive, 


modulo m, |734 


~ by exponentiation, [853] 
— cube root, iteration for, 
- in GF(Q), 


— iteration 


— modulo m, by exponentiation, 


for, 


— multiplicative, modulo m,|734 
~ of a circulant matrix, [869] 
~ permutation, [106] 


— permutation, in-place computation, [108] 


— power series over GF(2),|798 
— root, iteration for, 
— square root, iteration for, 


— XYZ transform, see XYZ transform 


inverse haar () 
inverse_haar_inplace() 
$657 


inversion principle, Mobiu: 
invertible modulo m [734 


involutions 


irreducible 


— polynomial, |808 
— trinomial, |817 


is_cyclic() 
is_quadratic_residue_2ex() 


is_small_prime() 


isolation of single bits or zeros [12] 


iteration 


—and multiple roots, [568] 


Index 


— divisionless, for polynomial roots, [560} 


— for exp, |603 


— for inverse, 


for inverse root, 


for logarithm, [599] 
for roots, p-adic, 


— for the zero of a function, [563] 


for inverse cube root, 


for inverse square root, 


— Goldschmidt, 


— Householder’s, 


— Schréder’s, 
— synthetic, 


— to compute 7, 


Ives’ algorithm for permutation generation [252] 


K, elliptic function [575] 


k-subset 


Karatsuba multiplication 

— for integers, [524] 

— for polynomials, |799 
Komornik-Loreti constant |694 


kronecker () 


Kronecker product 


— (definition) , 433 


— of Hadamard matrices, 
ksubset_gray (C++ class) 
ksubset_rec (C++ class) 
ksubset_twoclose (C++ class) [205] 
Kummer’s transformation |670 


Lambert series 
LCM, least common multiple|735 
least common multiple (LCM) |735 
left-to-right powering |538 
Legendre symbol 
Legendre’s relation 
Lehmer code, of a permutation 
lex (lexicographic) order [161] 
lexicographic order 


— (definition), |161 


— for bit combinations, 
— for combinations, [166] 
— for multiset permutations, [276] 


— for subsets, [191] 


— for subsets of a binary word, 


[fxtbook draft of 2008-January-19] 


Index 


— generalized, for mixed radix numbers, [213] 
lfsr (C++ class) 
LFSR (linear feedback shift register) |833 
LFSR, and Hadamard matrices [347] 
LHCA (linear hybrid cellular automaton) |842 
lhca2poly() 
lhca_next () 
LIFO (last-in, first-out), stack [141] 
lin2hilbert () 
linear convolution |412 
linear correlation |414 
linear feedback shift register (LFSR) 
Linear hybrid cellular automaton (LHCA) 
linear interpolation 
linear, function in a finite field [852] 
Lipski’s Gray codes for permutations [236] 
list recursions, for Gray codes [281] 
little endian machine[3] 
localized Hartley transform algorithm 
localized Walsh transform algorithm [440] 
logarithm 
— bit-wise computation, 
— computation by rectangular scheme, 
— computation via AGM, 
— computation via 7/ Won 
— curious series for, 
— iteration using exp, |599 
— of power series, 
loop in a graph|355 
loopless algorithm 
low bits, operations on |9} 
Lucas test, for ema HE 
Lucas-Lehmer test, for Mersenne numbers [763] 
lucky path, in a graph [366] 
Lyndon words 
— (definition), |336 
—and Mersenne primes, 
— binary, number of, 
— number of, 
— with fixed content, 
— with fixed density, |3844 
lyndon_gray (C++ class) 


m-sequence [347] [838] 

MAC (modular adjacent changes), Gray code [363] 
make_complement_shift_digraph() 
make_complete_digraph() 
make_oddprime_bitarray () 
mass storage convolution 
matrix (C++ class) 
matrix Fourier algorithm (MFA) 
matrix square root, applications |550 

matrix transposition, and zip permutation [94] 


919 


matrix transposition, inpace Ba 
maximal order modulo m 
maxorder_element_mod() 
mean, arithmetic-geometric [573] 
median of three elements [116 
Mephisto Waltz sequence [695] 
Mersenne numbers, Lucas-Lehmer test 
Mersenne primes 

— 23-th roots, 

— and Lyndon words, 

— generalized, 
Mersenne-Walsh transform [480] 
MFA (matrix Fourier algorithm) |406 
minimal polynomial, in GF (2) |857 
minimal-change order see Gray code 
minimum, among bit-wise rotations 
minweight_lhca_rule() 
missing, CPU lane 
mixed radix numbers [207] 
mixedradix_endo (C++ class) 
mixedradix_endo_gray (C++ class) 
mixedradix_gray (C++ class) 
mixedradix_gslex (C++ eee 
mixedradix_gslex_alt (C++ class) 
mixedradix_lex (C++ class) 
mixedradix_modular_gray (C++ class) 
Mobius function [657 
Mobius inversion principle 
mod (C++ class) 
mod m FFTs|507 
modular adjacent changes (MAC), Gray code [363] 
modular arithmetic [731 
modular multiplication [732] 
modular reduction, with structured primes [735] 
modular square root 
modulo, as equivalence classes 
modulus 

— composite, |741 

— prime, 

— prime, with NTTs, [508] 
moment conditions, for wavelet filters [518] 
monotone sequence [I3]] 


Moser — De Bruijn sequence 
moves, of the Hilbert curve 
mpartition (C++ class) 
mset_lex (C++ class) 
mset_lex_rec (C++ class) 

multi-dimensional Walsh transform |432 


multigrades 

multigraph 

multinomial coefficient 
multiple roots, iterations for [568] 


multiplication 
— by FFT, |532 


[fxtbook draft of 2008-January-19] 


920 


~ carry, [533] 


— integer vs. float, 6] 
— is convolution, 
— Karatsuba, 
— modulo m, 
— of complex numbers via 3 real mult., 
— of hypercomplex numbers, 
— of octonions, |790 
— of polynomials, 
— of quaternions, 
— sum-of-digits test, 
multiplication matrix, for normal bases 
multiplication table, of an algebra [787] 
multiplicative function 
multiplicative inverse, modulo m|734 


multiset 


N-polynomial (normal polynomial) |865 
NAF (nonadjacent form) 

NAF, Gray code [290] 

necklace (C++ class) 


necklace2bitpol (C++ class) 


necklaces 
— as equivalence classes, [129] 
— binary, 


— binary, number of, |343 

— definition, [335] 

— with fixed content, 

— with fixed density, |344 
negacyclic convolution 
neighbors of a node in a graph|355] 
Newton’s formula|859 
Newton’s iteration, for vector-valued functions|520] 
node (vertex) of a graph 
non-generous primes 
nonadjacent form (NAF) 
nonadjacent form (NAF), Gray code [290] 
noncyclic ring |743 
normal bases, for GF(2”) 
normal basis, optimal 
normal polynomial 
normal_mult () 
normal_solve_reduced_quadratic() 
NTT 

— (number theoretic transforms), |507 

— radix-2 DIF, |510 

— radix-2 DIT,|509 

— radix-4, |512 
number of 

~ alternating permutations, [269] 

— aperiodic necklaces, 

— binary necklaces, 

— binary partitions of even numbers, 


Index 


— binary reversible strings, [130] 
~ binary words at most r successive ones, [285] 
— bracelets, [130] 
— carries, |210 
— cycles in De Bruijn graph, 
— De Bruijn sequences, |839 
— derangements, [270] 
~ equivalence relations, [131] 
— fixed density Lyndon words, 
— fixed density necklaces, 
— generators modulo n, 
— indecomposable permutations, [270] 
— integer partitions, |316 
— integers coprime to n, 
~ invertible circulant matrices, [869] 
— involutions, [268] 
— irreducible polynomials, 
— Lyndon words, 
— m-sequences, 
— necklaces, 
— normal polynomials, 
— ones in binary Gray code, |709 
— parenthesis pairs, [306] 
— partitions into distinct parts, |318 
— permutations of a multiset, 
— permutations with m cycles, 
— primitive normal polynomials, [868] 
— primitive polynomials, 
— restricted growth strings, 
— shift register sequences, [838 
— sparse signed binary words, 
— strings with fixed content, 
— swaps with revbin permutation, 
— units in GF(Q),|854 
— units modulo m,|742 
~ unlabeled bracelets, [130] 
~ unlabeled necklaces, [130] 
number theoretic transforms (NTT) |507 


O(1) algorithm [162] 
octonions [788 
ONB (optimal normal basis) |875 
one-point iteration 
optimal normal basis (ONB) |875 
optimization, with combinatorial generation [162 
OR-convolution |462 
order 
— of a polynomial, 
— of an element modulo m,|739 
— of an iteration, [563] 
out of core algorithms 


[fxtbook draft of 2008-January-19] 


p-adic roots, iterations for [543] 
Padé approximants 

— for arctan, 

— for exp, |604 

— for the logarithm, 
paper-folding sequence 
paren (C++ class) 
paren_gray (C++ class) 
parentheses, and binary words 
parity 

— number, 

— of a binary word, 

— of a permutation, 
parity (parity of a word), GCC builtin [21] 
Parseval’s equation [376] 
partition 

— of a set, 

— of an integer, 


partition (C++ class) 
partition_rec (C++ class) 
partitioning, for quicksort 
Pascal’s triangle 

path ina ey 

perc64 (C++ class) 


Pell 

— constant, [723] 

~ equation, [778] 

— Gray code constant, |726 

— palindromic constant, 

— ruler function, 
Pell words, Gray code |288| 
pentanacci numbers 
pentanomial 
Pepin’s test, for Fermat numbers 
period of a polynomial |809 
period-doubling constant 
period-doubling sequence {11} [700} 
perm_colex (C++ class) 
perm_derange (C++ class) 
perm_gray_ffact (C++ class) 
perm_gray_ffact2 (C++ class) 
perm_gray_lipski (C++ class) 
perm_gray_rfact (C++ class) 
perm_gray_roti (C++ class) 
perm_gray_wells (C++ class) 
perm_heap (C++ class) 
perm_heap2 (C++ eee BD 
perm_heap2 swaps (C++ class) [236] 
perm_ives (C++ class) 
perm_lex (C++ class) 
permmv0O (C++ class) 
perm_rec (C++ class) 
perm_restrpref (C++ class) [268] 


perm_rev (C++ class) 
perm_rev2 (C++ class) 
perm_rot (C++ class) 
perm_st (C++ class) 
perm_st_gray (C++ class) 
perm_star (C++ class) 
perm_star_swaps (C++ class) 
perm_trotter (C++ class) 
perm_trotter_lg (C++ class) 
permutation 

— alternating, |269 

—as path in the complete graph, 

— composition, [105] 

— connected, 

— cycle type, [268] 

— cycles, [106] 

— cyclic, random, 

— derangement, 

— indecomposable, 

— inverse of, 

— involution, a 

— of a multiset, |276 

— random, {113 

— with m cycles, number of, [267] 
Pfaff’s reflection law |667 
phi function, number thoeretic [741] 
mT, computation 
pitfall, shifts in C 
pitfall, two’s complement 
Pocklington-Lehmer test, for primality |761 
pointer sort 
pointer, Socata 
polar decomposition, of a matrix [552 
polynomial 

— binary, weight, 

— irreducible, 

— multiplication, [413] 

— multiplication, splitting schemes, 

— primitive, [809] 

— roots, divisionless iterations for, [560] 
popcount (bit-count), GCC builtin [21] 
power series 


921 


— computation of exponential function, [607] 


— computation of logarithm, 
powering 

~ algorithms, [537] 

— modulo m,|734 

— of permutations, 110} 

— of the binary Gray code, 
Pratt’s certificate of ea a 
prefix shifts, order for combinations [169] 
prev_lexrev() 
prime length FFT, Rader’s algorithm [427] 


primes 


[fxtbook draft of 2008-January-19] 


922 


—and cyclotomic polynomials, |768 
—as modulus, |741 
—as modulus, with NTTs, [508} 


~ non-generous, [745] 
— sieve of Eratosthenes, 


— structured, |735 
— Wieferich, ce 
— with primitive root 2, 
primitive 
— n-th root, modulo m, 
—r-th root of unity, 
— elements of a group, 
— pentanomial, |820 
— polynomial, 
~ root, [426] 
— root in GF(2"), |854 
— root of Mersenne primes, 
— trinomial, 
print_cycles() 
priority queue |149 
priority_queue (C++ class) 
product form 


~ for a-th root, 
— for continued fractions, 


~ for elliptic K, 


— for power series of exp, |607 

— for square root, 
products of k out of n factors [168] 
products, infinite, from series [659] 
Proth’s theorem [762 
Prouhet-Thue-Morse constant 


pseudo graph 
pseudo-inverse, of a matrix 
pseudoprime 


pseudoprime, strong (SPP) 
Pythagorean triples 


Qc cece cee tetetesttttettttesesee 
Q-matrix [827] 

quadratic convergence [563] 

quadratic residue (square) modulo p|749 
quadratic residues, and Hadamard matrices 
quadruple reversion trick [92 

quantization |126 

quantize() 

quartic convergence |563 

quaternions |788 

queue (C++ class) 

queue (FIFO) 

quicksort 


R2CFT see real FFT 
R2CFT (real to complex FT) |398 


Index 


rabbit constant 

rabbit sequence 

Rabin’s test for irreducibility [811] 
Rabin-Miller test, for compositeness 
Rader’s algorithm, for prime length FFT 
radix —2 representations 

radix (base) vonrenon tat 

radix permutation 

radix sort 

radix_sort () 

random permutation 3 

random selection 

ranking, with combinatorial objects [162] 
rational, square root iterations [544] 
re-orthogonalization, of a matrix [550] 
real FFT 

— by FHT, |491 

— split-radix algorithm, [401] 

— with wrap routines, |399 
reciprocal polynomial [813] 
rectangular scheme 

— for arctan and log, |617 

— for exp, sin, and cos,|619 
recurrence 

— (definition) ,|635 

— inhomogeneous, 

~ relation, [635] 

— relation, for subsequences, 
red code 
reduction 

— modular, with structured primes, 

—modulo 2? + 2+ 1 ete., 
Reed-Muller transform 

— (definition), |459 

— and necklaces, 

— convolution property, |463 
relation, binary |127 
relex order 
representations, radix —2[56] 
restricted growth strings 

— (definition), |301 

— for k-ary trees, 

— for parenthesis strings, 

— for set partitions, 
revbin 

— (bit-wise reversal), 

— constant, [706] 

— pairs, via shift registers, [837] 


— permutation, 
— permutation, and convolution by FFT,|411 


revbin_permute() 
Se 
reversal, of a permutation [105] 
reverse _0() 


[fxtbook draft of 2008-January-19] 


Index 


reversed Gray code 
reversed Gray code permutation (TTT 
reversed zip permutation |95| 
reversing the bits of a word |30| 
RGS (restricted growth string) |301| 1 Boy 
RGS, for set partitions [324] [324] 
rgs_binomial (C++ class) |307| 
rgs_fincr (C++ class) 
rgs.maxincr (C++ class) 
right-angle convolution [418] 
right-to-left powering |537 
ring buffer 
ring, cyclic 
ringbuffer (C++ class) 
rising factorial basis [222] 
root 
— p-adic, iterations for, 
— extraction, 
— inverse, iteration for, 
— of a polynomial, divisionless iterations, [560] 
— primitive, |741 
— primitive, in GF(2”), |854 
— primitive, modulo m, 
— primitive, of Mersenne primes, 
rotate_left () 
rotate_sgn() 
rotation, ety 
rotation, by triple reversion [91] 
row-column algorithm [405] 
ruler constant 


ruler function |196} 
ruler func (C++ class) 


Sande-Tukey FFT algorithm 
scalar ee 

Schréder’s formula 

search, binary |117 

searching, with unsorted arrays [137] 
secant method 

sedenions [788 

selection sort 

self correlation [414 

self-dual (basis over GF2”) 
self-reciprocal polynomial 
semi-continuous Fourier transform 77] 
sentinel element 

sequence see integer sequence 


sequency [448] 


sequency, of a ad word [42] 

set partition 

a (C++ class) [321 [321] 
set_partition_rgs (C++ class) |324| [324] 


setup_q-matrix() [827 [827] 


shift operator, for Fourier transform |380 
shift operator, for Hartley transform 


shift register sequence (SRS) 
shift-and-add algorithms 


shifts in C, pitfall 

shifts, and desiont 

shifts-order, for subsea 

sieve of Eratosthenes 

sign decomposition, of a matrix [553] 
sign of a permutation 

sign of the Fourier transform |376 
signed binary representation 


signed binary words, sparse, Gray code [290] 


simple continued fraction [680] 
simple path in a graph 
sine transform (DST) 
sine, CORDIC algorithm 
sine, in a finite field [775] 
single bits or zeros, isolation of 
single track 

— binary Gray code, [367] 

— order for permutations, 

— order for subsets, [197] 


singular value decomposition (SVD) |551 


skew circular convolution |418 

slant transform 

slant transform, sequency ordered 
slow_convolution() 


slow_ft() 


smart, your compiler [25] 


sorting, edges in a graph |366 
sorting, using a Neel 
space-filling Hilbert curve [333] 
sparse counting, and bit subsets [63] 


sparse signed binary representation [59] 
sparse signed binary words, Gray code 


sparse words, bit counting 
split-radix FFT algorithm 
splitting schemes for multiplication 

— for integers, [524] 

— for polynomials over GF(2),|799 


splitting, binary, for rational series |611 


SPP (strong pseudoprime) |753 
sqrt_modf () 
sqrt_modp () 
sqrt_modpp () 
square modulo p 
square of a permutation [109] 
square root 

— 2-adic, 

— in GF(2”), |854 

— iteration for, 

— modulo p,}751 

— of a matrix, applications, [550} 


[fxtbook draft of 2008-January-19] 


923 


924 


squarefree factorization, with polynomials [832] 
SRS (shift register sequence) |833 
stable sort 
stack (Ct+ class) 
stack (LIFO) 
stack, for coroutine emulation [156] 
star-transposition order, for permutations [259] 
state engine, for coroutine emulation [156] 
state-engine |154 
Stirling numbers 
— of the first kind (cycle numbers), 
— of the second kind (set numbers), 
strictly convex sequence 
strictly monotone sequence 
string substitution engine 
string subst (C++ class) 
strings with fixed content 
strong minimal-change order 
strong minimal-change order for combinations[173] 
strong pseudoprime (SPP) 
structured primes 
subdegree of a polynomial [821] 
subfactorial numbers [270] 
subsequences, recurrence relations for [641] 
subset of bit-set, testing [6] 
subset_debruijn (C++ class) 
subset_deltalex (C++ class) 
subset_gray (C++ class) 
subset_gray_delta (C++ class) 
subset_lex (C++ class) 
subsets 
— of k bits (combinations), 
— of a binary word, 
— of a multiset, 
subtraction, modulo m|731 
sum of Gray code digits constant 
sum of two squares [777| 
sum-of-digits constant 
sum-of-digits test, with multiplication [536] 
sumalt algorithm [621] 
sumdiff () 
super-linear iteration [563] 
SVD (singular value decomposition) |551 
Swan’s theorem |819 
swap without temporary [7] 
swap, conditional [23] 
swapping blocks via quadruple reversion [92 
swapping two bits [9] 
symmetries, of revbin permutation [86] 
synthetic iterations [691] 


Oe egihiges eaten cona dea asec dae ceeds 
tcrc64 (C++ class) 
tensor product 


Index 


tetranacci numbers |286| 
Thue constant 


Thue-Morse sequence [39] 
thue morse (C++ class) 
TMFA (transposed matrix Fourier algorithm) |406 
toggle between two values |6 
Toom-Cook cath BSE 
Toom-Cook algorithm for binary polynomials [803] 
totient function [741 
towers of Hanoi|/01 
trace 
— of a polynomial, 
— of an element in GF(2"),|853 
— vector, fast computation, |859 
— vector, in finite field, 
transformations, for elliptic K and E 
transformations, of hypergeometric functions [666] 
transforms, on binary words [45] 
transition count, for a Gray code [367| 
transpose () 
transposed matrix Fourier algorithm (TMFA) 
transposed Reed-Muller transform [460] 
transposition of a matrix, and zip permutation [94] 
transposition of a matrix, in-place 
transposition, with permutation [108] 
tree_gray (C++ class) 
triangular square numbers 
tribonacci numbers 
trinomial 
— primitive, 
— trace vector, [860| 
triple reversion trick [91] 
Trotter’s algorithm for permutations [239] 
two’s complement, pitfall [5] 
two-close order for k-subsets 205] 
two-close order for combinations {176 
type-1 optimal normal basis [875] 
type-2 optimal normal basis |[876| 
type-t Gaussian normal basis [877] 


unique 

units (invertible elements) |734 

unlabeled bracelets [130] 

unranking, with combinatorial objects 
unsorted arrays, searching [137] 

unzip permutation 

unzip_rev() 


Walsh transform [429] 


[fxtbook draft of 2008-January-19] 


Index 


Walsh transform, multi-dimensional [432] 
walsh_pal_basefunc() 

walsh_qi() 

walsh_q2() 

walsh_wak_basefunc() 
walsh_wak_dif2() 
walsh_wak_dit2() 
walsh_wal_basefunc() 

walsh _wal_rev() 
walsh_wal_rev_basefunc() 
wavelet conditions |516 

wavelet filter 

wavelet transform |515 

wavelet filter (C++ class) 
weight, of binary polynomial |809 
weighted convolution [418] 

weighted sum of Gray code digits constant 
weighted sum-of-digits constant 
weighted transform 

Wells’ Gray code for permutations [238] 
Whipple’s identity 

Wieferich primes 


De geet aan a eget ake tes 


XOR permutation 
XOR, cyclic 
XOR-convolution [445] 
xor_permute () 
xrevbin() 

x, series for [676] 


Me eee ees ee 
yellow code 
fe Re ee Tee ee eee Tee 


Z-order 

z-transform |423 

Zeckendorf representation 
zero bytes, finding [54] 

zero divisors, of an algebra[788| 


zero padding, for linear convolution |412 


zero-one transitions, determination 
zipQ 

zip permutation 

zip, bit-wise 


zip_rev() 
z*, series for 


[fxtbook draft of 2008-January-19] 


926 Index 


[fxtbook draft of 2008-January-19] 


